Skip to content

Pass secrets to approved workflow jobs #471

Pass secrets to approved workflow jobs

Pass secrets to approved workflow jobs #471

Workflow file for this run

name: Tests
on:
pull_request:
push:
branches:
- main
jobs:
unit_tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: npm ci && npm run build
- run: npm test
access_check:
runs-on: ubuntu-latest
steps:
- name: Gather user permissions
if: ${{ github.event_name == 'pull_request' && github.event.pull_request.author_association != 'COLLABORATOR' }}
run: |
echo "Action was not triggered by a collaborator. Exiting now."
exit 1
integration_test_botToken:
runs-on: ubuntu-latest
needs: access_check
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- run: npm ci && npm run build
- name: Post message to Slack via botToken
id: slackToken
uses: ./
with:
channel-id: ${{ secrets.SLACK_CHANNEL_ID }}
slack-message: 'CI Post from slack-send GitHub Action! Succeeded!!'
# payload: "{\"key\":\"value\",\"foo\":\"bar\"}"
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
# Use the output from the `slackToken` step
- name: Check Action output is not empty
run: test -n "${{ steps.slackToken.outputs.time }}"
- name: Post Threaded Response
id: slackThreadResponse
uses: ./
with:
channel-id: ${{ secrets.SLACK_CHANNEL_ID }}
payload: |
{
"text": "This message should be posted as a response in thread",
"thread_ts": "${{ steps.slackToken.outputs.thread_ts }}"
}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
integration_test_webhook:
runs-on: ubuntu-latest
needs: access_check
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- run: npm ci && npm run build
- run: echo "${{ github.event_name }}"
- name: push trigger
# Save commit url from GitHub Trigger event payload to URL env
if: "contains(github.event_name, 'push')"
run: |
url=${{ github.event.head_commit.url }}
echo "URL=$url" >> "$GITHUB_ENV"
- name: pull request trigger
# Save pull request url from GitHub Trigger event payload to URL env
if: "contains(github.event_name, 'pull_request')"
run: |
url=${{ github.event.pull_request.url }}
echo "URL=$url" >> "$GITHUB_ENV"
- name: Post message to Slack via webhook
id: slackWorkflow
uses: ./
with:
# Workflow builder webhooks need to know the name of the keys in the payload in advance. Without normalizing, the github context payload keys can differ based on the GitHub trigger event type
# Normalized payload with info pulled out from GitHub trigger event
payload: "{\"author\":\"${{ github.event.sender.login }}\",\"url\":\"${{ env.URL}}\", \"repoName\":\"${{ github.event.repository.full_name }}\", \"status\":\"${{ job.status }}\"}"
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
# Use the output from the `slackWorkflow` step
- name: Check Action output is not empty
run: test -n "${{ steps.slackWorkflow.outputs.time }}"
integration_test_incoming_webhook:
runs-on: ubuntu-latest
needs: access_check
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- run: npm ci && npm run build
- run: echo "${{ github.event_name }}"
- name: Post message to Slack via incoming webhook
id: slackIncoming
uses: ./
with:
# block kit payload
payload: "{\"text\":\"Incoming Webhook test for slack send\", \"blocks\":[{\"type\":\"section\",\"text\":{\"type\":\"plain_text\",\"text\":\"A post by Slack Send GitHub Action. Testing Incoming webhooks\",\"emoji\":true}}]}"
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_INCOMING_WEBHOOK_URL }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
# Use the output from the `slackIncoming` step
- name: Check Action output is not empty
run: test -n "${{ steps.slackIncoming.outputs.time }}"
integration_test_file_payload:
runs-on: ubuntu-latest
needs: access_check
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- run: npm ci && npm run build
- name: Dump out GitHub Context
run: echo $JSON
env:
JSON: ${{ toJSON(github) }}
- name: Post message to Slack with Payload path
id: slackPayloadFile
uses: ./
with:
payload-file-path: ./.github/resources/payload-notification.json
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_INCOMING_WEBHOOK_URL }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
JOB_STATUS: ${{ job.status }}
ATTACHMENT_COLOR: ${{ (job.status == 'success' && 'good') || (job.status == 'failure' && 'danger') || 'warning' }}
# Use the output from the `slackIncoming` step
- name: Check Action output is not empty
run: test -n "${{ steps.slackPayloadFile.outputs.time }}"