An open API service indexing awesome lists of open source software.

https://github.com/nerve-ink/nerveops-action

GitHub Action for encrypted NerveOps CI/CD signals
https://github.com/nerve-ink/nerveops-action

alerts cicd devops encrypted-alerts github-actions iphone ops

Last synced: about 12 hours ago
JSON representation

GitHub Action for encrypted NerveOps CI/CD signals

Awesome Lists containing this project

README

          

# NerveOps GitHub Action

Send encrypted CI/CD signals from GitHub Actions to NerveOps.

[Website](https://nerve.ink) · [App Store](https://apps.apple.com/us/app/nerveops/id6778026992) · [Google Play](https://play.google.com/store/apps/details?id=ink.nerve.app&pcampaignid=web_share) · [CLI](https://github.com/nerve-ink/nerve-cli)

This action is a thin wrapper around [`nerve send`](https://github.com/nerve-ink/nerve-cli).
It installs the public Nerve CLI, encrypts the message locally with your sender
DSN, and sends ciphertext to the Nerve relay.

## Start with failure alerts

1. Install NerveOps from the
[App Store](https://apps.apple.com/us/app/nerveops/id6778026992) or
[Google Play](https://play.google.com/store/apps/details?id=ink.nerve.app&pcampaignid=web_share).
2. Create a pipe in the NerveOps app.
3. Open pipe setup.
4. Copy the sender DSN.
5. Store it as a repository or organization secret named `NERVE_DSN`.
6. Add this step after your build/test/deploy steps:

```yaml
- name: Notify NerveOps on failure
if: failure()
uses: nerve-ink/nerveops-action@v1
with:
dsn: ${{ secrets.NERVE_DSN }}
title: CI failed
severity: critical
message: |
FAILED: ${{ github.repository }}
ref: ${{ github.ref_name }}
sha: ${{ github.sha }}
run: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
```

## Deploy notification

```yaml
- name: Notify NerveOps
uses: nerve-ink/nerveops-action@v1
with:
dsn: ${{ secrets.NERVE_DSN }}
title: Backend Deploy
severity: standard
message: |
deploy ${{ job.status }}
repo: ${{ github.repository }}
sha: ${{ github.sha }}
run: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
```

## Inputs

| Input | Required | Default | Description |
| --- | --- | --- | --- |
| `dsn` | yes | | Sender DSN copied from the NerveOps app. Use a GitHub secret. |
| `message` | no | GitHub Actions summary | Signal body. Keep it short. |
| `title` | no | `GitHub Actions` | Short title shown in NerveOps clients. |
| `severity` | no | `standard` | `standard`, `alert`, or `critical`. |
| `kind` | no | `alert` | Signal kind metadata. |
| `install-url` | no | `https://nerve.ink/install.sh` | Nerve CLI installer URL. |

## Security boundary

Use a sender DSN for GitHub Actions. A sender DSN can send into one pipe, but it
cannot read history, decrypt content, connect as an agent, or execute commands.

Do not send full logs or secrets. Send short operational context: repository,
branch/environment, status, commit SHA, and run URL.

## When not to use this action

Do not use this action as a monitoring platform, chat system, or remote command
runner. It is for one-way encrypted operational signals.

For signed actions on a machine you control, use
[`nerve-agent`](https://github.com/nerve-ink/nerve-agent) explicitly.