From 50b8d529f18ad49f881b2c3a96ccd61de2bba1e9 Mon Sep 17 00:00:00 2001
From: frederico leal <frederico.macielleal@iovlabs.org>
Date: Wed, 2 Oct 2024 20:14:30 +0200
Subject: [PATCH 1/4] Improving slack notification

---
 .github/workflows/rit.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/rit.yml b/.github/workflows/rit.yml
index b5d7612054..0b6d273972 100644
--- a/.github/workflows/rit.yml
+++ b/.github/workflows/rit.yml
@@ -142,7 +142,7 @@ jobs:
               "attachments": [
                 {
                   "color": "good",
-                  "text": "OK: :+1: *Pull request*: ${{ env.SAFE_BRANCH_NAME }} - [#${{ github.run_number }}] - (${{ env.BUILD_URL }}) - *Branches used* [rskj:`rsksmart#${{ env.RSKJ_BRANCH }}`] [fed:`${{ env.POWPEG_BRANCH }}`] [rootstock-integration-tests:`${{ env.RIT_BRANCH }}`]"
+                  "text": "OK: :white_tick: *Pull request*: ${{ env.SAFE_BRANCH_NAME }} - [#${{ github.run_number }} - *${{ github.event.pull_request.title }}*] - PR: ${{ github.event.pull_request.html_url }} - (${{ env.BUILD_URL }}) - *Branches used* [rskj:`rsksmart#${{ env.RSKJ_BRANCH }}`] [fed:`${{ env.POWPEG_BRANCH }}`] [rootstock-integration-tests:`${{ env.RIT_BRANCH }}`]"
                 }
               ]
             }
@@ -159,7 +159,7 @@ jobs:
               "attachments": [
                 {
                   "color": "danger",
-                  "text": "FAILED: :robot_face: *Pull request*: ${{ env.SAFE_BRANCH_NAME }} - [#${{ github.run_number }}] - (${{ env.BUILD_URL }}) - *Branches used* [rskj:`rsksmart#${{ env.RSKJ_BRANCH }}`] [fed:`${{ env.POWPEG_BRANCH }}`] [rootstock-integration-tests:`${{ env.RIT_BRANCH }}`]"
+                  "text": "FAILED: :x: *Pull request*: ${{ env.SAFE_BRANCH_NAME }} - [#${{ github.run_number }} - *${{ github.event.pull_request.title }}*] - PR: ${{ github.event.pull_request.html_url }} - (${{ env.BUILD_URL }}) - *Branches used* [rskj:`rsksmart#${{ env.RSKJ_BRANCH }}`] [fed:`${{ env.POWPEG_BRANCH }}`] [rootstock-integration-tests:`${{ env.RIT_BRANCH }}`]"
                 }
               ]
             }

From 374037d698cc025e675b9d5744fc526bef6c234c Mon Sep 17 00:00:00 2001
From: frederico leal <frederico.macielleal@iovlabs.org>
Date: Fri, 11 Oct 2024 11:13:27 +0200
Subject: [PATCH 2/4] Addressing comments

---
 .github/workflows/rit.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/rit.yml b/.github/workflows/rit.yml
index 0b6d273972..b721c85119 100644
--- a/.github/workflows/rit.yml
+++ b/.github/workflows/rit.yml
@@ -142,7 +142,7 @@ jobs:
               "attachments": [
                 {
                   "color": "good",
-                  "text": "OK: :white_tick: *Pull request*: ${{ env.SAFE_BRANCH_NAME }} - [#${{ github.run_number }} - *${{ github.event.pull_request.title }}*] - PR: ${{ github.event.pull_request.html_url }} - (${{ env.BUILD_URL }}) - *Branches used* [rskj:`rsksmart#${{ env.RSKJ_BRANCH }}`] [fed:`${{ env.POWPEG_BRANCH }}`] [rootstock-integration-tests:`${{ env.RIT_BRANCH }}`]"
+                  "text": "*PASSED*: :white_check_mark: *Pull request*: ${{ env.SAFE_BRANCH_NAME }} \n#${{ github.run_number }} - *${{ github.event.pull_request.title }}* \n*PR*: ${{ github.event.pull_request.html_url }} \n*Pipeline*: ${{ env.BUILD_URL }} \n*Branches used*: \n- rskj:`${{ env.RSKJ_BRANCH }}` \n- fed:`${{ env.POWPEG_BRANCH }}` \n- rootstock-integration-tests:`${{ env.RIT_BRANCH }}`"
                 }
               ]
             }
@@ -159,7 +159,7 @@ jobs:
               "attachments": [
                 {
                   "color": "danger",
-                  "text": "FAILED: :x: *Pull request*: ${{ env.SAFE_BRANCH_NAME }} - [#${{ github.run_number }} - *${{ github.event.pull_request.title }}*] - PR: ${{ github.event.pull_request.html_url }} - (${{ env.BUILD_URL }}) - *Branches used* [rskj:`rsksmart#${{ env.RSKJ_BRANCH }}`] [fed:`${{ env.POWPEG_BRANCH }}`] [rootstock-integration-tests:`${{ env.RIT_BRANCH }}`]"
+                  "text": "*FAILED*: :x: *Pull request*: ${{ env.SAFE_BRANCH_NAME }} \n#${{ github.run_number }} - *${{ github.event.pull_request.title }}* \n*PR*: ${{ github.event.pull_request.html_url }} \n*Pipeline*: ${{ env.BUILD_URL }} \n*Branches used*: \n- rskj:`${{ env.RSKJ_BRANCH }}` \n- fed:`${{ env.POWPEG_BRANCH }}` \n- rootstock-integration-tests:`${{ env.RIT_BRANCH }}`"
                 }
               ]
             }

From 582b4a0f91a1ceb910cb7778e587101ca5b9c5df Mon Sep 17 00:00:00 2001
From: frederico leal <frederico.macielleal@iovlabs.org>
Date: Fri, 11 Oct 2024 17:22:33 +0200
Subject: [PATCH 3/4] Configuring the message a bit more clean yet

---
 .github/workflows/rit.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/rit.yml b/.github/workflows/rit.yml
index b721c85119..c15f5bd398 100644
--- a/.github/workflows/rit.yml
+++ b/.github/workflows/rit.yml
@@ -142,7 +142,7 @@ jobs:
               "attachments": [
                 {
                   "color": "good",
-                  "text": "*PASSED*: :white_check_mark: *Pull request*: ${{ env.SAFE_BRANCH_NAME }} \n#${{ github.run_number }} - *${{ github.event.pull_request.title }}* \n*PR*: ${{ github.event.pull_request.html_url }} \n*Pipeline*: ${{ env.BUILD_URL }} \n*Branches used*: \n- rskj:`${{ env.RSKJ_BRANCH }}` \n- fed:`${{ env.POWPEG_BRANCH }}` \n- rootstock-integration-tests:`${{ env.RIT_BRANCH }}`"
+                  "text": "*PASSED*: :white_check_mark: - *${{ github.event.pull_request.title }}* \n*Pull request*: ${{ github.event.pull_request.html_url }} \n*Pipeline*: ${{ env.BUILD_URL }} \n*Branches used*: \n- rskj:`${{ env.RSKJ_BRANCH }}` \n- fed:`${{ env.POWPEG_BRANCH }}` \n- rit:`${{ env.RIT_BRANCH }}`"
                 }
               ]
             }
@@ -159,7 +159,7 @@ jobs:
               "attachments": [
                 {
                   "color": "danger",
-                  "text": "*FAILED*: :x: *Pull request*: ${{ env.SAFE_BRANCH_NAME }} \n#${{ github.run_number }} - *${{ github.event.pull_request.title }}* \n*PR*: ${{ github.event.pull_request.html_url }} \n*Pipeline*: ${{ env.BUILD_URL }} \n*Branches used*: \n- rskj:`${{ env.RSKJ_BRANCH }}` \n- fed:`${{ env.POWPEG_BRANCH }}` \n- rootstock-integration-tests:`${{ env.RIT_BRANCH }}`"
+                  "text": "*FAILED*: :x: - *${{ github.event.pull_request.title }}* \n*Pull request*: ${{ github.event.pull_request.html_url }} \n*Pipeline*: ${{ env.BUILD_URL }} \n*Branches used*: \n- rskj:`${{ env.RSKJ_BRANCH }}` \n- fed:`${{ env.POWPEG_BRANCH }}` \n- rit:`${{ env.RIT_BRANCH }}`"
                 }
               ]
             }

From be2dfb9668013350f5bfc076555e330e93b42a18 Mon Sep 17 00:00:00 2001
From: frederico leal <frederico.macielleal@iovlabs.org>
Date: Thu, 17 Oct 2024 19:11:41 +0200
Subject: [PATCH 4/4] Addressing security comments regarding variables

---
 .github/workflows/rit.yml | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/rit.yml b/.github/workflows/rit.yml
index c15f5bd398..487767549f 100644
--- a/.github/workflows/rit.yml
+++ b/.github/workflows/rit.yml
@@ -113,14 +113,14 @@ jobs:
           BUILD_URL="https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
           echo "BUILD_URL=$BUILD_URL" >> $GITHUB_ENV
 
-      - name: Sanitize Branch Name
-        id: sanitize-branch-name
+      - name: Sanitize Github Variables
+        id: sanitize-github-variables
         env:
-          GITHUB_HEAD_REF: ${{ github.head_ref }}
+          GITHUB_EVENT_PULL_REQUEST_TITLE: ${{ github.event.pull_request.title }}
         run: |
-          # Delete non-alphanumeric characters and limit to 255 chars which is the branch limit in GitHub
-          SAFE_BRANCH_NAME=$(echo "${GITHUB_HEAD_REF}" | tr -cd '[:alnum:]_-' | cut -c1-255)
-          echo "SAFE_BRANCH_NAME=$SAFE_BRANCH_NAME" >> $GITHUB_ENV
+          # Delete non-alphanumeric characters and limit to 75 chars which is the branch title limit in GitHub
+          SAFE_PULL_REQUEST_TITLE=$(echo "${GITHUB_EVENT_PULL_REQUEST_TITLE}" | tr -cd '[:alnum:]_ -' | cut -c1-75)
+          echo "SAFE_PULL_REQUEST_TITLE=$SAFE_PULL_REQUEST_TITLE" >> $GITHUB_ENV
 
       - name: Run Rootstock Integration Tests
         uses: rsksmart/rootstock-integration-tests@e86332474179a63f027d0fe969687d3d24f34c29 #v1
@@ -135,6 +135,7 @@ jobs:
         uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0
         env:
           SLACK_BOT_TOKEN: ${{ secrets.GHA_SLACK_NOTIFICATION_TOKEN }}
+          GITHUB_EVENT_PULL_REQUEST_HTML_URL: ${{ github.event.pull_request.html_url }}
         with:
           channel-id: ${{ vars.GHA_SLACK_NOTIFICATION_CHANNEL }}
           payload: |
@@ -142,7 +143,7 @@ jobs:
               "attachments": [
                 {
                   "color": "good",
-                  "text": "*PASSED*: :white_check_mark: - *${{ github.event.pull_request.title }}* \n*Pull request*: ${{ github.event.pull_request.html_url }} \n*Pipeline*: ${{ env.BUILD_URL }} \n*Branches used*: \n- rskj:`${{ env.RSKJ_BRANCH }}` \n- fed:`${{ env.POWPEG_BRANCH }}` \n- rit:`${{ env.RIT_BRANCH }}`"
+                  "text": "*PASSED*: :white_check_mark: - *${{ env.SAFE_PULL_REQUEST_TITLE }}* \n*Pull request*: ${{ env.GITHUB_EVENT_PULL_REQUEST_HTML_URL }} \n*Pipeline*: ${{ env.BUILD_URL }} \n*Branches used*: [ rskj:`${{ env.RSKJ_BRANCH }}` ] [ fed:`${{ env.POWPEG_BRANCH }}` ] [ rit:`${{ env.RIT_BRANCH }}` ]"
                 }
               ]
             }
@@ -152,6 +153,7 @@ jobs:
         uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0
         env:
           SLACK_BOT_TOKEN: ${{ secrets.GHA_SLACK_NOTIFICATION_TOKEN }}
+          GITHUB_EVENT_PULL_REQUEST_HTML_URL: ${{ github.event.pull_request.html_url }}
         with:
           channel-id: ${{ vars.GHA_SLACK_NOTIFICATION_CHANNEL }}
           payload: |
@@ -159,7 +161,7 @@ jobs:
               "attachments": [
                 {
                   "color": "danger",
-                  "text": "*FAILED*: :x: - *${{ github.event.pull_request.title }}* \n*Pull request*: ${{ github.event.pull_request.html_url }} \n*Pipeline*: ${{ env.BUILD_URL }} \n*Branches used*: \n- rskj:`${{ env.RSKJ_BRANCH }}` \n- fed:`${{ env.POWPEG_BRANCH }}` \n- rit:`${{ env.RIT_BRANCH }}`"
+                  "text": "*FAILED*: :x: - *${{ env.SAFE_PULL_REQUEST_TITLE }}* \n*Pull request*: ${{ env.GITHUB_EVENT_PULL_REQUEST_HTML_URL }} \n*Pipeline*: ${{ env.BUILD_URL }} \n*Branches used*: [ rskj:`${{ env.RSKJ_BRANCH }}` ] [ fed:`${{ env.POWPEG_BRANCH }}` ] [ rit:`${{ env.RIT_BRANCH }}` ]"
                 }
               ]
             }