Base URL: value of GODEPLOY_ADDR (default http://127.0.0.1:8081).
- Response:
200with plain bodyok(liveness). - Headers: daemon responses go through security middleware (
Cache-Control: no-store,X-Content-Type-Options: nosniff, etc.). - Usage: load balancers and Kubernetes probes.
- Body: raw JSON payload from GitHub or GitLab (same bytes used for signature verification).
- GitHub headers:
X-GitHub-Event, optionallyX-Hub-Signature-256whenGODEPLOY_WEBHOOK_SECRETis set. - GitLab headers:
X-Gitlab-Event, optionallyX-Gitlab-Tokenwhen a secret is configured. - Rate limit: token bucket per remote IP (
GODEPLOY_WEBHOOK_RPS,GODEPLOY_WEBHOOK_BURST). - Max body size: 1 MiB in the current server.
- Error responses: generic messages on 4xx/5xx; details in structured logs.
- Success (processed
push):200withContent-Type: application/jsonand fields such asprovider,app,runtime,image_tag,new_container_id,old_container_id,routed_target(seehandleWebhookincmd/godeployd).
Minimal example (GitHub ping or replace body with a real push):
curl -sS -X POST "http://127.0.0.1:8081/webhook" \
-H "Content-Type: application/json" \
-H "X-GitHub-Event: ping" \
-d '{}'- Response:
application/jsonwith a list of running containers and approximate CPU/memory metrics. - Internal timeout: short window in the handler; collection failures return
500without exposing stack traces to the client.
- Upgrade: WebSocket.
- Query:
containeris required (Docker ID or name). - Origin: browser requests only with the same
Hostor origins listed inGODEPLOY_WS_ALLOWED_ORIGINS. - Messages: JSON per line (
stream,line) as implemented ininternal/observability.
Reference client: cmd/godeploy-logtail.