When you install this app and run setup actions during installation, it will
- Create a dedicated Slack channel to inform your team when there is a new commit in your main branch.
- Create new Slack channel when a new PR is opened and invite relevant users into the channel.
- Send **actionable** message to PR Slack channel when your CI tests complete, reviewer is assigned to pull request, comment is added, pull request approved & merged in GitHub. Users will be able to take actions directly from the Slack message to approve & merge the PR and start the deployment.
When the deployment starts, we inform the user about the progress i.e. deployment started, completed/failed etc.
This app utilizes GitHub API and listens GitHub events along with AWS CodeDeploy events.
We listen CodeDeploy events to keep track of the deployment progress which integrates with AWS ECS service that we use for our deployments.
*It is not mandatory to use CodeDeploy to use this app.*
**Installation Guide**
1. Run following setup actions when you install the app.
1. Run "Create Webhook in GitHub" action. It will copy "GitHub Events Listener" Workflow URL to your GitHub account's webhook page under settings to listen "**Pull requests**", "**Pull request reviews**", "**Workflow Runs**", "**Check Suites**" events.
2. Run "Send Onboarding Message" action. It will send an onboarding message to the selected Slack channel for other developers to get started to use this app.
3. *(Optional)* Run "Add Repository Deployment Mapping" action for each GitHub repository that you will use this app with for deployments as well. If you will not make any release/deploy with any repository, you can skip this step.
4. *(Optional)* Run "Add AWS Account Mapping" action for each AWS account that you will use this app with.
2. *(Optional)* Go to AWS Console. Open EventBridge. Create a new rule. Enter a name for your rule and select *default* as **event bus**. Select *Rule with an event pattern* and then hit next. Select *AWS events or EventBridge partner events* as **event source**. In the **Event pattern** section select *Custom patterns(JSON editor)* and paste the following event pattern and click next.
`{
"source": ["aws.codedeploy"],
"detail-type": ["CodeDeploy Deployment State-change Notification"]
}`
Select *EventBridge API destination* as the target type and create a new *Create a new API destination*. Copy "ECS Service Deployment State Event Listener" Workflow URL to **API destination endpoint** field. Select *POST* as **HTTP method**. Select *Create a new connection* in **Connection** section.
Select *API Key* as **Authorization type**. Enter *Test* as API key name and value. Select *Create a new role for this specific resource* as **Execution role** and click next and finish the steps then click **Create rule**.
Workflows
GitHub Events Listener
Listen GitHub events i.e. pull request is assigned, approved, merged, check suites started/completed, workflow triggered/completed.
Add review
This action allows you to Approve or Submit comment or Request changes for a selected pull request. When it's successfully executed, you can easily access the pull request.
Release & Deploy
Start the release & deployment for the selected repository according to repository & deployment mapping. You need to run "Add Repository Deployment Mapping" action for the selected repository to run this action.
Onboard User to App
When a new user joins to GitHub updates channel, send instructions how to use this app.
Add AWS account mapping
Map your AWS account id - name pair so that deployment messages show environment information when a deployment is started when ECS deployment event is received.
Add repository deployment mapping
Define deployment GitHub action mapping per repository if there is any. If you will not make any release/deploy with the repository, you do not need to run this setup action.
Merge pull request
Run this action to merge pull requests into a base branch. You can directly Create a merge commit or Squash and merge or Rebase and merge.
Create webhook in GitHub
Create webhok in GitHub for selected repository for GitHub workflow in this app.
Onboard New Users
When a new user joins to GitHub updates channel, send instructions how to use this app.
Setup Slack channel
This action creates a new Slack channel and sends a Slack message to help your team to connect their GitHub accounts quickly containing instructions to get started using this app. This channel will be used when new commits are pushed to main branch of tracked repositories with this app.
Check suite completed
When a pull request is approved, this action is triggered via GitHub pull request event listener workflow.
ECS Service Deployment State Event Listener
Listen ECS service deployment state events
Send message when discussion comment is added
This action automatically sends a message to the dedicated pull request channel, when a comment is added to pull request.
Security & Compliance
Privacy & data governance
Data retention policy
For the most up to date policy information, always refer to: https://actioner.com/privacy-policy , https://actioner.com/gdpr and https://actioner.com/security. How long we keep your data prior to the deletion of data or termination of the contract between the customer and Actioner depends on the type of data, as described in further detail below:
Account data: Personal data that relates to customers’ relationship with the Actioner, including your workspace details, user accounts and your billing information. We retain your account information for as long as your account is active. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about you.
Configuration data: Any configuration or personal data that is required by Actioner to be functional for the customer, such as (a) applications and their sub-configurations like workflows, documents or functions, (b) credentials, connections and integrations with the third party providers, (c) identity and access management related personal data. Actioner stores and processes configuration data for the permitted purposes until the customer elects to delete such configuration data via the service and the customer is solely responsible for deleting configuration data.
Usage data: (a) Inputs, requests and form data provided by the end users or clients of the customer, (b) any data that is programmatically, periodically or automatically received through an integration of the customer, (c) any content stored as a result of processing a configuration data, (d) activity logs used to identify the source of service requests. Actioner deletes any stored usage Data sixty (60) days after the data is produced.
Data archiving and removal policy
For the most up to date policy information, always refer to: https://actioner.com/privacy-policy , https://actioner.com/gdpr and https://actioner.com/security. Whenever a user account is deleted by a workspace admin, Actioner automatically deletes all data stored within the context of the deleted user account like profile information and the credentials / connections for the third party integrations. Whenever an app is deleted by an app admin, Actioner automatically deletes all data stored within the context of the app like tables, records, workflow, docs, files, etc. Whenever the workspace deletion is initiated by a workspace admin, Actioner automatically deletes all data stored within the context of workspace after a waiting period of 72 hours. After the waiting period, the deletion may take up to 10 days after the termination effective date. When any data is deleted, the archived copy of the data on Actioner’s backup systems will remain for 30 days and the backup data will be securely isolated and protected from any further processing, except as otherwise required by applicable law or regulation.
Data storage policy
At Actioner, ensuring the security of our users' data is paramount. To this end, we employ robust cryptography policies and practices. All data stored within our systems is encrypted at rest using the AES256 encryption standard, providing an additional layer of protection against unauthorized access. Furthermore, we uphold strict encryption standards for data in transit, both within our internal networks and over public channels. All data transmissions utilize TLS1.2 or higher encryption protocols, safeguarding information from interception or tampering. In terms of cryptographic key management, we rely on the AWS Key Management Service (KMS) for secure and controlled handling of cryptographic keys. This includes secure key generation, restricted access, secure storage, regular backups, and periodic rotation of keys. Our integration with AWS services streamlines the encryption process and enhances control over access to keys, thereby bolstering the overall security of our platform.We operate a comprehensive backup program at Actioner. This includes our internal systems, where our backup measures are designed in line with system recovery requirements. With respect to our cloud services, and specifically referring to you and your application data, we also have extensive backup measures in place. Our data backups are retained for 30 days with support for point-in-time recovery and are encrypted using AES-256 encryption.
Data center location(s)
United States
Data hosting details
Actioner is a cloud-native product whose infrastructure is hosted on industry-leading cloud provider Amazon Web Services (AWS). Actioner cloud services and data are hosted on Amazon Web Services (AWS). Where all our computing, messaging, network, and storage layers are located in the US West, our browser application is distributed via our CDN network all over the world. As a design standard, all Actioner services as well as the upstream computing, messaging, network and storage services are running on multiple availability zones (AZs) so that the traffic and the data are distributed among them. This design allows us to tolerate zone-specific failures with no downtime. This multi-zone high availability is the first line of defense for geographic and environmental risks and means that services running in multi-AZ deployments should be able to withstand AZ failure.
Data hosting company
Amazon Web Services (AWS)
App/service has sub-processors
Yes
Guidelines for sub-processors
Certifications & compliance
SOC attestation
Privacy policy
GDPR commitment
Data deletion request procedure
Security
Supports Single Sign On (SSO) with the following providers
Google, Slack, Okta
Supports Security Assertion Markup Language (SAML)
No
Has a dedicated security team
Yes
Contact for security issues
Has a vulnerability disclosure program
Yes
Vulnerability disclosure program URL
Vulnerability disclosure program covers Slack app
Yes
Has a bug bounty program
Yes
Bug bounty program URL
Requires third party authorization/connections
No
Third party services used by this app
Uses token rotation
No
Contributors
Actioner
.png){kind=spacer}
