Get secrets from workflow call #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Check for Dependabot alerts & send them to Slack' | |
| on: | |
| schedule: | |
| - cron: '30 16 * * *' # every day at 9:30 am PST | |
| workflow_dispatch: # to have the option to run this ad-hoc | |
| workflow_call: # to allow other workflows to call this workflow | |
| secrets: | |
| app-id: ${{ vars.DEPENDABOT_ACCESS_APP_ID }} | |
| private-key: ${{ secrets.DEPENDABOT_ACCESS_PRIVATE_KEY }} | |
| slack_webhook: ${{ secrets.CUSTOMER_INTEGRATIONS_SLACK_WEBHOOK }} | |
| app-id: | |
| required: true | |
| description: 'Github App ID' | |
| private-key: | |
| required: true | |
| description: 'Github App Private Key' | |
| slack_webhook: | |
| required: true | |
| description: 'Slack Webhook' | |
| jobs: | |
| main: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/create-github-app-token@v1 | |
| id: app-token | |
| with: | |
| app-id: ${{ secrets.app-id }} | |
| private-key: ${{ secrets.private-key }} | |
| # X.X.X - Latest version available at: https://github.com/kunalnagarco/action-cve/releases | |
| - uses: kunalnagarco/[email protected] | |
| with: | |
| token: ${{ steps.app-token.outputs.token }} | |
| slack_webhook: ${{ secrets.slack_webhook }} | |
| count: 10 |