slack message

README.md

Send message to slack

usage with github actions:

jobs:
  InformDeploy:
    runs-on: ubuntu-latest
    steps:
    - uses: cachix/install-nix-action@v13
      with:
        nix_path: nixpkgs=channel:nixos-unstable
    - name: Notify slack
      run: |
        nix eval --option build-use-sandbox false --json --impure \
          --expr '(import (builtins.fetchGit {
                url = "https://gist.github.com/42d420383b827d89807e9b73bf8ea65d.git";
                ref = "master"; })).deployMsgGif { timestamp = "'`date +%s`'"; }'
      env:
        GIPHY_TOKEN: ${{ secrets.GIPHY_TOKEN }}
        SLACK_BOT_CHANNEL: ${{ secrets.SLACK_BOT_CHANNEL }}
        SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN_GIT_ACTION }}
        GIT_ACTOR: ${{ env.GITHUB_ACTOR }}
        GIT_REF: ${{ env.GITHUB_REF }}
        GIT_REPOSITORY: ${{ env.GITHUB_REPOSITORY }}
        GIF_RATING: "pg-13"   # https://developers.giphy.com/docs/optional-settings/#rating
        GIF_TAG: "happy"
        GIFED_BRANCH: ".+main"

When branch matches GIFED_BRANCH, it uses random gif with a giphy API and require GIPHY_TOKEN

security

https://dev.to/mheap/improve-your-github-actions-security-1im7 https://www.seancassidy.me/dont-pipe-to-your-shell.html

Add rev after ref, if you point specific reversion, even if I change this file you will point to old version.

default.nix

let 
  slackMsg = import ./slackMsg.nix {};
  deployMsg = import ./deployMsg.nix;
  deployMsgGif = import ./deployMsgGif.nix;
in {
  inherit slackMsg deployMsg deployMsgGif;
}

deployMsg.nix

{ 
  timestamp,
  actor ? builtins.getEnv "GIT_ACTOR",
  channel ? builtins.getEnv "SLACK_BOT_CHANNEL",
  complement ? "",
  gitref ? builtins.getEnv "GIT_REF",
  repository ? builtins.getEnv "GIT_REPOSITORY",
  token ? builtins.getEnv "SLACK_BOT_TOKEN",
}:
let
  slackMsg = import ./slackMsg.nix {} { inherit token channel; };
  ship = ":ship: " + (baseNameOf gitref);
  package = ":package: [" + (baseNameOf repository) + "]";
  actor_ = ":bust_in_silhouette: ${actor}";
  text = "${ship}\n${package}\n${actor_}\n${complement}";
in slackMsg { inherit text timestamp; }

deployMsgGif.nix

{ 
  timestamp,
  actor ? builtins.getEnv "GIT_ACTOR",
  channel ? builtins.getEnv "SLACK_BOT_CHANNEL",
  gitref ? builtins.getEnv "GIT_REF",
  repository ? builtins.getEnv "GIT_REPOSITORY",
  token ? builtins.getEnv "SLACK_BOT_TOKEN",
  giphyToken ? builtins.getEnv "GIPHY_TOKEN",
  gifRating ? builtins.getEnv "GIF_RATING",
  gifTag ? builtins.getEnv "GIF_TAG",
  gifedBranch ? builtins.getEnv "GIFED_BRANCH",
}:
let
  randomGif = import (builtins.fetchGit {
    url = https://gist.github.com/f0e7495872dc9c2f00f5acfa26eb6dd0.git;
    ref = "master";
  });
  resultGif = randomGif {
    rating = gifRating;
    tag = gifTag;
    token = giphyToken;
    timestamp = timestamp;
  };
  deployMsg = import ./deployMsg.nix;
  gifedBranch_ = if gifedBranch == "" then ".+/master" else gifedBranch;
in deployMsg {
  inherit timestamp actor channel gitref repository token;
  complement = if isNull (builtins.match gifedBranch_ gitref) then "" else resultGif.data.bitly_url;
}

slackMsg.nix

{ pkgs ? import <nixpkgs> {} }: { token, channel }: { text, timestamp }:
  let
    payload = builtins.toJSON { inherit channel text; };
    args = pkgs.lib.cli.toGNUCommandLineShell {} {
      verbose = true;
      header = [
        "Age: ${timestamp}"
        "Accept-Charset: utf-8"
        "Authorization: Bearer ${token}"
        "Content-type: application/json; charset=utf-8"
      ];
      url = "https://slack.com/api/chat.postMessage";
      data = payload;
    };
    curlCmd = pkgs.runCommand "curlCmd" { buildInputs = [ pkgs.curl pkgs.cacert ]; };
    responseFile = curlCmd "curl ${args} > $out";
    response = builtins.readFile responseFile;
  in response