Skip to content

Commit 69f46ee

Browse files
authored
Add issue-open Slack notification and retire unreleased-changes digest (#125)
## Summary Two CI notification changes: 1. **Add `.github/workflows/notify-issue.yml`** — posts to Slack (`#oss-alerts` via `SLACK_WEBHOOK_OSS_ALERTS`) when an issue is **opened** or **reopened**, mirroring the existing `notify-pr.yml` house style (same structure, quoting, `permissions: {}`, `timeout-minutes: 5`, bot-actor guard, and stubbed-curl jq payload). 2. **Delete `.github/workflows/unreleased-check.yml`** — the daily "Unreleased changes on main" Slack digest, retired as noise. ### Rationale - The unreleased-changes digest fired daily and was noise. - PR notifications already existed (`notify-pr.yml`) but issue notifications did not — this closes that gap with a 1:1 sibling workflow. - Channel unchanged: still `#oss-alerts` (`SLACK_WEBHOOK_OSS_ALERTS`). --- ## RED / GREEN proof ### RED (before changes, from clean tree) (a) `unreleased-check.yml` exists: ``` $ ls -la .github/workflows/unreleased-check.yml -rw-r--r--@ 1 jpr5 staff 2865 Jun 25 10:18 .github/workflows/unreleased-check.yml ``` (b) No workflow is triggered on issue events. `grep -rl "issues:"` matched only `index-health-monitor.yml`, but that match is a jq output field name, not a trigger: ``` $ grep -n -B1 -A1 "issues:" .github/workflows/index-health-monitor.yml 405- --argjson issues "$issues_json" \ 406: '{status: $status, since: $since, last_notified: $last_notified, notifications_24h: $notifications_24h, issues: $issues}') 407- ``` A YAML-level scan for any workflow with an `on: issues:` trigger returned nothing (no issue-notification workflow): ``` === any workflow triggered ON issues events? === done ``` ### GREEN (after changes) 1. `unreleased-check.yml` no longer exists: ``` $ ls -la .github/workflows/unreleased-check.yml ls: .github/workflows/unreleased-check.yml: No such file or directory ``` 2. Extracted the exact `run:` jq block from `notify-issue.yml` and executed it locally with representative env (`ISSUE_TITLE="Login button 500s on Safari"`, `ISSUE_AUTHOR="octocat"`, `ISSUE_URL=".../issues/42"`, `ISSUE_NUMBER=42`), **stubbing curl** (no POST to Slack). jq output written straight to a file to avoid shell re-mangling, then re-parsed to prove validity: ``` === bytes (od -c, confirms newline is escaped as \n = 5c 6e, not a raw 0a) === 0000100 a r i * b y o c t o c a t \ 0000220 # 4 2 > " } \n === re-parse the file as JSON (proves valid JSON) === { "text": "🐛 New issue on pathfinder: *Login button 500s on Safari* by octocat\n<https://github.com/CopilotKit/pathfinder/issues/42|View issue #42>" } === assertions === PASS: contains 🐛 PASS: contains title PASS: contains author PASS: working Slack link <url|View issue #42> ``` (Note: piping `jq -nc` output back through a shell `echo` shows a spurious "control characters must be escaped" parse error — that is a shell-variable artifact that converts the escaped `\n` into a literal newline before re-feeding jq. The payload jq actually emits is valid JSON, as the `od -c` byte dump and file re-parse above confirm. This is the same payload-construction path that `notify-pr.yml` ships in production.) 3. Lint — both available locally: ``` $ actionlint .github/workflows/notify-issue.yml actionlint: CLEAN $ python3 -c 'import yaml; yaml.safe_load(open(".github/workflows/notify-issue.yml"))' YAML: parses OK $ zizmor --min-severity medium --config .github/zizmor.yml --no-online-audits .github/workflows/notify-issue.yml No findings to report. Good job! (3 suppressed) ``` (zizmor invoked at the exact severity/config the repo's `security_zizmor.yml` CI job uses; also ran clean across the entire `.github/workflows/` directory.)
2 parents 45dfc6b + bff091f commit 69f46ee

2 files changed

Lines changed: 27 additions & 72 deletions

File tree

.github/workflows/notify-issue.yml

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
name: Issue Notification
2+
on:
3+
issues:
4+
types: [opened, reopened]
5+
permissions: {}
6+
jobs:
7+
notify:
8+
runs-on: ubuntu-latest
9+
timeout-minutes: 5
10+
steps:
11+
- name: Notify Slack
12+
if: github.actor != 'github-actions[bot]'
13+
env:
14+
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_OSS_ALERTS }}
15+
ISSUE_TITLE: ${{ github.event.issue.title }}
16+
ISSUE_URL: ${{ github.event.issue.html_url }}
17+
ISSUE_NUMBER: ${{ github.event.issue.number }}
18+
ISSUE_AUTHOR: ${{ github.actor }}
19+
run: |
20+
if [ -n "$SLACK_WEBHOOK" ]; then
21+
payload=$(jq -nc --arg title "$ISSUE_TITLE" --arg author "$ISSUE_AUTHOR" \
22+
--arg url "$ISSUE_URL" --arg num "$ISSUE_NUMBER" \
23+
'{text: "🐛 New issue on pathfinder: *\($title)* by \($author)\n<\($url)|View issue #\($num)>"}')
24+
curl -sf -X POST "$SLACK_WEBHOOK" \
25+
-H 'Content-Type: application/json' \
26+
-d "$payload" || true
27+
fi

.github/workflows/unreleased-check.yml

Lines changed: 0 additions & 72 deletions
This file was deleted.

0 commit comments

Comments
 (0)