Skip to content

Commit

Permalink
Merge pull request #1 from step-security/release
Browse files Browse the repository at this point in the history
chore: initial release
  • Loading branch information
shubham-stepsecurity authored Jun 19, 2024
2 parents 18752cc + c6939fd commit 112e9f3
Show file tree
Hide file tree
Showing 13 changed files with 32,542 additions and 1 deletion.
24 changes: 24 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
version: 2
updates:
- package-ecosystem: npm
directory: "/"
schedule:
interval: daily
time: "04:00"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
ignore:
- dependency-name: nodemailer
versions:
- 6.4.18
- 6.5.0
- 6.6.0
- package-ecosystem: github-actions
directory: "/"
schedule:
interval: daily
time: "04:00"
pull-request-branch-name:
separator: "-"
open-pull-requests-limit: 10
21 changes: 21 additions & 0 deletions .github/workflows/actions_release.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
name: Release GitHub Actions

on:
workflow_dispatch:
inputs:
tag:
description: "Tag for the release"
required: true

permissions:
contents: read

jobs:
release:
permissions:
actions: read
id-token: write
contents: write
uses: step-security/reusable-workflows/.github/workflows/actions_release.yaml@v1
with:
tag: "${{ github.event.inputs.tag }}"
76 changes: 76 additions & 0 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
name: Test action

on:
push:
branches:
- main
paths-ignore:
- README.md
workflow_dispatch:

jobs:
main:
runs-on: ubuntu-latest
strategy:
max-parallel: 1
matrix:
include:
- subject: Plain body (attachment)
attachments: action.yml
body: |
first line
second line
- subject: HTML body (attachments)
attachments: package.json,package-lock.json
html_body: |
<!DOCTYPE html>
<html>
<body>
<h1>Heading</h1>
<p>Paragraph</p>
</body>
</html>
- subject: file://testdata/subject.txt
convert_markdown: true
body: file://README.md
- subject: HTML body (Markdown)
convert_markdown: true
html_body: file://README.md
- subject: Multipart body (Markdown)
convert_markdown: true
body: file://README.md
html_body: file://README.md
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Send mail
uses: ./
with:
server_address: ${{secrets.ADDRESS}}
server_port: 465
username: ${{secrets.USERNAME}}
password: ${{secrets.PASSWORD}}
subject: ${{matrix.subject}}
body: ${{matrix.body}}
html_body: ${{matrix.html_body}}
to: ${{github.event.pusher.email}}
from: github-actions
attachments: ${{matrix.attachments}}
convert_markdown: ${{matrix.convert_markdown}}
priority: high

url-test:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Send mail
uses: ./
with:
connection_url: smtp+starttls://${{secrets.USERNAME}}:${{secrets.PASSWORD}}@${{secrets.ADDRESS}}/
subject: Plain body with connection_url
body: |
first line
second line
to: ${{github.event.pusher.email}}
from: github-actions
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
.idea
node_modules
23 changes: 23 additions & 0 deletions LICENSE
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
The MIT License (MIT)

Copyright (c) 2023 StepSecurity
Copyright (c) 2020 Dawid Dziurla


Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
83 changes: 82 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
@@ -1 +1,82 @@
# action-send-mail
# Send mail GitHub Action

An action that simply sends a mail to multiple recipients.

Some features:
- plain text body
- HTML body
- multipart body (plain text + HTML)
- Markdown to HTML converting (use `html_body`, not `body`)
- file attachments (supports globbing)


## Usage

```yaml
- name: Send mail
uses: step-security/action-send-mail@v3
with:
# Specify connection via URL (replaces server_address, server_port, secure,
# username and password)
#
# Format:
#
# * smtp://user:password@server:port
# * smtp+starttls://user:password@server:port
connection_url: ${{secrets.MAIL_CONNECTION}}
# Required mail server address if not connection_url:
server_address: smtp.gmail.com
# Server port, default 25:
server_port: 465
# Optional whether this connection use TLS (default is true if server_port is 465)
secure: true
# Optional (recommended) mail server username:
username: ${{secrets.MAIL_USERNAME}}
# Optional (recommended) mail server password:
password: ${{secrets.MAIL_PASSWORD}}
# Required mail subject:
subject: Github Actions job result
# Required recipients' addresses:
to: [email protected],[email protected]
# Required sender full name (address can be skipped):
from: Luke Skywalker # <[email protected]>
# Optional plain body:
body: Build job of ${{github.repository}} completed successfully!
# Optional HTML body read from file:
html_body: file://README.html
# Optional carbon copy recipients:
cc: [email protected],[email protected]
# Optional blind carbon copy recipients:
bcc: [email protected],[email protected]
# Optional recipient of the email response:
reply_to: [email protected]
# Optional Message ID this message is replying to:
in_reply_to: <[email protected]>
# Optional unsigned/invalid certificates allowance:
ignore_cert: true
# Optional converting Markdown to HTML (set content_type to text/html too):
convert_markdown: true
# Optional attachments:
attachments: attachments.zip,git.diff,./dist/static/*.js
# Optional priority: 'high', 'normal' (default) or 'low'
priority: low
# Optional nodemailerlog: true/false
nodemailerlog: false
# Optional nodemailerdebug: true/false if true lognodem will also be set true
nodemailerdebug: false
```
## Troubleshooting
### Gmail
Instead of using your normal Google password, use an App password.
1. [Enable 2-Step Verification.](https://support.google.com/accounts/answer/185839?hl=en&co=GENIE.Platform%3DAndroid).
This is needed to create an App password.
2. [Create an App password](https://support.google.com/accounts/answer/185833?hl=en) for `Mail`.

### Unauthenticated login (username/password fields)

The parameters `username` and `password` are set as optional to support self-hosted runners access to on-premise infrastructure. If
you are accessing public email servers make sure you provide a username/password authentication through [GitHub Secrets](https://docs.github.com/en/actions/reference/encrypted-secrets) to make the email delivery secure.
5 changes: 5 additions & 0 deletions SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
# Security Policy

## Reporting a Vulnerability

Please report security vulnerabilities to [email protected]
67 changes: 67 additions & 0 deletions action.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
name: Send email
description: Send an email to multiple recipients
branding:
icon: mail
color: blue
inputs:
connection_url:
description: Connection URL protocol://user:password@server:port, protocol can be smtp or smtp+starttls, replaces server_address, server_port, secure, username and password
server_address:
description: SMTP server address
server_port:
description: SMTP server port
default: "25"
secure:
description: Whether this connection use TLS (default is true if server_port is 465)
username:
description: Authenticate as this user to SMTP server
password:
description: Authenticate with this password to SMTP server
subject:
description: Subject of mail message
required: true
to:
description: Recipients mail addresses (separated with comma)
required: false
from:
description: Full name of mail sender (might be with an email address specified in <>)
required: true
body:
description: Body of mail message (might be a filename prefixed with file:// to read from)
required: false
html_body:
description: HTML body of mail message (might be a filename prefixed with file:// to read from)
required: false
cc:
description: Carbon copy recipients (separated with comma)
required: false
bcc:
description: Blind carbon copy recipients (separated with comma)
required: false
reply_to:
description: An email address that will appear on the Reply-To field
required: false
in_reply_to:
description: The Message-ID this message is replying to
required: false
ignore_cert:
description: Allow unsigned/invalid certificates
required: false
convert_markdown:
description: Convert body from Markdown to HTML (set content_type input as text/html too)
required: false
attachments:
description: Files that will be added to mail message attachments (separated with comma)
required: false
priority:
description: Set Priority level for the mail message to 'high', 'normal' (default) or 'low'
required: false
nodemailerlog:
description: Log option for nodemailer
required: false
nodemailerdebug:
description: Debug option for nodemailer
required: false
runs:
using: node20
main: "dist/index.js"
Loading

0 comments on commit 112e9f3

Please sign in to comment.