Summary
Sync organization webhooks from declarative YAML config.
Scope
Webhooks are structured list definitions, so this should use a file input plus per-org overrides:
webhooks-file- optional inline/per-org
webhooks in orgs.yml
- optional
delete-unmanaged-webhooks
Candidate fields
- webhook name/type, if applicable
- URL
- active/inactive state
- events
- content type
- insecure SSL setting, if supported
- secret reference, not secret value
Security notes
- Do not store webhook secrets directly in YAML examples or committed config.
- Prefer referencing an environment variable or GitHub secret name for the webhook secret.
- Mask any resolved webhook secret with
core.setSecret() and never log authenticated or secret-bearing URLs.
Questions to resolve
- Match existing webhooks by URL, name, or config URL?
- Should secret rotation force an update even when other fields match?
- Should unmanaged deletion be supported or only create/update?
Summary
Sync organization webhooks from declarative YAML config.
Scope
Webhooks are structured list definitions, so this should use a file input plus per-org overrides:
webhooks-filewebhooksinorgs.ymldelete-unmanaged-webhooksCandidate fields
Security notes
core.setSecret()and never log authenticated or secret-bearing URLs.Questions to resolve