Github

In CI/CD workflows, critical events such as build failures, deployment completions, and security scan alerts often need to be communicated to relevant team members immediately. By integrating EngageLab SMS into GitHub Actions, you can trigger SMS notifications at any point in a Workflow, ensuring team members stay informed of system status whether they are online or not.

Prerequisites

Before getting started, make sure the following configurations are complete:

EngageLab Side

EngageLab SMS service has been activated
An SMS template has been created and approved in the Template Management page; template ID has been obtained
An API key has been created on the API Keys page; dev_key and dev_secret have been obtained

GitHub Side

You have admin access to the target repository and can configure Repository Secrets

Step 1: Prepare SMS Templates

Sending SMS via the API requires pre-approved templates; custom text content cannot be sent directly.

Log in to the EngageLab console, go to SMS → Template Management, and create a new template. For a deployment notification example, the template content might look like:

【{{sign}}】Hello, repository {{repo}} {{status}} at {{time}}, Commit: {{commit}}.

              
              【{{sign}}】Hello, repository {{repo}} {{status}} at {{time}}, Commit: {{commit}}.

This code block in the floating window

After submitting the template, wait for approval and note down the template ID (e.g. deploy-notify-template).

Tip: Create separate templates for "deployment succeeded" and "deployment failed" — it makes the intent clearer and improves the approval rate.

Step 2: Configure GitHub Secrets

To avoid hardcoding secrets in Workflow files, store sensitive information in GitHub Repository Secrets.

Go to your repository page, then navigate to Settings → Secrets and variables → Actions → New repository secret, and add the following variables one by one:

Secret Name	Description
`ENGAGELAB_DEV_KEY`	dev_key from the EngageLab API Keys page
`ENGAGELAB_DEV_SECRET`	Corresponding dev_secret
`ENGAGELAB_TEMPLATE_SUCCESS`	Template ID for deployment success notifications
`ENGAGELAB_TEMPLATE_FAILURE`	Template ID for deployment failure notifications
`ON_CALL_PHONE`	Phone number to receive notifications, must include country code, e.g. `+8618701235678`

Step 3: Add Notification Steps to the Workflow

The EngageLab SMS API uses HTTP Basic authentication, where the auth string is generated by base64(dev_key:dev_secret). Below is a complete Workflow example:

name: Deploy to Production on: push: branches: [main] jobs: deploy: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - name: Build and test run: | npm install npm test - name: Deploy run: ./deploy.sh - name: Notify success via EngageLab SMS if: success() run: | AUTH=$(echo -n "${{ secrets.ENGAGELAB_DEV_KEY }}:${{ secrets.ENGAGELAB_DEV_SECRET }}" | base64) curl -s -X POST https://smsapi.engagelab.com/v1/messages \ -H "Content-Type: application/json" \ -H "Authorization: Basic ${AUTH}" \ -d '{ "to": ["${{ secrets.ON_CALL_PHONE }}"], "template": { "id": "${{ secrets.ENGAGELAB_TEMPLATE_SUCCESS }}", "params": { "repo": "${{ github.repository }}", "commit": "${{ github.sha }}", "status": "deployed successfully", "time": "'"$(date '+%Y-%m-%d %H:%M')"'" } } }' - name: Notify failure via EngageLab SMS if: failure() run: | AUTH=$(echo -n "${{ secrets.ENGAGELAB_DEV_KEY }}:${{ secrets.ENGAGELAB_DEV_SECRET }}" | base64) curl -s -X POST https://smsapi.engagelab.com/v1/messages \ -H "Content-Type: application/json" \ -H "Authorization: Basic ${AUTH}" \ -d '{ "to": ["${{ secrets.ON_CALL_PHONE }}"], "template": { "id": "${{ secrets.ENGAGELAB_TEMPLATE_FAILURE }}", "params": { "repo": "${{ github.repository }}", "commit": "${{ github.sha }}", "status": "deployment failed", "time": "'"$(date '+%Y-%m-%d %H:%M')"'" } } }'

              
              name: Deploy to Production

on:
  push:
    branches: [main]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - name: Build and test
        run: |
          npm install
          npm test

      - name: Deploy
        run: ./deploy.sh

      - name: Notify success via EngageLab SMS
        if: success()
        run: |
          AUTH=$(echo -n "${{ secrets.ENGAGELAB_DEV_KEY }}:${{ secrets.ENGAGELAB_DEV_SECRET }}" | base64)
          curl -s -X POST https://smsapi.engagelab.com/v1/messages \
            -H "Content-Type: application/json" \
            -H "Authorization: Basic ${AUTH}" \
            -d '{
              "to": ["${{ secrets.ON_CALL_PHONE }}"],
              "template": {
                "id": "${{ secrets.ENGAGELAB_TEMPLATE_SUCCESS }}",
                "params": {
                  "repo": "${{ github.repository }}",
                  "commit": "${{ github.sha }}",
                  "status": "deployed successfully",
                  "time": "'"$(date '+%Y-%m-%d %H:%M')"'"
                }
              }
            }'

      - name: Notify failure via EngageLab SMS
        if: failure()
        run: |
          AUTH=$(echo -n "${{ secrets.ENGAGELAB_DEV_KEY }}:${{ secrets.ENGAGELAB_DEV_SECRET }}" | base64)
          curl -s -X POST https://smsapi.engagelab.com/v1/messages \
            -H "Content-Type: application/json" \
            -H "Authorization: Basic ${AUTH}" \
            -d '{
              "to": ["${{ secrets.ON_CALL_PHONE }}"],
              "template": {
                "id": "${{ secrets.ENGAGELAB_TEMPLATE_FAILURE }}",
                "params": {
                  "repo": "${{ github.repository }}",
                  "commit": "${{ github.sha }}",
                  "status": "deployment failed",
                  "time": "'"$(date '+%Y-%m-%d %H:%M')"'"
                }
              }
            }'

This code block in the floating window

Key Parameter Reference

Parameter	Description
`if: success()`	Executes only when all preceding steps in the current Job succeed
`if: failure()`	Executes only when any step in the current Job fails
`github.repository`	Built-in GitHub variable, formatted as `owner/repo`
`github.sha`	The commit SHA that triggered this Workflow
`date '+%Y-%m-%d %H:%M'`	Gets the current time on the Runner, defaults to UTC timezone

Note: The date command returns the GitHub Actions Runner's system time (UTC). To display local timezone, set the TZ environment variable before the command, e.g.: TZ='Asia/Shanghai' date '+%Y-%m-%d %H:%M'.

Extended Scenarios

Notify Multiple Recipients

Change the to field to an array to send to multiple phone numbers simultaneously:

-d '{ "to": [ "${{ secrets.ON_CALL_PHONE }}", "${{ secrets.TEAM_LEAD_PHONE }}" ], "template": { "id": "${{ secrets.ENGAGELAB_TEMPLATE_FAILURE }}", "params": { "repo": "${{ github.repository }}", "commit": "${{ github.sha }}", "status": "deployment failed", "time": "'"$(date '+%Y-%m-%d %H:%M')"'" } } }'

              
              -d '{
  "to": [
    "${{ secrets.ON_CALL_PHONE }}",
    "${{ secrets.TEAM_LEAD_PHONE }}"
  ],
  "template": {
    "id": "${{ secrets.ENGAGELAB_TEMPLATE_FAILURE }}",
    "params": {
      "repo": "${{ github.repository }}",
      "commit": "${{ github.sha }}",
      "status": "deployment failed",
      "time": "'"$(date '+%Y-%m-%d %H:%M')"'"
    }
  }
}'

This code block in the floating window

Security Scan Alerts

In Workflows that include security scanning steps, send immediate notifications when high-severity vulnerabilities are found:

- name: Security scan id: security run: ./run-security-scan.sh - name: Notify security alert via SMS if: steps.security.outputs.high_severity == 'true' run: | AUTH=$(echo -n "${{ secrets.ENGAGELAB_DEV_KEY }}:${{ secrets.ENGAGELAB_DEV_SECRET }}" | base64) curl -s -X POST https://smsapi.engagelab.com/v1/messages \ -H "Content-Type: application/json" \ -H "Authorization: Basic ${AUTH}" \ -d '{ "to": ["${{ secrets.SECURITY_TEAM_PHONE }}"], "template": { "id": "${{ secrets.ENGAGELAB_TEMPLATE_SECURITY }}", "params": { "repo": "${{ github.repository }}", "time": "'"$(date '+%Y-%m-%d %H:%M')"'" } } }'

              
              - name: Security scan
  id: security
  run: ./run-security-scan.sh

- name: Notify security alert via SMS
  if: steps.security.outputs.high_severity == 'true'
  run: |
    AUTH=$(echo -n "${{ secrets.ENGAGELAB_DEV_KEY }}:${{ secrets.ENGAGELAB_DEV_SECRET }}" | base64)
    curl -s -X POST https://smsapi.engagelab.com/v1/messages \
      -H "Content-Type: application/json" \
      -H "Authorization: Basic ${AUTH}" \
      -d '{
        "to": ["${{ secrets.SECURITY_TEAM_PHONE }}"],
        "template": {
          "id": "${{ secrets.ENGAGELAB_TEMPLATE_SECURITY }}",
          "params": {
            "repo": "${{ github.repository }}",
            "time": "'"$(date '+%Y-%m-%d %H:%M')"'"
          }
        }
      }'

This code block in the floating window

Scheduled Task Result Reports

For Workflows triggered by schedule (such as daily data syncs or periodic backups), send a summary SMS after execution:

on: schedule: - cron: '0 2 * * *' # Runs daily at 02:00 UTC jobs: daily-sync: runs-on: ubuntu-latest steps: - name: Run daily sync run: ./daily-sync.sh - name: Notify result via SMS if: always() run: | STATUS=${{ job.status }} AUTH=$(echo -n "${{ secrets.ENGAGELAB_DEV_KEY }}:${{ secrets.ENGAGELAB_DEV_SECRET }}" | base64) curl -s -X POST https://smsapi.engagelab.com/v1/messages \ -H "Content-Type: application/json" \ -H "Authorization: Basic ${AUTH}" \ -d '{ "to": ["${{ secrets.ON_CALL_PHONE }}"], "template": { "id": "${{ secrets.ENGAGELAB_TEMPLATE_DAILY }}", "params": { "repo": "${{ github.repository }}", "status": "'"${STATUS}"'", "time": "'"$(TZ='Asia/Shanghai' date '+%Y-%m-%d %H:%M')"'" } } }'

              
              on:
  schedule:
    - cron: '0 2 * * *'   # Runs daily at 02:00 UTC

jobs:
  daily-sync:
    runs-on: ubuntu-latest
    steps:
      - name: Run daily sync
        run: ./daily-sync.sh

      - name: Notify result via SMS
        if: always()
        run: |
          STATUS=${{ job.status }}
          AUTH=$(echo -n "${{ secrets.ENGAGELAB_DEV_KEY }}:${{ secrets.ENGAGELAB_DEV_SECRET }}" | base64)
          curl -s -X POST https://smsapi.engagelab.com/v1/messages \
            -H "Content-Type: application/json" \
            -H "Authorization: Basic ${AUTH}" \
            -d '{
              "to": ["${{ secrets.ON_CALL_PHONE }}"],
              "template": {
                "id": "${{ secrets.ENGAGELAB_TEMPLATE_DAILY }}",
                "params": {
                  "repo": "${{ github.repository }}",
                  "status": "'"${STATUS}"'",
                  "time": "'"$(TZ='Asia/Shanghai' date '+%Y-%m-%d %H:%M')"'"
                }
              }
            }'

This code block in the floating window

if: always() means the step executes regardless of whether previous steps succeed or fail — suitable for scenarios where notifications must always be delivered.

Important Notes

Templates must be approved before use. If a template is pending review or has been rejected when called, the API will return a 4001 error.
Phone numbers must include the country code, e.g. mainland China numbers should be written as +8618701235678. Omitting + or the country code will cause delivery failure.
The auth string is generated dynamically with each request — there is no need to store the Base64-encoded result in advance. Simply compute it in real-time using echo -n "key:secret" | base64.
An HTTP 200 response from the API does not guarantee successful SMS delivery — check the code field in the response body. A code of 0 or absent indicates success; for non-zero values, refer to the error code documentation for troubleshooting.
Avoid leaking secrets in logs — do not echo the AUTH variable content directly in run steps.