pipel8ne

English

Français
Español
Русский

English

Français
Español
Русский

Appearance

Tutorial: Scheduled Pipeline

In this tutorial you will build a nightly pipeline that runs dependency audits and sends a Slack notification with the results.

Time: ~10 minutes Export target: GitHub Actions

What you'll build

A pipeline that runs every night at 2:00 AM and:

  1. Checks for outdated dependencies
  2. Runs a security audit
  3. Notifies a Slack channel with the result

Step 1 — Save the Slack webhook

  1. Go to Settings → Credentials → New Credential
  2. Fill in:
    • Label: Slack Webhook — #alerts
    • Provider: slack
    • Value: https://hooks.slack.com/services/... (your Slack incoming webhook URL)
  3. Save

Step 2 — Create the pipeline

Open your project, click New Pipeline → name it nightly-audit.

Step 3 — Configure the trigger

Click Trigger:

  • Type: Schedule
  • Cron: 0 2 * * * (every day at 2:00 AM UTC)

Step 4 — Add the Audit stage

Add a stage named Audit.

Double-click to enter it. Add a job:

  • Name: dependency-audit
  • Runs on: ubuntu-latest

Add steps:

Step 1 — Checkout

  • Type: git / Operation: checkout

Step 2 — Install dependencies

  • Type: shell_command
  • Script: npm ci

Step 3 — Check for outdated packages

  • Type: shell_command
  • Script:
    bash
    npm outdated || true
  • Label: Check outdated packages

(The || true prevents the job from failing if there are outdated packages — we want to report, not block.)

Step 4 — Security audit

  • Type: shell_command
  • Script:
    bash
    npm audit --audit-level=high
  • Label: Security audit

Step 5 — Notify Slack

  • Type: notification
  • Channel: slack
  • Credential: Slack Webhook — #alerts
  • Message: ✅ Nightly audit completed for my-app

TIP

To send different messages on success vs. failure, add two notification steps: one with Continue on error enabled on the audit step, and conditionals in the YAML. This is easier to set up directly in the YAML after exporting.

Step 5 — Save and export

Click Save then Export → GitHub Actions → Download.

Commit nightly-audit.yml to .github/workflows/.

Result

The pipeline will run every night at 2:00 AM. If the security audit finds high-severity vulnerabilities, the job will fail and GitHub will send you an email notification. Either way, Slack receives a message.

Adjusting the schedule

To change the frequency, update the trigger in pipel8ne and re-export:

GoalCron
Every Monday at 9 AM0 9 * * 1
Every 6 hours0 */6 * * *
First of each month0 0 1 * *
Weekdays at 8 AM0 8 * * 1-5

Released under the MIT License.

Copyright © 2024 pipel8ne contributors