name: Issue Assigned

on:
  issues:
    types: [assigned]
permissions: {}  # let's not use any permissions we don't need here
jobs:
  send-mattermost-message:
    runs-on: ubuntu-latest
    steps:
    # issue triggers in github actions can be dangerous like
    # pull_request_target because they run with additional privileges in an
    # environment containing values that can be controlled by an attacker.
    # because of this, please take extra caution when modifying the steps taken
    # by this workflow. for additional information, see
    # https://github.com/certbot/certbot/pull/10490
    #
    # we pin this action to a version tested and audited by certbot's
    # maintainers for extra security. the full hash is used as doing so is
    # recommended by zizmor
    - uses: mattermost/action-mattermost-notify@b7d118e440bf2749cd18a4a8c88e7092e696257a
      with:
        MATTERMOST_WEBHOOK_URL: ${{ secrets.MATTERMOST_ASSIGN_WEBHOOK }}
        TEXT: >
            ${{ github.event.assignee.login }} assigned to "${{ github.event.issue.title }}": ${{ github.event.issue.html_url }}