Add ability to specify custom webhook headers
Description
Currently, web hooks support sending an authentication token in the X-Gitlab-Token
header. I propose adding the ability to send a token in an arbitrary header.
Proposal
I want to integrate with a system that is hard coded to accept authentication tokens only from a certain custom header. This makes it impossible to trigger the system using GitLab web hooks, because they insist on sending the token in the X-Gitlab-Token
header. I would like there to be an option to configure the name of the header the token is sent in.
GitLab Proposal
- (link: #17290 (comment 951907862)) Support a flexible (but limited) number of headers.
- (link: #17290 (comment 951909520)) Ensure values are encrypted and do not surface in logs,
WebHookLog
records, or the UI. - This work may resemble in some ways the work done for encrypted tokens in URLs &7970 (closed)
Links / references
Edited by Luke Duncalfe