From a65221b5ab5a55ce15787cc91c66887197fb10b2 Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Thu, 8 Jan 2026 16:25:46 -0800 Subject: [PATCH 1/3] m --- .github/workflows/daily_ci.yml | 13 +++++++++++++ .github/workflows/issue-notification.yml | 23 +++++++++++++++++++++++ 2 files changed, 36 insertions(+) create mode 100644 .github/workflows/issue-notification.yml diff --git a/.github/workflows/daily_ci.yml b/.github/workflows/daily_ci.yml index a5b9b65..6587f9b 100644 --- a/.github/workflows/daily_ci.yml +++ b/.github/workflows/daily_ci.yml @@ -18,3 +18,16 @@ jobs: uses: ./.github/workflows/ci_test_examples.yml secrets: CI_AWS_ACCOUNT_ID: ${{ secrets.CI_AWS_ACCOUNT_ID }} + notify: + needs: + [ + daily-ci-go-v3-test, + daily-ci-go-v4-test, + daily-ci-go-migration-examples-test, + ] + if: ${{ failure() }} + uses: aws/aws-cryptographic-material-providers-library/.github/workflows/slack-notification.yml@main + with: + message: "Daily CI failed on `${{ github.repository }}`. View run: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" + secrets: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL_CI }} diff --git a/.github/workflows/issue-notification.yml b/.github/workflows/issue-notification.yml new file mode 100644 index 0000000..6674b96 --- /dev/null +++ b/.github/workflows/issue-notification.yml @@ -0,0 +1,23 @@ +name: Issue Created Notification +on: + issues: + types: [opened, reopened] + issue_comment: + types: [created] + +jobs: + notify-issue: + if: github.event_name == 'issues' + uses: aws/aws-cryptographic-material-providers-library/.github/workflows/slack-notification.yml@main + with: + message: "New github issue `${{ github.event.issue.title }}`. Link: ${{ github.event.issue.html_url }}" + secrets: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL_GHI }} + + notify-comment: + if: github.event_name == 'issue_comment' && !github.event.issue.pull_request + uses: aws/aws-cryptographic-material-providers-library/.github/workflows/slack-notification.yml@main + with: + message: "New comment on issue `${{ github.event.issue.title }}`. Link: ${{ github.event.comment.html_url }}" + secrets: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL_GHI }} \ No newline at end of file From 1df8f2edeb032926f3b85f864ef5f93edc9899db Mon Sep 17 00:00:00 2001 From: Rishav karanjit Date: Fri, 9 Jan 2026 10:25:43 -0800 Subject: [PATCH 2/3] Potential fix for code scanning alert no. 15: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/issue-notification.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/issue-notification.yml b/.github/workflows/issue-notification.yml index 6674b96..4be8d1d 100644 --- a/.github/workflows/issue-notification.yml +++ b/.github/workflows/issue-notification.yml @@ -1,4 +1,6 @@ name: Issue Created Notification +permissions: + contents: read on: issues: types: [opened, reopened] From e6665dc80f7b26376e34d5b26ceb4d3ecd5b7fa5 Mon Sep 17 00:00:00 2001 From: Rishav karanjit Date: Fri, 9 Jan 2026 10:26:06 -0800 Subject: [PATCH 3/3] Potential fix for code scanning alert no. 14: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/daily_ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/daily_ci.yml b/.github/workflows/daily_ci.yml index 6587f9b..08fe6ef 100644 --- a/.github/workflows/daily_ci.yml +++ b/.github/workflows/daily_ci.yml @@ -1,5 +1,7 @@ # This workflow runs every weekday at 15:00 UTC (8AM PDT) name: Daily CI +permissions: + contents: read on: schedule: