Merge pull request #12 from step-security-bot/stepsecurity_remediatio… #14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # Tweet notifications | |
| name: Notify twitter of new Push to main branch | |
| on: | |
| # Paolo's note: Run on Pull requests merged to main only. | |
| # It's a weird syntax, but, because a Pull Request always | |
| # generates a "push" event when it gets merged, and given | |
| # that we do not commit directly to main, we can use the | |
| # syntax below and it will result on creating a tweet on | |
| # our twitter ONLY when a Pull Request from Develop branch | |
| # gets merged into Main branch, which is what we want. | |
| push: | |
| branches: | |
| - main | |
| # Paolo's note: Run when manually triggered. | |
| # Because there are situations when we may need to trigger | |
| # it manually, I just added this option. Please do not abuse | |
| # of it :) | |
| workflow_dispatch: | |
| env: | |
| THIS_REPO: ${{ github.repository }} | |
| permissions: | |
| contents: read | |
| jobs: | |
| # init: | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Set current date as env variable | |
| # run: echo "MSG_DATE=$(date +'%Y-%m-%d')" >> $GITHUB_ENV | |
| #debug: | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Verify ENV variables | |
| # run: | | |
| # echo "Today: ${{ env.MSG_DATE }}, new merge in ${{ env.THIS_REPO }}! You can check it out here: https://github.com/${{ env.THIS_REPO }} #RISC_OS #RISCOS #ROCOnGitHub #OpenSource #DevCommunity" | |
| tweet: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 | |
| with: | |
| egress-policy: audit | |
| - name: Set current date as env variable | |
| run: echo "MSG_DATE=$(date +'%Y-%m-%d')" >> $GITHUB_ENV | |
| - name: Send Tweet | |
| uses: ethomson/send-tweet-action@288f9339e0412e3038dce350e0da5ecdf12133a6 # v1.0.0 | |
| with: | |
| status: "🎉 Today: ${{ env.MSG_DATE }}, new merge in ${{ env.THIS_REPO }}! ${{ github.event.pull_request.title }} You can check it out here: https://github.com/${{ env.THIS_REPO }} #RISC_OS #RISCOS #ROCOnGitHub #OpenSource #DevCommunity" | |
| consumer-key: ${{ secrets.TWITTER_CONSUMER_API_KEY }} | |
| consumer-secret: ${{ secrets.TWITTER_CONSUMER_API_SECRET }} | |
| access-token: ${{ secrets.TWITTER_ACCESS_TOKEN }} | |
| access-token-secret: ${{ secrets.TWITTER_ACCESS_TOKEN_SECRET }} | |