Skip to content

Integrate Slack

Jump to bottom
Naomichi Yamakita edited this page Oct 30, 2024 · 31 revisions

Integration with Slack allows for interactive deployment from the channel. To set up a Slack integration, you need to have permission to create a Slack app.

Integration

From an app manifest (Recommend)

  1. Create a new Slack app in app manifest mode. Register the following manifest file and click [Next]. Rewrite YOUR_APP and YOUR_HOST according to your environment.

    {
   "display_information":{
      "name":"{YOUR_APP}-genova",
      "description":"genova",
      "background_color":"#000000"
   },
   "features":{
      "bot_user":{
         "display_name":"{YOUR_APP}-genova",
         "always_online":true
      }
   },
   "oauth_config":{
      "redirect_urls":[
         "https://{YOUR_HOST}/api/v2/slack/auth"
      ],
      "scopes":{
         "bot":[
            "app_mentions:read",
            "chat:write",
            "users:read"
         ]
      }
   },
   "settings":{
      "event_subscriptions":{
         "request_url":"https://{YOUR_HOST}/api/v2/slack/event",
         "bot_events":[
            "app_mention"
         ]
      },
      "interactivity":{
         "is_enabled":true,
         "request_url":"https://{YOUR_HOST}/api/v2/slack/post"
      },
      "org_deploy_enabled":false,
      "socket_mode_enabled":false,
      "token_rotation_enabled":false
   }
}

  2. When a confirmation window opens, click on [Create].

  3. Click on [OAuth & Permissions] from the sidebar.

  4. With [Basic Information] open in the sidebar, click the [Install to Workspace] button in the [Install your app] section.

  5. For subsequent setup instructions, see Step 3 of the From Scratch Setup Instructions.

    • Skip Step 6 as it is not necessary.

From scratch

  1. Create a new Slack app in scratch mode.
    Screenshot_2023-12-19_at_0_12_39

  2. Change the settings of the application as follows.

    • [Features] - [Interactivity & Shortcuts]
      • Turn on the [Interactivity] toggle.
      • Click on [Save changes].
    • [Features] - [OAuth & Permissions]
      • Redirect URLs
        • Click on [Add New Redirect URL].
          • Click on [Add] - [Save URLs].
      • [Scopes]
        • [Bot Token Scopes]
          • Click on [Add an OAuth Scope] to add [app_mentions:read], [chat:write], [users:read].
    • [Features] - [App Home] (Optional)
      • [Your App’s Presence in Slack]
        • Turn on the [Always Show My Bot as Online] toggle.
    • Settings - Install App
      • Click on [Install to Workspace].
      • When asked for permission to access your workspace, press [Allow].
        Screenshot_2023-12-19_at_0_19_01

  3. When you start Slack, the app you just installed will be added to the side panel.
    Screenshot_2023-12-19_at_0_25_26

    • Open the channel you want to add the bot to and enter /invite in the message field. Open Add apps to this channel from the menu that appears.
    • When the modal for the app you want to add opens, press the [Add] for the app you just created.
      Screenshot_2023-12-19_at_0_30_47

  4. Set the Slack app credentials in the genova configuration file config/settings.local.yml. Credential information can be checked from [Basic information] in the Slack app sidebar.

    Screenshot_2024-02-18_at_19_12_40

    console:
  url: url: https://{CONSOLE_URL}/

github:
  account: 'xxx'
  repositories:
    # Repository name to be deployed. For example, for https://github.com/xxx/your_app, specify `your_app`.
    - name: 'xxx'

slack:
  # Client ID
  client_id: 'xxx'

  # Client Secret
  client_secret: 'xxx'

  # Signing Secret
  signing_secret: 'xxx'

  # Verification Token
  verification_token: 'xxx'

  # Specify the [Bot User OAuth Token] that will be displayed on the [OAuth & Permissions] page.
  api_token: 'xxx'

  # Parameters starting with `C` included in Slack channel URL
  channel_id: 'xxx'

  5. Restart genova for the configuration to take effect.

    $ docker compose stop && docker compose up -d

  6. Open the Slack app screen again and make the following settings.

    • [Settings] - [Manage Distribution]
      • [Share Your App with Your Workspace]
        • Click on [Add to Slack].
        • JSON with team_id will be returned if the integration with Slack is successful.
    • [Features] - [Event Subscriptions]
      • Turn on the [Enable Events] toggle.
      • Requests URL: https://{CONSOLE_URL}/api/v2/slack/event
      • Press [Subscribe to bot events].
        • Click on [Add Bot User Event] and add [app_mention].
        • Click on [Save changes].

  7. The setup is now complete. Open Slack and enter @{BOT} version in the channel where your bot is running. If the version message is displayed, it is successful.

    Screenshot 2023-12-19 at 0 43 30

Restrict deploying users

Permissions can be used to limit the members that can be deployed from a channel. If a member who does not own the permission tries to deploy, an insufficient access permission error will occur.

# config/settings.local.yml
slack:
  permissions:
    # Target of restrictions. You can specify `repository` or `cluster` or 'workflow'.
    - policy: cluster

      # You can specify full match or partial match for string (e.g. `production-*`, `*`).
      # If only asterisks are specified, they must be enclosed in single quotes.
      # * When `policy` is a `repository`: Target repository name.
      # * When `policy` is a `cluster`: Target cluster name.
      # * When `policy` is a `workflow`: Target workflow name.
      resources:
        - production-api

      # List of allowed users. User can be specified by Slack user ID.
      allow_users:
        - U04F0AWUE
  • If you add the permission parameter, the default behavior is to refuse to deploy all members.
Clone this wiki locally