d1b71a0a8a
* security: Update dind base image to patch multiple CVEs Patches CVE-2023-45288 CVE-2024-2511 CVE-2024-32002 CVE-2024-32004 CVE-2024-32020 CVE-2024-32021 CVE-2024-32465 * ci: Tweak automated security update PR title * Remove unused image hashes from oci_deps * Tweak oci_deps comment * Fixup old @wolfi_base references * Add wolfi_base load * use the correct base image * Remove unneeded wolfi_base call |
||
|---|---|---|
| .. | ||
| internal | ||
| .env.example | ||
| BUILD.bazel | ||
| config.example.yaml | ||
| image_test.yaml | ||
| main.go | ||
| README.md | ||
Linear Webhooks
Development
Caution
DO NOT commit your api key
First make a copy of the dotenv file and set the API key and webhook signing secrets in .env based on the Linear API settings. If you don't have access, reach out to #wg-linear-trial.
cp .env.example .env
source .env
go run .
Use ngrok to get a public URL for receiving webhook events:
ngrok http 3000
Set the webhook URL in Linear.
Deployment
This service is deployed as a MSP service. Learn more from go/msp.
Caution
Keep your secret safe
In production, it's recommended to create a Linear OAuth2 application, and create a developer token using application identity as actor. Then, set the developer token as LINEAR_PERSONAL_API_KEY in the deployment. Othewise, your personal identity will be associated with all requests.
Unfortunately, Linear only supports authorization_code grant type, but not client_credentials. Authenticating through the web interface (e.g., OAuth callback) is a lot of added complexity for a simply webhook service. We will revisit in the future.
Configuration
Refer to config.example.yaml