Notification #16101
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Notification | |
| on: | |
| workflow_run: | |
| branches: [main, release-*] | |
| workflows: | |
| - "CI" | |
| - "CodeQL" | |
| - "Fossa" | |
| - "Lint" | |
| - "Update Docker Images" | |
| - "OpenSSF Scorecards" | |
| - "Build OSS" | |
| - "Build Plus" | |
| - "Release NIC" | |
| types: | |
| - completed | |
| permissions: | |
| contents: read | |
| jobs: | |
| on-failure: | |
| runs-on: ubuntu-24.04 | |
| if: ${{ github.event.workflow_run.conclusion == 'failure' && github.event.repository.fork == false }} | |
| permissions: | |
| contents: read | |
| actions: read # for 8398a7/action-slack | |
| id-token: write # for Azure login | |
| steps: | |
| - name: Data | |
| uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 | |
| continue-on-error: true | |
| id: data | |
| with: | |
| script: | | |
| const message = context.payload.workflow_run.head_commit.message | |
| message_sanitized = message.split('\n')[0] | |
| const check_data = (await github.rest.checks.listForRef({ | |
| owner: context.payload.repository.owner.login, | |
| repo: context.payload.repository.name, | |
| ref: context.payload.workflow_run.head_commit.id, | |
| })).data.check_runs.filter(check_run => check_run.conclusion === 'failure')[0] | |
| return { | |
| job_name: check_data.name, | |
| job_url: check_data.html_url, | |
| commit_message: message_sanitized, | |
| } | |
| - name: Azure login | |
| uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0 | |
| with: | |
| client-id: ${{ secrets.AZURE_VAULT_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_VAULT_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_VAULT_SUBSCRIPTION_ID }} | |
| - name: Setup secrets | |
| id: secrets | |
| run: | | |
| echo "Setting secrets for job" | |
| SLACK_WEBHOOK=$(az keyvault secret show --name slack-pipeline-webhook --vault-name ${{ secrets.NIC_KEYVAULT_NAME }} --query value -o tsv) | |
| echo "::add-mask::$SLACK_WEBHOOK" | |
| echo "SLACK_WEBHOOK=$SLACK_WEBHOOK" >> $GITHUB_OUTPUT | |
| - name: Send Notification | |
| uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0 | |
| with: | |
| status: custom | |
| custom_payload: | | |
| { | |
| username: 'Github', | |
| icon_emoji: ':github:', | |
| mention: 'channel', | |
| attachments: [{ | |
| title: '[${{ github.event.repository.full_name }}] ${{ github.event.workflow.name }} pipeline has failed (${{ github.event.workflow_run.event }})', | |
| color: 'danger', | |
| fields: [{ | |
| title: 'Commit', | |
| value: `<https://github.com/${{ github.repository }}/commit/${{ github.event.workflow_run.head_commit.id }}|${{ fromJSON(steps.data.outputs.result).commit_message }}>`, | |
| short: true | |
| }, | |
| { | |
| title: 'Failed Job', | |
| value: `<${{ fromJSON(steps.data.outputs.result).job_url }}|${{ fromJSON(steps.data.outputs.result).job_name }}>`, | |
| short: true | |
| }, | |
| { | |
| title: 'Author', | |
| value: `${{ github.event.workflow_run.head_commit.author.name }}`, | |
| short: true | |
| }, | |
| { | |
| title: 'Pipeline URL', | |
| value: `<https://github.com/${{ github.repository }}/actions/runs/${{ github.event.workflow_run.id }}|${{ github.event.workflow_run.id }}>`, | |
| short: true | |
| }] | |
| }] | |
| } | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ steps.secrets.outputs.SLACK_WEBHOOK }} |