gh-webhook
gh-webhook copied to clipboard
cli
Simulate `installation` key in event body
In order to fully simulate a webhook event request that was triggered by a GitHub App, the "installation" key needs to be present. As --repo or --org need to be passed, we could retrieve the installation object with one of these requests
- https://docs.github.com/en/rest/apps/apps#get-an-organization-installation-for-the-authenticated-app
- https://docs.github.com/en/rest/apps/apps#get-a-repository-installation-for-the-authenticated-app
However the CLI would need the the GitHub App ID and Private Key in order to authenticate for these endpoints, the latter is quite long. Maybe a path to a .pem file would work?
gh webhook forward --url http://localhost:3000 --events issues --repo my-org/my-repo --secret '<my-secret>' --app-id 123 --app-private-key-path ./private-key.pem
I think a much simpler approach might be to just pass the installation id as CLI argument
--installation 123
and the plugin would add the installation key to the event payload based on it
"installation": {
"id": 123
}
GitHub also sets installation.node_id, but at least from my experience, that key is not needed. installation.id is all that's required in order to create the installation access key
Yet another approach might be to set some kind of special header so that the app code knows it's run in a dev environment and need to get the installation by itself. The app already has access to the repository and the GitHub App credentials, that's all that is needed. It could be built into the GitHub App SDKs such as https://github.com/octokit/app.js. But I think I would prefer the other two options mentioned above, so we don't need different behavior depending on environment