Ability to require a specific header to accept incoming webhook.

[greatestusername]

Component(s)

receiver/webhookevent

Is your feature request related to a problem? Please describe.

Use Case:
Many webhooks send along an HTTP header to pass a secret/token. For example GitLab uses the token X-GitLab-Token.

Describe the solution you'd like

Allow an optional config setting in the webhook receiver to add a header that must be matched before accepting the incoming connection.

Essentially a config like:

receivers:
  webhookevent:
    endpoint: 0.0.0.0:9444
    path: "/event"
    required_header: "
      key: "X-Gitlab-Token"
      value: "blahblahblah"

Any requests to the webhook receiver that do not have that required header would be returned a 401

Describe alternatives you've considered

Possible some integrations would want to send a token in the query param but headers is most common.

Additional context

No response

[github-actions]

Pinging code owners:

• receiver/webhookevent: @atoulme @shalper2

See Adding Labels via Comments if you do not have permissions to add labels yourself.

[greatestusername]

I have working code and tests for this if @atoulme / @shalper2 would like to sponsor the addition.

[shalper2]

I would be more than happy to sponsor this

[atoulme]

I believe the work here is complete, thanks @greatestusername !