Skip to content

Using ClickHouse as a GitHub webhook

Mark Needham

ClickHouse has always supported acting as a webhook endpoint, but version 25.12 adds a useful feature: HMAC-based message authentication. Now you can verify that incoming requests are actually from who you think they are before inserting any data. In this video, we set it up end to end using a real GitHub repository.

  • Create a staging table that captures raw payloads and GitHub's HMAC signature from the request header
  • Use a materialized view to validate each message using the new HMAC function — valid messages flow through, invalid ones get dropped
  • Set up a restricted webhook_receiver user with minimal permissions (and optionally rate limits) for the endpoint
  • Walk through the full GitHub webhook configuration — payload URL, content type, and secret key
  • Test the setup with real push events and verify the signature filtering works as expected

Read the blog post

Recent videos

YouTube Video: GwCRcRa8f3A

Open House

Open House 2026: Day 1 Keynote

The latest ClickHouse announcements, featuring real-world use cases from Shopify, Zoox, Visa, and Cisco.

YouTube Video: ZtvlCz7Ukg4

Open House

Fireside Chat: The state of data and AI with Bret Taylor (Sierra) and Aaron Katz (ClickHouse)

Aaron Katz (CEO, ClickHouse) and Bret Taylor (Co-Founder Sierra, Chairman of the Board, OpenAI) have an open conversation on the state of AI.

YouTube Video: FmS7VopaqNg

Open House, ClickHouse

How to build a great database (Alexey Milovidov)

The principles behind building a great database, and the new frontiers shaping the field.

Follow us

XBlueskySlackGithubTelegramMeetupRSS