I set up a GitHub Webhook, which is the trigger for my Cloud Function, so whenever a change is made to the repository with this GithHub Webhook the Cloud Function is called. It works for unauthenticated access, but when using authenticated some set up has to be done.
I already tried using Service Accounts in GCP, in which the service account can only Invoke the specific Cloud Function, but the problem is that I can't explicitly assign this service account to be GitHub's Webhook.
Note: I thought about using Bearer Token and adding it to my Cloud Function, which would give a layer of security, but that wouldn't prevent the Cloud Function to be called anyways, right?
Yes, you need to be authenticated with a Google Account (service account or user Account) and to be authorized by IAM to invoke the function. Sadly Github webhook doesn't support service account key file to generate a secured token and then to securely call your Cloud Functions.
However, you can use API key (that you can add to the URL of your WebHook). I wrote an article that also work today with API Gateway (the managed version of ESPv2 used in my article)