This is an example of a simple Slackbot (called '@mentionbot') that posts a notification to a specific channel any time you're @mentioned anywhere, whether in various channels or via direct message. This bot is useful for when you need a time-ordered list of @mentions to go through at a later point.
Slack users can subscribe/unsubscribe from notifications easily. To receive notifications, add @mentionbot
to a channel you want to be notified in. Then send any message to @mentionbot
to subscribe. To stop getting messages, send a message to @mentionbot
containing the word unsubscribe
.
This Slackbot example contains a few useful patterns, showing you how to create a Slackbot while taking advantage of a lot of conveniences that Pulumi and the aws
and awsx
packages provide.
- We set up an ApiGateway API to receive push notifications from Slack whenever important events happen.
- Slack has strict requirements on how quickly the push endpoint must respond with
200
notifications before they consider the message as "not received", triggering back-off and resending of those same messages. For this reason, our example does not process Slackevent
messages as they come in. Instead, they are immediately added to an AWS SNS Topic to be processed at a later point in time. This allows the ApiGateway call to return quickly, satisfying Slack's requirements. - Two AWS Lambdas are created naturally using simple JavaScript functions. One function is used to create the Lambda that is called when Slack pushes a notification. The other is used to specify the Lamdba that will process the messages added to the Topic. These JavaScript functions can easily access the other Pulumi resources created, avoiding the need to figure out ways to pass Resource ARNs/IDs/etc. to the Lambdas to ensure they can talk to the right resources. If these resources are swapped out in the future (for example, using RDS instead of DynamoDB, or SQS instead of SNS), Pulumi will make sure that the Lambdas were updated properly.
- Pulumi Secrets provides a simple way to pass important credentials (like your Slack tokens) without having to directly embed them in your application code.
First, we'll set up the Pulumi App. Then, we'll go create and configure a Slack App and Bot to interact with our Pulumi App.
Note: Some values in this example will be different from run to run. These values are indicated with
***
.
$ pulumi stack init mentionbot
$ pulumi config set aws:region us-east-2
Run npm install
or yarn install
to restore your NPM modules.
Run pulumi up
to preview and deploy your AWS resources.
$ pulumi up
Previewing update (mentionbot):
...
Do you want to perform this update? yes
Updating (mentionbot):
Type Name Status
+ pulumi:pulumi:Stack aws-ts-slack-mentionbot created
+ ├─ aws:sns:TopicEventSubscription processTopicMessage created
+ │ ├─ aws:iam:Role processTopicMessage created
+ │ ├─ aws:iam:RolePolicyAttachment processTopicMessage-32be53a2 created
+ │ ├─ aws:lambda:Function processTopicMessage created
+ │ ├─ aws:sns:TopicSubscription processTopicMessage created
+ │ └─ aws:lambda:Permission processTopicMessage created
+ ├─ aws:apigateway:x:API mentionbot created
+ │ ├─ aws:iam:Role mentionbot8e3f228c created
+ │ ├─ aws:iam:RolePolicyAttachment mentionbot8e3f228c-32be53a2 created
+ │ ├─ aws:lambda:Function mentionbot8e3f228c created
+ │ ├─ aws:apigateway:RestApi mentionbot created
+ │ ├─ aws:apigateway:Deployment mentionbot created
+ │ ├─ aws:lambda:Permission mentionbot-89b3ba11 created
+ │ └─ aws:apigateway:Stage mentionbot created
+ ├─ aws:dynamodb:Table subscriptions created
+ └─ aws:sns:Topic messages created
Outputs:
url: "https://***.execute-api.us-east-2.amazonaws.com/stage/"
Resources:
+ 17 created
Duration: 25s
Permalink: https://app.pulumi.com/***/mentionbot/updates/1
To create a new Slackbot, first go to https://api.slack.com/apps and create an account if necessary. Next, click on 'Create New App' here:
Pick your desired name for the app, and the Workspace the app belongs to. Here we choose MentionBot
:
Once created, you will need to 'Add features and functionality' to your app. You'll eventually need all these configured:
First, we'll enable 'Incoming Webhooks'. This allows your Slack bot to post messages into Slack for you:
Next, create a bot user like so:
Next, we'll enable 'Event Subscriptions'. This will tell Slack to push events to your ApiGateway endpoint when changes happen. Note that we put the Stack-Output url
shown above (along with the events
suffix). This corresponds to the specific ApiGateway Route that was defined in the Pulumi app. Note that Slack will test this endpoint to ensure it is accepting Slack notifications and responding to them in a valid manner. We'll also setup notifications for the events we care about. Importantly, our Slackbot will have to hear about when people mention it (for subscribing/unsubscribing), as well as hearing about all messages (so it can look for @-mentions):
Next, we'll go to 'Permissions'. Here, we can find the OAuth tokens your Pulumi App will need. Specifically, we'll need the 'Bot User OAuth Token' listed here:
Underneath this, we'll set the following Scopes defining the permissions of the bot:
Now, we're almost done. The only thing left to do is supply your Pulumi App with the appropriate secrets/tokens. We'll need the Bot OAuth token (shown above), and the 'Verification Token' (found under 'Basic Information'):
Supply these both like so:
$ pulumi config set --secret mentionbot:slackToken xoxb-...
$ pulumi config set --secret mentionbot:verificationToken d...
Next, install the Slack App into your workspace:
And we're done!
From Slack you can now create your own private channel:
Invite the bot to the channel:
Then send it a message. Note that it may take several seconds for the bot to respond due to Slack push notification delays, SNS Topic delays, and Slack incoming message delays.
And you're set! From now on when someone from your team mentions you, you'll get a little message with a direct mention in your channel like so:
-
Run
pulumi destroy
to tear down all resources. -
To delete the stack itself, run
pulumi stack rm
. Note that this command deletes all deployment history from the Pulumi Console.