External FR Weekly Digest #12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: External FR Weekly Digest | |
| on: | |
| schedule: | |
| # Run every Monday at 9:00 AM UTC | |
| - cron: '0 9 * * 1' | |
| workflow_dispatch: | |
| # Manual trigger for testing - secured with validation | |
| inputs: | |
| dry_run: | |
| description: 'Dry run (skip Slack notifications)' | |
| required: false | |
| default: false | |
| type: boolean | |
| team_filter: | |
| description: 'Filter to specific team (leave empty for all enabled teams)' | |
| required: false | |
| default: '' | |
| type: string | |
| permissions: | |
| contents: read | |
| issues: read | |
| id-token: write | |
| jobs: | |
| digest: | |
| runs-on: ubuntu-latest | |
| environment: ${{ github.event_name == 'workflow_dispatch' && 'manual-trigger' || '' }} | |
| steps: | |
| - name: Validate manual trigger | |
| if: github.event_name == 'workflow_dispatch' | |
| env: | |
| ACTOR: ${{ github.actor }} | |
| TEAM_FILTER: ${{ inputs.team_filter }} | |
| run: | | |
| echo "::notice::Manual trigger by $ACTOR" | |
| if [ -n "$TEAM_FILTER" ]; then | |
| echo "::notice::Team filter: $TEAM_FILTER" | |
| else | |
| echo "::notice::No team filter - will process all enabled teams" | |
| fi | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| persist-credentials: false | |
| sparse-checkout: | | |
| .github/team-notifications-config.json | |
| .github/workflows/scripts/utils.mts | |
| .github/workflows/scripts/fr-digest.mts | |
| - name: Setup Node.js | |
| uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6 | |
| with: | |
| node-version: '22' | |
| - name: Get vault secrets | |
| id: vault-secrets | |
| uses: grafana/shared-workflows/actions/get-vault-secrets@c2f1df59dba624b3fd509e5181aa8da5217120c0 # main | |
| with: | |
| repo_secrets: | | |
| OPENAI_API_KEY=community-openai:key | |
| SLACK_BOT_TOKEN=community-slack-bot:token | |
| SLACK_CHANNELS=community-slack-channels:map | |
| - name: Validate configuration | |
| run: | | |
| if [ ! -f ".github/team-notifications-config.json" ]; then | |
| echo "::error::Configuration file not found: .github/team-notifications-config.json" | |
| exit 1 | |
| fi | |
| node -e "JSON.parse(require('fs').readFileSync('.github/team-notifications-config.json', 'utf-8')); console.log('Configuration file validated successfully');" | |
| - name: Run FR Weekly Digest | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| OPENAI_API_KEY: ${{ env.OPENAI_API_KEY }} | |
| SLACK_BOT_TOKEN: ${{ env.SLACK_BOT_TOKEN }} | |
| DRY_RUN: ${{ inputs.dry_run || 'false' }} | |
| TEAM_FILTER: ${{ inputs.team_filter || '' }} | |
| REPO: ${{ github.repository }} | |
| TRIGGERED_BY: ${{ github.actor }} | |
| TRIGGER_TYPE: ${{ github.event_name }} | |
| run: | | |
| echo "::group::Execution Context" | |
| echo "Triggered by: $TRIGGERED_BY" | |
| echo "Trigger type: $TRIGGER_TYPE" | |
| echo "Dry run: $DRY_RUN" | |
| echo "Team filter: ${TEAM_FILTER:-all}" | |
| echo "::endgroup::" | |
| node --experimental-strip-types .github/workflows/scripts/fr-digest.mts |