SMS Alerts for GitHub Actions

Speaker: Rishab Kumar

Summary

Rishab Kumar, a Developer Evangelist at Twilio, shares their insights on implementing SMS alerts for GitHub actions during an informative talk. Their presentation primarily focuses on using GitHub Actions for build and CI/CD tasks due to its efficient cost structure. However, Rishab points out a feature gap: the platform lacks the capability for SMS alerts or phone calls. To address this, they demonstrate how to configure SMS alerts in a manner akin to enterprise tooling such as OpsGenie or PagerDuty. The talk is enriched by a hands-on demo showcasing the set-up process on Twilio and VS Code, as well as providing a GitHub actions workflow file example. Lastly, Rishab highlights the utility of these alerts in real-world scenarios, emphasizing their usefulness for maintaining personal projects or managing open-source contributions.

Transcription

So welcome to my talk, and this is the last one. So it's the last finale, and then everyone can rest. My talk is on SMS alerts for GitHub actions. Because I have a lot of projects, as you might also have on GitHub, and I use GitHub actions for most of the builds and CI/CD part of, you know, the DevOps space. Because it's free up to certain hours, and I never run out of that free tier. So yeah, I use GitHub actions for CI/CD. The only thing it's missing is text alerts or SMS alerts or even phone calls. I don't know how we would do that. I've only configured SMS alerts just like any of the enterprise you know, tooling available like OpsGenie or PagerDuty.

So you might be wondering who I am. So I am Rishab Kumar. I am a developer evangelist at Twilio. And I have recently started teaching cloud as a part-time professor at a local college in Canada. And I'm also an AWS Community Builder. Which means you'll see me talking about the AWS cloud often. And that's about me. And I'll have the slide again, so you can connect with me later. But moving on, these are the tools we will be using today.

So GitHub actions, you write YAML files, and that's why we need to have YAML here. And then GitHub actions itself, Twilio, and VS Code, which is my go-to code editor. Okay, so I wanted to make this short because, you know, this is the last talk.

You have to sign up for a Twilio account, and you can do that here. You get, I think, $10 or $15 worth of credits. You need to get a number, and you also have to create an API key. I'll just show the slides on how to do that rather than me going into the console. So this is how it would look like once you sign up. You can look up the phone numbers that you want in any of the local areas that you are in.

So, in my case, you know, Ontario works best for me. And then, you, after signing up for the number, this is the important part. So you have your account SID, and that's why I have blanked it out, or blacked it out. And that's how we will communicate with Twilio's API. And we also need a secret key, which you can get by going into the account settings. And if you go under Keys and Credentials, you can generate a new key. So, you can see I have a GitHub actions key that's available to use for today's demo. Okay, so now it's the VS Code part, where we will update our, you know, the YAML file. So, let me zoom in.

Okay, so I've done a bit of a hack here too, and I won't be writing the YAML. I'll just do a Command Z, because the YAML was already present. And I'll just go over the chunks of the code and tell you what it does. Okay, so this is the workflow file. It can sit under .github directory in Workflows. And you can name it whatever you want. In my case, it's test.yaml, since we'll be testing the CI/CD setup.

So, you have an 'on' property in this YAML file, which tells when to trigger this GitHub workflow. So, for me, right now, it only triggers when there is a new push or when there is a new pull request on my GitHub repository. So, the next chunk is, I needed a trigger where I can do this manually. So, I just added 'workflow dispatch.' So, this is the flag that you need to use if you want the ability to trigger the GitHub actions manually using a button.

Okay, moving on, jobs is how you define... so a workflow run is made up of one or more jobs, and you can run them sequentially or in parallel. So, we'll see how we can configure jobs going further. So, in my case, since this is a demo, we'll only have one single job that is the build job, which will help us build our app. And then, it runs on the Ubuntu latest, you know, runner. So, you can have different runtimes based on whatever your app is and what your preferences are. I'll run this on Ubuntu.

Okay, and then your jobs contain steps, which are basically tasks you need that job to perform in a sequential order. And in my case, it uses the latest, you know, GitHub actions. And that's just the basic property that comes with GitHub. Access, you can use the latest or a specific version of GitHub actions.

So, right now, I have my first step, which is to run a one-line script. So, I think I can take this out. Yeah. So, I have uh, the name of the step itself, which is 'run a one line script.' And the 'Run' command is 'Echo hello world.' So, it just says 'hello world' in the output. And also, I've set the exit status to 1, which is me asking it to fail on purpose. So that I can show you the demo on how I will receive the text message.

Okay, so the next step is 'build alerts,' and this is what the demo is about. So, you can see there is a flag here that 'if failure' happens, only then this step will run and you'll see the next code bit here. Okay, so this is where I use Twilio Labs action that's available on the GitHub actions Marketplace. It's, you know, kind of free to use. You just have to configure the Twilio account and get some credits that, as I said in the beginning, you get $15 to spend.

Okay, and now we define some properties for our phone numbers, which I don't want to disclose, and that's why I'm storing them as secrets in my GitHub action. So, you know, just like your environment variables, you can have other secrets and in my case, I didn't want to disclose my personal number, which I'll be showing, how you receive a text message. And also, my 'from' number, because, you know, there are too many spammers, and I don't want to be part of any scams.

And then we also include the message itself. So, I needed to know when the CI/CD pipeline for my personal website fails. Like, why did it fail? On which commit or which pull request did it fail? So all of my blog site, my personal site, they're all on GitHub and use GitHub action. So it includes some variables that are available from GitHub itself. So, github.job will tell, like, which job failed and also tells you what is the status of that job, including the GitHub repository.

And then, talking about secrets, we also have some other secrets, like environment variables. So, this is where your Account SID comes into play. And also the API key and the secret that we created in the earlier slides come in handy, so that is the entire YAML file that I'll show you real quick here if I can go back to my browser window.

Okay, so coming to GitHub, let me zoom in. As you can see, there is a tab called Actions, and this is where all the CI/CD magic happens with the help of GitHub Actions. And you can see, I already have a Test CI/CD step which we just created using YAML. So I have a manual button that can allow me to trigger this workflow, so I'll run that right now.

And now we just have to wait for the GitHub action to run and fail, because we set the exit status code to 1 on purpose. Okay, so you can see, the process completed with an exit code 1, which means it failed. And if I check my cell phone, I should have received a text message saying, you know there we go. So I don't - you cannot see it because it's too small, but I'll show you the screenshot. But I have got a text from my Twilio number saying 'build job of Richard Kumar seven slash whatever the repo is, has failed,' and the reason why it failed, on the commit message. So that was the demo.

And going back to the slides itself, this is how it looks like in action. So I get a text saying, you know, 'the build job has failed,' and we receive SMS for our SMS alerts, just like PagerDuty or OpsGenie, or any of the other Enterprise tools that you might be using probably some sense, that cost for the Twilio stuff that I have configured.

So yeah, we have SMS alert with Twilio for GitHub Actions working. And I wanted to achieve that for any of my personal projects, so that I'm aware that if there is an open source contributor who created a pull request and the code was Mars, and it - if the deployment failed, I needed to get a text message, and not just the email that GitHub offers.

And then, once you talk, so you can connect with me on Twitter, GitHub, Instagram, LinkedIn. That's the QR code that you can scan, and I have also written a blog post in regards to this whole demo, so you can, you know, go home and practice, have it on your own personal projects, and that's available on that URL.

So I'll open it up for any questions, but I know since this is the last talk, and if anybody wants to, you know, run for the ending ceremony, which I think is in few minutes but yeah, that was my talk.

Oh, okay. I just want to know what - what the cost is per transaction or tax. Sure. So, oh, so it - the number itself cost me a dollar a month and then it's five cents, and it depends on the region. So I'm based out of Canada, that's what it cost me. And usually, I'm really good with the practice of, you know, not making breaking changes to my repositories, so I don't get a lot of alerts. But it totally depends on, you know, how many breaking changes have been merged on the CI/CD action.

Yes, and then you - you can obviously have some kind of rate limiting that if the last action failed, don't run the CI/CD pipeline again.

Any - any other questions asked?

Yeah, so for every conference I get, you know, a few dollars to spend on cool demos. Yeah, I used to do one where, you know, you text in and you get a reply, but that in the end, I would Rickroll people, because now I have everyone's number. Yeah.

What other applications that you demonstrated?

I see. So I think especially with Verify, so you're familiar with - so I do a bunch of open source stuff for cloud and devops, and we were trying to integrate our two-factor library that's available from Twilio to log in and stuff, into the portals that we have created for either any of the websites that I'm building. Yeah, yeah, so it really helps there because it's pretty easy. Otherwise, like, I - I'm not a security expert, so I don't even know like how to start with authentication, but you know, two-factor is pretty much like, yes, you have to. Yeah, so, yeah, awesome.

So we don't have any more questions, I'll let you go, and I would love to have some mimosas too.

© Civo 2024. All rights reserved.