Notifications#
You can receive webhook notifications when specific events happen in Orchest. For example, when a job fails. Whenever an events triggers, Orchest will send an HTTP request to your desired endpoint with a payload of information. For example:
{
"delivered_for": {
"name": "Test webhook",
"verify_ssl": false,
"content_type": "application/json",
"uuid": "a1edb89c-1cfb-4086-8f75-ab073612c5bf",
"type": "webhook"
},
"event": {
"type": "ping",
"uuid": "08bd2a31-9b17-4d1b-83ba-b4538a970dee",
"timestamp": "2022-06-02 16:12:25.242592+00:00"
}
}
To create a webhook, navigate to “Notification settings” in Orchest settings. The webhook dialog will ask for the following:
Webhook URL: Where Orchest sends the HTTP requests to. Activate incoming webhooks on your desired channel (for example: Slack) and verify the connection with the “Test” button.
Content type: Either
application/json
(default) orapplication/x-www-form-urlencoded
.Webhook name (optional): A custom name for your webhook. This is helpful when creating multiple webhooks with similar URLs.
Secret (optional): A secret string that you can use to verify the origin of the request (see below).
(You can read the source code of the webhook schema).
Verifying the webhook#
The HTTP request of the webhook will contain additional headers that can verify the webhook is coming from Orchest.
X-Orchest-Event
The event type.
X-Orchest-Delivery
UUID of the delivery.
X-Hub-Signature
SHA-256 HMAC digest of the payload.
The following sample code verifies the payload signature is the same as the expected one from the webhook secret:
import hashlib
import hmac
import os
def verify_signature(payload, request_headers):
"""
Verify that the signature of payload is the same
as the one expected from the stored webhook secret.
"""
if not isinstance(body, bytes):
body = body.encode("utf-8")
digest = hmac.new(
os.environ["WEBHOOK_SECRET"].encode("utf-8"),
body,
hashlib.sha256
)
expected_signature = digest.hexdigest()
return hmac.compare_digest(
request_headers["X-Hub-Signature"].encode(),
expected_signature.encode(),
)