a-harrison / slackduty

Simple carbon app to listen for PagerDuty WebHook events and re-broadcast to a designated Slack channel. The app can be configured to receive notifications from Slack button events as a method for acknowledging and resolving events.

1. Requirements
2. Setup
   1. Install the app.
   2. Create the Slack app.
   3. Configure PagerDuty.
   4. Configuration.
3. Overview

• Slack Account
• PagerDuty Account
• Ownership of a TLS-enabled HTTPS URL located on a publicly accessible server with a valid SSL certificate. This is required for interactive messages. (See 'Action URL SSL certificate requirements' requirements here. )

• git clone https://gitlab.com/a-harrison/slackduty.git
• npm install

Generate an API key that will be used to authenticate requests made to the app. A quick resource for getting a randomly generated key can be found at randomkeygen.com.

Generate a hash of this key using bcrypt. This hash will need to be set as the environment variable API_KEY_HASH.

Create a new app for the designated Slack account (https://api.slack.com/apps). The following features will need to be enabled:

• Incoming WebHooks - This will create an endpoint to which messages can be sent. Select the Slack channel to which notifications will be posted and save the WebHook URL. This URL will be set as the value of the SLACK_WEBHOOK_URL environment variable.

• Interactive Messages - Required if using interactive Slack messages. Specify the 'Request URL' to which button events (acknowledge, resolve, etc) will be sent. The path must point to the /actions endpoint of the app and include the API key generated earlier. For example: 'http://example.com/alerts?api_key=thisismyapikey

Enable a 'Generic V1 Webhook' integration to be sent from each service being monitored. The Webhook should be sent to the /alerts endpoint of the app. This URL must also include the API key.

If your messaging includes interactive messages, a Generic Events API Integration is required to allow this app to update and resolve incidents. The integration key for the integration will be used by the app in the Events API v1; this key will be the value of the PAGERDUTY_INTEGRATION_KEY environment variable.

Note - The app uses the v1 version of the PagerDuty Events API.

The following environment variables handle configuration for the app:

The main class is ./lib/SlackAlertService.js, which is a Carbon app that with two endpoints:

• /alerts - Accepts PagerDuty WebHook events
• /actions - Accepts messages sent as responses to Slack interaction messages.

Messages sent to the /alerts endpoint are parsed according to the logic defined in PagerDutyWebHookParser and will generate custom formatted messages. Messaging formatting must be defined according to the Slack messaging guidelines. The MessageBuilder class is a helper class to generate the formatted messages.

Messages sent to /actions should correspond to one either 'Acknowledge' or 'Resolve' button press events on interactive messages sent to Slack. Each event must contain a token value in the payload that matches the SLACK_VERIFICATION_TOKEN. SlackAlertService uses the PagerDutyIncidentHandler helper class to send API requests to update tickets accordingly.

Messages sent to either the /alerts or /actions endpoints are authenticated using an api_key parameter present in the URL (e.g. 'http://example.com/alerts?api_key=thisismyapikey'). The API is hashed on the server side and compared to the environment variable API_KEY_HASH.

Messages sent to the /actions endpoint will also be validated according to the Slack Verification Token. Verification is performed by comparing the token included in every message sent from Slack to the SLACK_VERIFICATION_TOKEN environment variable. The value being sent can be customized via the Slack App.