Sign in Subscribe
By Errong Leng in git

get the github.event json and branch name in github Actions workflow scripts

get the github.event json and branch name in github Actions workflow scripts
Photo by Evie S. / Unsplash

Assuming you want to run checkmarx scan on any push event to make sure the codes committed do not have major secruity concerns. You can set up a workflow like below:

name: Trigger Checkmarx Scan Workflow

on:
  push:
    branches-ignore:
      - main
      - master
      - develop

jobs:
  checkmarxscan:
    runs-on: linux

    steps:
      - name: Trigger Checkmarx Scan
        env:
          checkmarx_scan_webhook : yourwebhookjenkinsjoburl=&checkmarxProjectId=
          project_name: yourcheckmarxprojectname
          GITHUB_EVENT: ${{ toJson(github.event) }}
          BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
        run: |
          curl -X POST "${checkmarx_scan_webhook}${project_name}&branchName=$BRANCH_NAME" -H 'Content-Type: application/json' -d "$GITHUB_EVENT"

use branches-ignore

I used branches-ignore to let this action will be triggered on any branch except the branches ignored.

json github.event

first set github.event to env.

      GITHUB_EVENT: ${{ toJson(github.event) }}

and then use it in the run command.

-d "$GITHUB_EVENT"

make sure you use double quotes " and $ to read it, otherwise you will get error.

get branch name

by default, the github.event does not include the branch name. but you can use below script to get the branch name and set it as env.

      BRANCH_NAME: ${{ github.head_ref || github.ref_name }}

And then pass it as query parameter in the webhook url.

&branchName=$BRANCH_NAME"

jenkins job as a webhook

from the curl command, it will send out the github.event as a json body and branchName as query. The json body and query will be resolved as variables in the runtime of the jenkins job and you can use them directly in the jenkins scripts.

After the workflow action is triggered successfully, it will print out the resolved variables as well. Check the resolvedVariables in the console log of the action.

{"jobs":{"CheckMarxScan-FromWebhook":{"regexpFilterExpression":"","triggered":true,"resolvedVariables":{"branchName":"workflow/checkmarx-scan-onpush","branchName_0":"workflow/checkmarx-scan-onpush","checkmarxProjectId":"xxx","checkmarxProjectId_0":"xxxxxx","commits":"[{\"author\":{\"email\":\"xx@xx\",\"name\":\"Leng, Errong\",\"username\":\"Errong-Leng\"},\"committer\":{\"email\":\"noreply@github.com\",\"name\":\"GitHub\",\"username\":\"web-flow\"},\"distinct\":true,\"id\":\"e4b472116628a53f5b48caf10b2590d6e2602c7a\",\"message\":\"change job name\",\"timestamp\":\"2024-04-26T16:44:46-07:00\",\"tree_id\":\"d5e94f1955254c2612d37aeb6e72fd5e3ddc2efb\",\"ur
...

This will help you set up the jenkins job scripts as well.

Happy Debugging and Codding!

Subscribe to Post, Code and Quiet Time.

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe