From be051ad7d2e6accaf7887c0bb9625fe25bce8e09 Mon Sep 17 00:00:00 2001 From: Manuel Raynaud Date: Wed, 26 Mar 2025 15:10:26 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B(ci)=20use=20sha256=20to=20sign=20a?= =?UTF-8?q?rgocd=20webhook=20call?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The argocd webhook call needs now to use sha256 digest now to sign --- .github/workflows/docker-hub.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-hub.yml b/.github/workflows/docker-hub.yml index 935742d1..9321a1ee 100644 --- a/.github/workflows/docker-hub.yml +++ b/.github/workflows/docker-hub.yml @@ -134,5 +134,5 @@ jobs: name: Call argocd github webhook run: | data='{"ref": "'$GITHUB_REF'","repository": {"html_url":"'$GITHUB_SERVER_URL'/${{ secrets.DEPLOYMENT_REPO_URL }}"}}' - sig=$(echo -n ${data} | openssl dgst -sha1 -hmac "${{ secrets.ARGOCD_PREPROD_WEBHOOK_SECRET }}" | awk '{print "X-Hub-Signature: sha1="$2}') + sig=$(echo -n ${data} | openssl dgst -sha256 -hmac "${{ secrets.ARGOCD_PREPROD_WEBHOOK_SECRET }}" | awk '{print "X-Hub-Signature-256: sha256="$2}') curl -X POST -H 'X-GitHub-Event:push' -H "Content-Type: application/json" -H "${sig}" --data "${data}" ${{ vars.ARGOCD_PREPROD_WEBHOOK_URL }} \ No newline at end of file