@@ -302,32 +302,22 @@ jobs:
302302 with :
303303 promote-pull-request : true
304304
305- notify :
306- runs-on : github-ubuntu-latest-s # Public GH runner is required, runners starting with sonar-* do not support this action
307- if : failure() && (contains(fromJSON('["main", "master"]'), github.event.check_suite.head_branch) || startsWith(github.event.check_suite.head_branch, 'branch-'))
305+ notify_slack :
306+ name : Notify Slack on Failure
308307 needs : [ build, build_test_analyze, qa_os_win, qa_plugin, qa_ruling, qa_pr_analysis, promote ]
308+ if : >-
309+ !cancelled() && failure() &&
310+ (github.ref_name == github.event.repository.default_branch ||
311+ startsWith(github.ref_name, 'branch-') ||
312+ startsWith(github.ref_name, 'dogfood-'))
309313permissions :
310314 id-token : write
315+ statuses : read
316+ runs-on : github-ubuntu-latest-s
311317 steps :
312- - name : Vault Secrets
313- id : secrets
314- uses : SonarSource/vault-action-wrapper@v3
318+ - uses : SonarSource/release-github-actions/notify-slack@master
315319 with :
316- secrets : |
317- development/kv/data/slack token | SLACK_BOT_TOKEN;
318-
319- name : Slack Notification rtCamp
320- uses : rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 # v2.3.3
321- env :
322- SLACK_TOKEN : >-
323- ${{ fromJSON(steps.secrets.outputs.vault).SLACK_BOT_TOKEN }}
324- SLACK_CHANNEL : squad-security-taint-notifs
325- SLACK_TITLE : Build Failed
326- SLACK_MESSAGE : |
327- Workflow failed in ${{ github.repository }} 🚨
328- ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
329- Branch: ${{ github.head_ref || github.ref_name }}
330- Author: ${{ github.event.pull_request.user.login }}
331-
332- SLACK_USERNAME : BuildBot
333- SLACK_COLOR : danger
320+ project-name : " SonarPHP"
321+ slack-channel : " squad-security-taint-notifs"
322+ icon : ' :elephpant:'
323+ jobs : ${{ toJSON(needs) }}
0 commit comments