User Guide Getting Started Help Center Documentation Community Training
Looker
  
English
Français
Deutsch
日本語
Configuring the Webhook Deploy Secret

A webhook deploy endpoint prompts your Looker instance to pull the master branch of your project and deploy any changes in the master branch to the production version of your project. For most projects, the production branch and the master branch are one and the same, so you do not need the deploy webhook. However, for projects where the production branch is decoupled from the master branch, such as configurations with a staging instance used for testing, the deploy webhook pulls changes from the staging instance to the production instance.

You don’t need to use the webhook if you develop your project using the Looker IDE, since the Looker IDE has a Deploy to Production button that is displayed as part of the development workflow after you have committed changes to your project.

You do need to use a deploy webhook to push changes to production if:

If you are a Looker admin, you can configure the deploy webhook to require a secret so that only authorized parties can trigger it.

Looker developers who are not admins can view the Project Settings page but cannot change the options there.

Adding a Deploy Secret

To add a webhook deploy secret to your project:

  1. From your project, select Project Settings from the Git drop-down menu.
  2. Scroll down to the Webhook Deploy Secret section, then click Set Webhook Secret. Looker will automatically generate a secret token. You can use this automatically generated secret, or you can type in your own secret token.
  3. Whether you are using the automatically generated secret or creating your own secret, copy the webhook deploy secret and paste it to a text file so you’ll have it if you need to add the secret to the webhook for your repository. Be sure to copy it at this point. Once you leave or refresh the Project Settings page, you lose access to the webhook deploy secret and will have to change or remove the webhook deploy secret to regain access.
  4. Click Save Project Settings.

The deploy webhook for your project now requires this secret. For projects that use a Looker staging instance, you need to include the webhook deploy secret in your HTTP header in order to deploy to production. For projects with Git pull request integration, you need to go to your Git provider’s interface to add the secret to the webhook for your repository.

Configuring the Secret for Your Git Repository’s Webhook

For projects with Git pull request integration, if you have added a deploy webhook secret to your LookML project, you need to go to your Git provider’s interface to add the secret to the webhook for your repository. As an example, here is how you do that using GitHub:

  1. Navigate to your project’s repository settings on your Git provider’s website.

TIP: If you’ve set up your project for Git integration, you can use the View Project on Git option from your project’s Git menu in Looker.

  1. In your repository’s settings, click on Webhooks.
  2. Find the webhook for your LookML project, then click its Edit button.
  3. In the Secret text box, paste the webhook deploy secret you copied from the Webhook Deploy Secret section in Looker.
  4. Click Update webhook.

The webhook secret is now required in order to deploy changes to the production version of your project. If you need, you can change the secret or remove the secret from your project.

Changing a Deploy Secret

Once a webhook deploy secret has been added to your project, if you are a Looker admin, you can change the secret by doing the following:

  1. From your project, select Project Settings from the Git drop-down menu.
  2. Scroll down to the Webhook Deploy Secret section and click Reset Secret. Looker will automatically generate a new secret token. You can use this automatically generated secret, or you can type in your own new secret token.
  3. Whether you are using the automatically generated secret or creating your own secret, copy the webhook deploy secret and paste it into a text file so you’ll have it if you need to add the secret to the webhook for your repository. Be sure to copy it from your clipboard at this point. Once you leave or refresh the Project Settings page, you will lose access to the webhook deploy secret and will have to go back and change it or remove it entirely.

  4. Click Save Project Settings.

If your project is configured with Git pull request integration, you also need to go to your Git provider’s interface to update the webhook secret for your repository.

Removing a Deploy Secret

Once a webhook deploy secret has been added to your project, if you are a Looker admin, you can remove the secret by doing the following:

  1. From your project, select Project Settings from the Git drop-down menu.
  2. Scroll down to the Webhook Deploy Secret section and click Remove Secret. At this point, you can cancel the operation and keep the deploy secret by clicking Don’t Remove.
  3. To permanently remove the webhook deploy secret from your project, click Save Project Settings.

Your project no longer requires a secret for the deploy webhook. If your project is configured with Git pull request integration, you can now go to your Git provider’s interface to remove the webhook secret from your repository. Looker itself will no longer check for a secret on the Git provider’s end, so it doesn’t hurt if your Git repo webhook still has a secret configured. If you do want to remove the secret from your Git repository, see Configuring the Secret for Your Git Repository’s Webhook for information on editing the secret on a Git provider’s interface.

Top