get the github.event json and branch name in github Actions workflow scripts
Assuming you want to run checkmarx scan on any push event to make sure the codes committed do not have major secruity concerns. You can set up a workflow like below:
name: Trigger Checkmarx Scan Workflow
on:
push:
branches-ignore:
- main
- master
- develop
jobs:
checkmarxscan:
runs-on: linux
steps:
- name: Trigger Checkmarx Scan
env:
checkmarx_scan_webhook : yourwebhookjenkinsjoburl=&checkmarxProjectId=
project_name: yourcheckmarxprojectname
GITHUB_EVENT: ${{ toJson(github.event) }}
BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
run: |
curl -X POST "${checkmarx_scan_webhook}${project_name}&branchName=$BRANCH_NAME" -H 'Content-Type: application/json' -d "$GITHUB_EVENT"
use branches-ignore
I used branches-ignore
to let this action will be triggered on any branch except the branches ignored.
json github.event
first set github.event to env.
GITHUB_EVENT: ${{ toJson(github.event) }}
and then use it in the run command.
-d "$GITHUB_EVENT"
make sure you use double quotes "
and $
to read it, otherwise you will get error.
get branch name
by default, the github.event does not include the branch name. but you can use below script to get the branch name and set it as env.
BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
And then pass it as query parameter in the webhook url.
&branchName=$BRANCH_NAME"
jenkins job as a webhook
from the curl command, it will send out the github.event as a json body and branchName as query. The json body and query will be resolved as variables in the runtime of the jenkins job and you can use them directly in the jenkins scripts.
After the workflow action is triggered successfully, it will print out the resolved variables as well. Check the resolvedVariables
in the console log of the action.
{"jobs":{"CheckMarxScan-FromWebhook":{"regexpFilterExpression":"","triggered":true,"resolvedVariables":{"branchName":"workflow/checkmarx-scan-onpush","branchName_0":"workflow/checkmarx-scan-onpush","checkmarxProjectId":"xxx","checkmarxProjectId_0":"xxxxxx","commits":"[{\"author\":{\"email\":\"xx@xx\",\"name\":\"Leng, Errong\",\"username\":\"Errong-Leng\"},\"committer\":{\"email\":\"noreply@github.com\",\"name\":\"GitHub\",\"username\":\"web-flow\"},\"distinct\":true,\"id\":\"e4b472116628a53f5b48caf10b2590d6e2602c7a\",\"message\":\"change job name\",\"timestamp\":\"2024-04-26T16:44:46-07:00\",\"tree_id\":\"d5e94f1955254c2612d37aeb6e72fd5e3ddc2efb\",\"ur
...
This will help you set up the jenkins job scripts as well.
Happy Debugging and Codding!