From ae78ca28740c74f56d518ead235f6d985606f3b9 Mon Sep 17 00:00:00 2001 From: tomverin Date: Fri, 4 Apr 2025 11:43:23 +0200 Subject: [PATCH 1/5] Update workflow with new Slack notification action --- .github/workflows/slack_notify.yml | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/.github/workflows/slack_notify.yml b/.github/workflows/slack_notify.yml index ca1f848..4941c7b 100644 --- a/.github/workflows/slack_notify.yml +++ b/.github/workflows/slack_notify.yml @@ -1,13 +1,23 @@ --- name: Slack Notifications on: - check_run: - types: [rerequested, completed] + check_suite: + types: [completed] + +permissions: + contents: read + checks: read + id-token: write jobs: slack-notifications: - permissions: - id-token: write # to authenticate via OIDC - uses: SonarSource/gh-action_build-notify/.github/workflows/main.yaml@v1 - with: - slackChannel: squad-jvm-notifs + if: >- + contains(fromJSON('["main", "master"]'), github.event.check_suite.head_branch) || startsWith(github.event.check_suite.head_branch, 'dogfood-') || startsWith(github.event.check_suite.head_branch, 'branch-') + runs-on: sonar-runner + steps: + - name: Send Slack Notification + env: + GITHUB_TOKEN: ${ github.token } + uses: SonarSource/gh-action_slack-notify@1.0.0 + with: + slackChannel: squad-jvm-notifs From e62345abed499f8284c827bbb0f402c62d681199 Mon Sep 17 00:00:00 2001 From: tomverin Date: Fri, 4 Apr 2025 14:35:03 +0200 Subject: [PATCH 2/5] Update workflow with new Slack notification action --- .github/workflows/slack_notify.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/slack_notify.yml b/.github/workflows/slack_notify.yml index 4941c7b..0920b9a 100644 --- a/.github/workflows/slack_notify.yml +++ b/.github/workflows/slack_notify.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Send Slack Notification env: - GITHUB_TOKEN: ${ github.token } - uses: SonarSource/gh-action_slack-notify@1.0.0 + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + uses: SonarSource/gh-action_slack-notify@v1 with: slackChannel: squad-jvm-notifs From 7a10531367abef2cc384d291eb250407df5b47da Mon Sep 17 00:00:00 2001 From: tomverin Date: Fri, 4 Apr 2025 14:40:10 +0200 Subject: [PATCH 3/5] Update workflow with new Slack notification action --- .github/workflows/slack_notify.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/slack_notify.yml b/.github/workflows/slack_notify.yml index 0920b9a..d20b205 100644 --- a/.github/workflows/slack_notify.yml +++ b/.github/workflows/slack_notify.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Send Slack Notification env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ github.token }} uses: SonarSource/gh-action_slack-notify@v1 with: slackChannel: squad-jvm-notifs From f041bc0a0e0000f98dfb28bdac321e63660328e5 Mon Sep 17 00:00:00 2001 From: tomverin Date: Tue, 8 Apr 2025 15:18:15 +0200 Subject: [PATCH 4/5] Update runs-on to ubuntu-latest --- .github/workflows/slack_notify.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/slack_notify.yml b/.github/workflows/slack_notify.yml index d20b205..610e1c7 100644 --- a/.github/workflows/slack_notify.yml +++ b/.github/workflows/slack_notify.yml @@ -13,7 +13,7 @@ jobs: slack-notifications: if: >- contains(fromJSON('["main", "master"]'), github.event.check_suite.head_branch) || startsWith(github.event.check_suite.head_branch, 'dogfood-') || startsWith(github.event.check_suite.head_branch, 'branch-') - runs-on: sonar-runner + runs-on: ubuntu-latest steps: - name: Send Slack Notification env: From e3483c98cefcdd42fce580e3f2d07bbe3cccaea6 Mon Sep 17 00:00:00 2001 From: tomverin Date: Tue, 8 Apr 2025 15:39:03 +0200 Subject: [PATCH 5/5] Update runs-on to ubuntu-latest and add actions: read permission --- .github/workflows/slack_notify.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/slack_notify.yml b/.github/workflows/slack_notify.yml index 610e1c7..7ada0d4 100644 --- a/.github/workflows/slack_notify.yml +++ b/.github/workflows/slack_notify.yml @@ -5,6 +5,7 @@ on: types: [completed] permissions: + actions: read contents: read checks: read id-token: write