A GitHub Action to send a message to a Slack channel.
You can use this action after any other action. Here is an example setup of this action:
- Create a
.github/workflows/slack-notify.ymlfile in your GitHub repo. - Add the following code to the
slack-notify.ymlfile.
on: push
name: Slack Notification Demo
jobs:
slackNotification:
name: Slack Notification
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Slack Notification
uses: step-security/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}- Create
SLACK_WEBHOOKsecret using GitHub Action's Secret. You can generate a Slack incoming webhook token from here.
By default, action is designed to run with minimal configuration but you can alter Slack notification using following environment variables:
| Variable | Default | Purpose |
|---|---|---|
| SLACK_CHANNEL | Set during Slack webhook creation | Specify Slack channel in which message needs to be sent |
| SLACK_USERNAME | rtBot |
Custom Slack Username sending the message. Does not need to be a "real" username. |
| SLACK_MSG_AUTHOR | $GITHUB_ACTOR (The person who triggered action). |
GitHub username of the person who has triggered the action. In case you want to modify it, please specify correct GitHub username. |
| SLACK_ICON |  |
User/Bot icon shown with Slack message. It uses the URL supplied to this env variable to display the icon in slack message. |
| SLACK_ICON_EMOJI | - | User/Bot icon shown with Slack message, in case you do not wish to add a URL for slack icon as above, you can set slack emoji in this env variable. Example value: :bell: or any other valid slack emoji. |
| SLACK_COLOR | good (green) |
You can pass ${{ job.status }} for automatic coloring or an RGB value like #efefef which would change color on left side vertical line of Slack message. Other valid values for this field are: success, cancelled or failure. |
| SLACK_LINK_NAMES | - | If set to true, enable mention in Slack message. |
| SLACK_MESSAGE | Generated from git commit message. | The main Slack message in attachment. It is advised not to override this. |
| SLACK_TITLE | Message | Title to use before main Slack message. |
| SLACK_FOOTER | Powered By step-security's GitHub Actions Library | Slack message footer. |
| MSG_MINIMAL | - | If set to true, removes: Ref, Event, Actions URL and Commit from the message. You can optionally whitelist any of these 4 removed values by passing it comma separated to the variable instead of true. (ex: MSG_MINIMAL: event or MSG_MINIMAL: ref,actions url, etc.) |
| SLACKIFY_MARKDOWN | - | If set to true, it will convert markdown to slack format. (ex: *bold* to bold) Note: This only works for custom messages and not for the default message generated by the action. Credits: slackify-markdown-action |
| SLACK_THREAD_TS | - | If you want to send message in a thread, you can pass the timestamp of the parent message to this variable. You can get the timestamp of the parent message from the message URL in Slack. (ex: SLACK_THREAD_TS: 1586130833.000100) |
| SLACK_TOKEN | - | If you want to send message to a channel using a slack token. You will need to pass a channel in order to send messages using token, requiring a value for SLACK_CHANNEL. Note that in case both webhook url and token are provided, webhook url will be prioritized. |
| SLACK_MESSAGE_ON_SUCCESS | - | If set, will send the provided message instead of the default message when the passed status (through SLACK_COLOR) is success. |
| SLACK_MESSAGE_ON_FAILURE | - | If set, will send the provided message instead of the default message when the passed status (through SLACK_COLOR) is failure. |
| SLACK_MESSAGE_ON_CANCEL | - | If set, will send the provided message instead of the default message when the passed status (through SLACK_COLOR) is cancelled. |
| SLACK_CUSTOM_PAYLOAD | - | If you want to send a custom payload to slack, you can pass it as a string to this variable. This will override all other variables and send the custom payload to slack. Example: SLACK_CUSTOM_PAYLOAD: '{"text": "Hello, World!"}', Note: This payload should be in JSON format, and is not validated by the action. |
| SLACK_FILE_UPLOAD | - | If you want to upload a file to slack, you can pass the file path to this variable. Example: SLACK_FILE_UPLOAD: /path/to/file.txt. Note: This file should be present in the repository, or github workspace. Otherwise, should be accessable in the container the action is running in. |
| ENABLE_ESCAPES | - | If set to true, will enable backslash escape sequences such as \n, \t, etc. in the message. Note: This only works for custom messages and not for the default message generated by the action. |
You can see the action block with all variables as below:
- name: Slack Notification
uses: step-security/action-slack-notify@v2
env:
SLACK_CHANNEL: general
SLACK_COLOR: ${{ job.status }} # or a specific color like 'good' or '#ff00ff'
SLACK_ICON: https://github.com/step-security.png?size=48
SLACK_MESSAGE: 'Post Content :rocket:'
SLACK_TITLE: Post Title
SLACK_USERNAME: step-security
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}This GitHub action supports Hashicorp Vault.
To enable Hashicorp Vault support, please define following GitHub secrets:
| Variable | Purpose | Example Vaule |
|---|---|---|
VAULT_ADDR |
Vault server address | https://example.com:8200 |
VAULT_TOKEN |
Vault token | s.gIX5MKov9TUp7iiIqhrP1HgN |
You will need to change secrets line in slack-notify.yml file to look like below.
on: push
name: Slack Notification Demo
jobs:
slackNotification:
name: Slack Notification
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Slack Notification
uses: step-security/action-slack-notify@v2
env:
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }}GitHub action uses VAULT_TOKEN to connect to VAULT_ADDR to retrieve slack webhook from Vault.
In the Vault, the Slack webhook should be setup as field webhook on path secret/slack.
MIT © 2022 rtCamp Copyright (c) 2025 StepSecurity