Trigger runs via Webhook

You can now trigger RWX runs from third party webhooks. When a critical alert fires in PagerDuty or Datadog, kick off an RWX run to analyze the incident, roll back a deployment, or run any custom automation you need.

First class automation

Getting started is easy.

Webhook triggers are defined as infrastructure as code in the on section of your run definition. The incoming webhook data is captured in initialization parameters that your tasks can access.

Here's an example PagerDuty webhook trigger with signature verification:

on:
  webhook:
    key: test-webhook
    init:
      headers: ${{ event.webhook.headers }}
      body: ${{ event.webhook.body }}

tasks:
  # continued below...

Most webhook providers offer signature verification to ensure requests are authentic. Here we use the pagerduty/verify-signature RWX package. Consult your provider's documentation for their specific verification method.

- key: verify-signature
  call: pagerduty/verify-signature 1.0.0
  with:
    body: ${{ init.body }}
    headers: ${{ init.headers }}
    secret: ${{ vaults.your-vault.secrets.pagerduty-webhook-secret }}

After the payload is verified, we can perform our automation:

- key: automation
  after: verify-signature
  cache: false
  run: |
    MESSAGE=$(echo "$BODY" | jq -r '.event.data.message')
    echo "$MESSAGE"
  env:
    BODY: ${{ init.body }}

Once you've pushed your webhook trigger definition, navigate to the RWX runs page and choose "Manage webhooks" from the "Managed Triggers" dropdown. Select your webhook definition to view its URL and token.

Finally, configure your third party webhook provider to POST to the webhook URL with your token in an HTTP header named x-rwx-webhook-token.

To learn more, check out the webhook triggers documentation.

Demo

RWX makes it easy to build, test, and deploy automation workflows. Engineering teams already run automation on RWX via crons and manual dispatches — now you can trigger runs via webhooks, too.