I'm trying to write a slack notification bot to trigger off of GitHub pull requests, but I'm running into a sanitization issue
I have an action defined as follows
name: slack-notification
on:
pull_request:
types: [closed]
jobs:
slack-notifications:
runs-on: ubuntu-latest
steps:
- name: Send message to slack
id: slack
uses: slackapi/slack-github-action@v1.18.0
with:
payload: |
{
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "${{ github.event.pull_request.title }}"
}
}
]
}
This works great when the pull_request title is normal. However, if it includes rich text formatting, or anything that would break the JSON (think quotes, etc), the process fails. How do I sanitize to avoid this?
Try using toJSON to do the quoting
payload: |
{
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": ${{ toJSON(github.event.pull_request.title) }}
}
}
]
}