name: notify-image-updater description: | POSTs a CloudEvents v1.0 envelope to the in-cluster argocd-image-updater webhook so the controller reconciles the matching ImageUpdater CR immediately instead of waiting for the next 30s poll. Pair this with the docker/build-push-action step that publishes the image. inputs: image: description: 'Fully-prefixed image repository, e.g. git.aceofba.se//.' required: true tag: description: 'Tag that was just pushed.' required: true digest: description: 'Image digest from docker/build-push-action (steps..outputs.digest).' required: true secret: description: 'CloudEvents shared secret. Defaults to the IMAGE_UPDATER_WEBHOOK_SECRET repo/org secret.' required: false default: ${{ env.IMAGE_UPDATER_WEBHOOK_SECRET }} webhook-url: description: 'Webhook endpoint. Override only when running against a non-default cluster.' required: false default: 'http://argocd-image-updater.argocd.svc.cluster.local:8080/webhook' runs: using: composite steps: - name: Notify argocd-image-updater shell: bash env: WEBHOOK_URL: ${{ inputs.webhook-url }} WEBHOOK_SECRET: ${{ inputs.secret }} IMAGE: ${{ inputs.image }} TAG: ${{ inputs.tag }} DIGEST: ${{ inputs.digest }} run: | set -euo pipefail if [[ -z "${WEBHOOK_SECRET}" ]]; then echo "::error::IMAGE_UPDATER_WEBHOOK_SECRET is empty. Set it as a repo/org secret or pass 'secret:' to this action." >&2 exit 1 fi curl -fsS -X POST \ "${WEBHOOK_URL}?type=cloudevents&secret=${WEBHOOK_SECRET}" \ -H 'Content-Type: application/json' \ -d @- <