github-events: Add tf vars for webhook id env vars

modules/github-events/main.tf

@@ -45,15 +45,25 @@ module "this" {
       }
       ports = [{ container_port = 8080 }]
       env = concat(
-        [{
-          name = "WEBHOOK_SECRET"
-          value_source = {
-            secret_key_ref = {
-              secret  = module.webhook-secret.secret_id
-              version = "latest"
+        [
+          {
+            name = "WEBHOOK_SECRET"
+            value_source = {
+              secret_key_ref = {
+                secret  = module.webhook-secret.secret_id
+                version = "latest"
+              }
             }
+          },
+          {
+            name  = "REQUESTED_ONLY_WEBHOOK_ID"
+            value = var.requested_only_webhook_id
+          },
+          {
+            name  = "WEBHOOK_ID"
+            value = var.webhook_id
           }
-        }],
+        ],
         [for name, secret in var.additional_webhook_secrets : {
           name = "WEBHOOK_SECRET_${upper(name)}"
           value_source = {

modules/github-events/variables.tf

@@ -57,7 +57,7 @@ Additional secrets to be used by the service.
 
 See https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/cloud_run_v2_service#nested_env for related documentation.
 EOD
-  default = {}
+  default     = {}
 }
 
 variable "service-ingress" {
@@ -93,3 +93,15 @@ variable "squad" {
     error_message = "squad needs to specified or disable check by setting require_squad = false"
   }
 }
+
+variable "requested_only_webhook_id" {
+  description = "If set, the csv IDs of the webhooks that should only receive check requested events."
+  type        = string
+  default     = ""
+}
+
+variable "webhook_id" {
+  description = "If set, the csv IDs of the webhooks that the trampoline should listen to."
+  type        = string
+  default     = ""
+}