diff --git a/modules/github-events/main.tf b/modules/github-events/main.tf index 76fd8b9b..4838b498 100644 --- a/modules/github-events/main.tf +++ b/modules/github-events/main.tf @@ -45,15 +45,25 @@ module "this" { } ports = [{ container_port = 8080 }] env = concat( - [{ - name = "WEBHOOK_SECRET" - value_source = { - secret_key_ref = { - secret = module.webhook-secret.secret_id - version = "latest" + [ + { + name = "WEBHOOK_SECRET" + value_source = { + secret_key_ref = { + secret = module.webhook-secret.secret_id + version = "latest" + } } + }, + { + name = "REQUESTED_ONLY_WEBHOOK_ID" + value = var.requested_only_webhook_id + }, + { + name = "WEBHOOK_ID" + value = var.webhook_id } - }], + ], [for name, secret in var.additional_webhook_secrets : { name = "WEBHOOK_SECRET_${upper(name)}" value_source = { diff --git a/modules/github-events/variables.tf b/modules/github-events/variables.tf index a10bfea2..ff9b945c 100644 --- a/modules/github-events/variables.tf +++ b/modules/github-events/variables.tf @@ -57,7 +57,7 @@ Additional secrets to be used by the service. See https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/cloud_run_v2_service#nested_env for related documentation. EOD - default = {} + default = {} } variable "service-ingress" { @@ -93,3 +93,15 @@ variable "squad" { error_message = "squad needs to specified or disable check by setting require_squad = false" } } + +variable "requested_only_webhook_id" { + description = "If set, the csv IDs of the webhooks that should only receive check requested events." + type = string + default = "" +} + +variable "webhook_id" { + description = "If set, the csv IDs of the webhooks that the trampoline should listen to." + type = string + default = "" +}