{"id":19359223,"url":"https://github.com/opslevel/report-deploy-github-action","last_synced_at":"2025-10-20T11:05:40.505Z","repository":{"id":41845826,"uuid":"378480876","full_name":"OpsLevel/report-deploy-github-action","owner":"OpsLevel","description":"Github Action to Report Deploy to OpsLevel","archived":false,"fork":false,"pushed_at":"2025-08-18T08:15:42.000Z","size":138,"stargazers_count":4,"open_issues_count":2,"forks_count":8,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-08-24T14:45:43.807Z","etag":null,"topics":["actions","deployment","github-actions"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OpsLevel.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2021-06-19T18:34:33.000Z","updated_at":"2025-03-07T20:20:36.000Z","dependencies_parsed_at":"2024-02-20T18:27:03.625Z","dependency_job_id":"1f651099-8c43-4ad5-9b3a-e794fe845b7d","html_url":"https://github.com/OpsLevel/report-deploy-github-action","commit_stats":null,"previous_names":[],"tags_count":16,"template":false,"template_full_name":null,"purl":"pkg:github/OpsLevel/report-deploy-github-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpsLevel%2Freport-deploy-github-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpsLevel%2Freport-deploy-github-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpsLevel%2Freport-deploy-github-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpsLevel%2Freport-deploy-github-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OpsLevel","download_url":"https://codeload.github.com/OpsLevel/report-deploy-github-action/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpsLevel%2Freport-deploy-github-action/sbom","scorecard":{"id":105740,"data":{"date":"2025-08-11","repo":{"name":"github.com/OpsLevel/report-deploy-github-action","commit":"4fe798592dcc769f898f87a7e9e0239ced1ef999"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.4,"checks":[{"name":"Code-Review","score":5,"reason":"Found 15/28 approved changesets -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: topLevel 'contents' permission set to 'write': .github/workflows/changie-gen.yml:9","Info: topLevel 'pull-requests' permission set to 'read': .github/workflows/changie-gen.yml:10","Warn: topLevel 'contents' permission set to 'write': .github/workflows/release.yml:10","Warn: no topLevel permission defined: .github/workflows/security.yml:1","Warn: no topLevel permission defined: .github/workflows/test.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/changie-gen.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/OpsLevel/report-deploy-github-action/changie-gen.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/OpsLevel/report-deploy-github-action/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/OpsLevel/report-deploy-github-action/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/OpsLevel/report-deploy-github-action/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/OpsLevel/report-deploy-github-action/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/OpsLevel/report-deploy-github-action/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/security.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/OpsLevel/report-deploy-github-action/security.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/OpsLevel/report-deploy-github-action/test.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/OpsLevel/report-deploy-github-action/test.yml/main?enable=pin","Warn: containerImage not pinned by hash: with-docker/Dockerfile:1: pin your Docker image by updating public.ecr.aws/opslevel/cli:v2024.10.11 to public.ecr.aws/opslevel/cli:v2024.10.11@sha256:8ae664bec457cad18b7462311adc62ed18b2fb75bd877f4e0a2382f1c5ede15e","Warn: goCommand not pinned by hash: .github/workflows/release.yml:42","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   5 third-party GitHubAction dependencies pinned","Info:   0 out of   1 containerImage dependencies pinned","Info:   0 out of   1 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:13"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 17 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-15T11:04:22.287Z","repository_id":41845826,"created_at":"2025-08-15T11:04:22.287Z","updated_at":"2025-08-15T11:04:22.287Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":280080707,"owners_count":26268354,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-20T02:00:06.978Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["actions","deployment","github-actions"],"created_at":"2024-11-10T07:14:25.405Z","updated_at":"2025-10-20T11:05:40.459Z","avatar_url":"https://github.com/OpsLevel.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003e [!IMPORTANT]  \n\u003e This repo and action is deprecated - OpsLevel now natively pulls in deploys based on your usage of Github deploy environments and setting up the [Github integration](https://docs.opslevel.com/docs/github-integration).  \n\n\n[![Overall](https://img.shields.io/endpoint?style=flat\u0026url=https%3A%2F%2Fapp.opslevel.com%2Fapi%2Fservice_level%2FtxxR0lvVSM0hcjQ9Nuig3F0jxjsS7F7Opeq2tTZ7rT0)](https://app.opslevel.com/services/report_deploy_github_action/maturity-report)\n\n# OpsLevel - Report Deploy Github Action\n\nThis action emits a deploy event for service to OpsLevel.  We have configured it with sane defaults so you should only have to specify `integration_url` and `service`.  `environment` defaults to `production` so if you want to track deploys from other environments you'll want to specify that too.\n\n## Example usage - uses OpsLevel CLI directly\n\n```yaml\njobs:\n  deploy:\n    steps:\n      - name: Checkout\n        uses: actions/checkout@v4\n      - name: Report Deploy using OpsLevel CLI\n        uses: OpsLevel/report-deploy-github-action@v3.0.0\n        with:\n          integration_url: ${{ secrets.DEPLOY_INTEGRATION_URL }}\n          service: \"my-service\"\n```\n\n## Example usage - uses Docker image\n\n```yaml\njobs:\n  deploy:\n    steps:\n      - name: Checkout\n        uses: actions/checkout@v4\n      - name: Report Deploy using Docker\n        uses: OpsLevel/report-deploy-github-action/with-docker@v3.0.0\n        with:\n          integration_url: ${{ secrets.DEPLOY_INTEGRATION_URL }}\n          service: \"my-service\"\n```\n\n## Inputs\n\n### `integration_url`\n\n**Required** The OpsLevel deploy integration url.\n\n### `service`\n\nThe service alias for the event - Default: `\u003cgithub_org_or_user_name\u003e/\u003crepository_name\u003e`\n\nIf the repository has an `./opslevel.yml` file the service name will get pulled from it.\n\n### `description`\n\nThe description or release notes for the event - Default: \"Event Created by ${{ github.workflow }}\"\n\n### `environment`\n\nThe environment for the event - Default: \"production\"\n\n### `number`\n\nThe deploy number for the event - Default: `${{ github.run_number }}`\n\n### `deployer_name`\n\nThe deployer name who created the event - Default: `${{ github.actor }}`\n\n### `deployer_email`\n\nThe deployer email who create the event - Default: \"\"\n\n### `deploy_url`\n\nThe deploy url that OpsLevel points to - Default: `${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}`\n\n### `deduplication_id`\n\nAn identifier that can be used to deduplicate deployments - Default: `${{ github.run_id }}`\n\n## Reporting Deploy with Docker or OpsLevel CLI\n\nThis action can be run using either Docker or the OpsLevel CLI, both have identical inputs and behave identically.\n\nTo report deploys to OpsLevel with the OpsLevel CLI based Github Action (default), add `uses: OpsLevel/report-deploy-github-action@v3.0.0` to your workflow.\n\nTo report deploys to OpsLevel with the Docker based Github Action, add `uses: OpsLevel/report-deploy-github-action/with-docker@v3.0.0` to your workflow.\n\nFor Github workflows operating within intentional constraints, perhaps where building public Docker images is not\nan option, it may be preferable to use the default OpsLevel CLI.\n\n## Overriding Defaults Example\n\nIf you want to add the git commit author as the deployer\n\n```yaml\njobs:\n  deploy:\n    steps:\n      - name: Checkout\n        uses: actions/checkout@v4\n      - name: Get Deployer\n        id: deployer\n        run: |\n          DEPLOYER=$(git show -s --format='%ae')\n          echo \"DEPLOYER=${DEPLOYER}\" \u003e\u003e $GITHUB_OUTPUT\n      - name: Report Deploy\n        uses: OpsLevel/report-deploy-github-action@v3.0.0\n        with:\n          integration_url: ${{ secrets.DEPLOY_INTEGRATION_URL }}\n          service: \"my-service\"\n          deployer_email: ${{ steps.deployer.outputs.DEPLOYER }}\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopslevel%2Freport-deploy-github-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopslevel%2Freport-deploy-github-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopslevel%2Freport-deploy-github-action/lists"}