Skip to content
.github/workflows/security_npm_dependency.yml

tidy up the text and prepare to tag 0.1 #3

Sign in to view logs

tidy up the text and prepare to tag 0.1

tidy up the text and prepare to tag 0.1 #3

Workflow file for this run

.github/workflows/security_npm_dependency.yml at c7e6bcc
name: Security npm dependency check
on:
workflow_call:
inputs:
channel_id:
required: true
type: string
node_version:
required: false
type: string
default: '20.16'
secrets:
SLACK_BOT_TOKEN:
description: Slack bot token
required: true
permissions:
contents: read
jobs:
security-npm-check:
name: Security npm dependency check
runs-on: ubuntu-latest
permissions:
security-events: write
env:
parent_directory: ${{ github.event.repository.name == '' && '.' || github.event.repository.name}}
steps:
- uses: actions/checkout@v4
- name: Audit for vulnerabilities
id: npm
run: npx audit-ci@^7 --config ./audit-ci.json -o json > npm-security-check-reports.json
continue-on-error: true
- uses: ministryofjustice/hmpps-github-actions/.github/actions/security_npm_dependency"0.1 # WORKFLOW_VERSION
if: success() || steps.npm.conclusion == 'failure'
with:
channel_id: ${{ inputs.channel_id }}
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
- uses: slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 # v1.24.0
if: failure()
with:
channel-id: ${{ inputs.channel_id}}
payload: |
{ "text": "Github actions *npm dependency check* failed",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": ":no_entry: Failed GitHub Action:"
}
},
{
"type": "section",
"fields": [
{
"type": "mrkdwn",
"text": "*Workflow:*\n<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|${{ github.workflow }}>"
},
{
"type": "mrkdwn",
"text": "*Job:*\n${{ github.job }}"
},
{
"type": "mrkdwn",
"text": "*Repo:*\n${{ github.repository }}"
},
{
"type": "mrkdwn",
"text": "*Project:*\n${{ github.event.repository.name }}"
}
]
}
]
}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}