Daily Check to see if any secrets will expire soon #58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Daily Check to see if any secrets will expire soon | |
on: | |
workflow_dispatch: | |
schedule: # At 04:00 every morning | |
- cron: '0 04 * * *' | |
jobs: | |
secret-expire-check: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Run check if any secrets will expire within next month | |
id: secrete-expire-check-month | |
run: | | |
./bin/check_secret_expire.sh $(date -d "+1 month" +"%Y-%m-%d") | |
- name: Slack Notification on Failure | |
if: ${{ failure() }} | |
uses: rtCamp/action-slack-notify@v2 | |
env: | |
SLACK_CHANNEL: secret-expire | |
SLACK_WEBHOOK: ${{ secrets.MERKELY_SLACK_CI_FAILURES_WEBHOOK }} | |
SLACK_USERNAME: GithubActions | |
SLACK_COLOR: ${{ job.status }} | |
SLACKIFY_MARKDOWN: true | |
SLACK_TITLE: Secret has expired | |
SLACK_MESSAGE: "Some secrets in `cli` is about to or has expired. Please check the \ | |
[log](${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}) \ | |
for more details." | |
SLACK_FOOTER: |