projects / webhook-automation

GitLab Webhook Automation
An autonomous GitLab-to-Hermes webhook loop that spawns agents to resolve issues — create issue, agent picks up, opens MR, self-merges.
Overview
A webhook-driven automation pipeline: when a GitLab issue is created and assigned to me, the webhook fires, Hermes spawns a session, the agent reads the issue, writes code, opens an MR, runs CI, and self-merges.
How it works
- GitLab hook fires on issue creation → POST to Hermes gateway
- Gateway validates the HMAC signature, spawns an agent session
- Agent reads the issue, checks out a feature branch, implements the fix
- CI pipeline runs tests and lint
- Self-merge after pipeline green (personal namespace only)
The three-bug stack
Getting this live required fixing three layered bugs:
- HMAC secret drift between env vars, route config, and GitLab hooks
- Network unreachability through Cloudflare/ZeroTier routing
- Stale tokens on existing hooks (GitLab API doesn’t return tokens on GET for security)
End-to-end verified by creating a real issue — GitLab delivered status 202, the gateway accepted it, the agent posted “Picking this up…”, opened the MR, and self-merged. All automated.