add support for signature header

go.mod

@@ -1,5 +1,7 @@
 module github.com/drone-plugins/drone-webhook
 
+go 1.14
+
 require (
 	bou.ke/monkey v1.0.1 // indirect
 	github.com/aymerick/raymond v2.0.2+incompatible // indirect

main.go

@@ -70,6 +70,11 @@ func main() {
 			Usage:  "skip ssl verification",
 			EnvVar: "PLUGIN_SKIP_VERIFY",
 		},
+		cli.StringFlag{
+			Name:   "secret",
+			Usage:  "secret to generate signature",
+			EnvVar: "PLUGIN_SECRET,WEBHOOK_SECRET",
+		},
 		cli.StringFlag{
 			Name:   "repo.owner",
 			Usage:  "repository owner",
@@ -196,6 +201,7 @@ func run(c *cli.Context) error {
 			ValidCodes:  c.IntSlice("valid-response-codes"),
 			Debug:       c.Bool("debug"),
 			SkipVerify:  c.Bool("skip-verify"),
+			Secret:      c.String("secret"),
 		},
 	}
 

plugin.go

@@ -2,7 +2,10 @@ package main
 
 import (
 	"bytes"
+	"crypto/hmac"
+	"crypto/sha256"
 	"crypto/tls"
+	"encoding/hex"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
@@ -47,6 +50,7 @@ type (
 		ValidCodes  []int
 		Debug       bool
 		SkipVerify  bool
+		Secret      string
 	}
 
 	Job struct {
@@ -117,6 +121,16 @@ func (p Plugin) Exec() error {
 
 		req.Header.Set("Content-Type", p.Config.ContentType)
 
+		if p.Config.Secret != "" {
+			// generate signature with secret and body
+			h := hmac.New(sha256.New, []byte(p.Config.Secret))
+			h.Write(b)
+			sha := hex.EncodeToString(h.Sum(nil))
+
+			// append signature to headers
+			req.Header.Set("X-Drone-Signature", sha)
+		}
+
 		for _, value := range p.Config.Headers {
 			header := strings.Split(value, "=")
 			req.Header.Set(header[0], header[1])