Skip to content

openziti/ziti-mattermost-action-py

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

147 Commits
.github/workflows
.github/workflows
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
action.yml
action.yml
 
 
test.sh
test.sh
 
 
zhook.py
zhook.py
 
 
zmm.env
zmm.env
 
 

Repository files navigation

ziti-mattermost-action-py

GitHub Action that posts to a Mattermost webhook endpoint over OpenZiti

This GitHub workflow action uses Ziti Python SDK to post an event's payload information to a Mattermost instance over a Ziti connection. This allows the Mattermost server to remain private, i.e. not directly exposed to the internet.

Usage

See action.yml for descriptions of all available inputs.

name: ziti-mattermost-action-py
on:
  create:
  delete:
  issues:
  issue_comment:
  pull_request_review:
  pull_request_review_comment:
  pull_request:
  push:
  fork:
  release:
    types: [released]

jobs:
  ziti-webhook:
    runs-on: ubuntu-latest
    name: Ziti Mattermost Action - Py
    steps:
    - uses: openziti/ziti-mattermost-action-py@v1
      with:
        # Identity JSON containing key to access a Ziti network
        zitiId: ${{ secrets.ZITI_MATTERMOST_IDENTITY }}

        # URL to post the payload. Note that the `zitiId` must provide access to a service 
        # intercepting `my-mattermost-ziti-server`
        webhookUrl: 'https://{my-mattermost-ziti-server}/hook/{my-mattermost-webhook-id}}'

        eventJson: ${{ toJson(github.event) }}
        senderUsername: "GitHubZ"
        destChannel: "github-notifications"

Inputs

zitiId

The zitiId input is the JSON formatted string of an identity enrolled in an OpenZiti Network.

The identity can be created by enrolling via the ziti edge enroll path/to/jwt [flags] command. The ziti CLI executable can be obtained here.

webhookUrl

This input value is a Mattermost "Incoming Webhook" URL available over an OpenZiti Network to the identity specified by zitiId. This URL should be configured in Mattermost to allow posting to any valid channel with any sender username. The default username will be the sender.login from the GitHub Action event.

Updating the Container

1. Build the container

docker build -t ghcr.io/openziti/ziti-mattermost-action-py:latest .

2. Generate PAT with scopes

  • go to https://github.com/settings/tokens
  • choose "Tokens(classic)"
  • Choose "Generate new token" and select "Generate new token (classic)" from the dropdown
  • Add note: "GHCR Deploy Token"
  • choose permissions - write:packages (will also end up with read:packages)

3. Login + push with PAT

  export PAT='ghp_xxxxxx' # copy leading space to (probably) keep it out of your shell history or edit/source a file
echo "$PAT" | docker login ghcr.io -u dovholuknf --password-stdin

4. Push the image

docker push ghcr.io/openziti/ziti-mattermost-action-py:latest

5. Revoke PAT

About

GitHub Action that posts to a Mattermost webhook endpoint over OpenZiti

Resources

Readme

License

Apache-2.0 license

Security policy

Security policy
Activity
Custom properties

Stars

3 stars

Watchers

8 watching

Forks

3 forks
Report repository

Releases 1

v1 Latest
Jul 26, 2022

Packages

No packages published

Contributors 6

Languages