ref(bot): use bolt for app #1391
Conversation
seaerchin
changed the base branch from
develop
to
harish/isom-1037-create-automation-for-prod-ops-to-whitelist
|
pending actions on my end: spin up local |
seaerchin
force-pushed
the
harish/isom-1037-create-automation-for-prod-ops-to-whitelist
branch
from
3103275 to
4e961c3
Compare
add slack signing secrets
use bolt for our app; commented out whitelist emails for now
add extra env vars
had to omit using shared middleware - not sure if this will impact anything. this is because bolt runs their own custom middleware and using our shared middleware for this path runs into errors. additionally, we might want to version it better
shift to extra const file
remove extra payload
| const slackTimestamp = req.headers["x-slack-request-timestamp"] as string | ||
| const slackSig = req.headers["x-slack-signature"] as string | ||
|
|
||
| if (!slackTimestamp || !slackSig) | ||
| return res.send({ message: "Missing header/signature" }) |
There was a problem hiding this comment.
we don't need this as bolt provides this by default - see here
| export interface SlackPayload { | ||
| token: string | ||
| team_id: string | ||
| team_domain: string | ||
| channel_id: string | ||
| channel_name: string | ||
| user_id: string | ||
| user_name: string | ||
| command: string | ||
| text: string | ||
| } |
There was a problem hiding this comment.
used inbuilt type SlashCommand
| return ResultAsync.fromPromise( | ||
| Promise.race([ | ||
| dns.resolveCname(domain), | ||
| new Promise<null>((_, reject) => | ||
| setTimeout(() => reject(null), DNS_TIMEOUT) | ||
| ), | ||
| ]), | ||
| () => { | ||
| logger.info({ | ||
| message: "Error resolving CNAME", | ||
| meta: { domain, method: "checkCname" }, | ||
| }) | ||
| return new Error() | ||
| } | ||
| ) |
There was a problem hiding this comment.
we don't need to Promise.race because we await ack() in the caller - that's the ack within 3s that slack is waiting for.
see here under listening and responding to commands
| } | ||
|
|
||
| public async whitelistEmails(payload: SlackPayload) { | ||
| public async whitelistEmails(text: string) { | ||
| // Sample user input: | ||
| // email1,expDate email2,expDate | ||
| // email1@xyz.com,2024-06-22 email2@abc.com,2025-01-31 |
There was a problem hiding this comment.
does this format make sense, feel free to suggest alternatives
There was a problem hiding this comment.
we can run with this first and let prod ops decide. tbh i think this won't quite work for >2-3 emails but idk how rare that would be
| @@ -173,6 +173,14 @@ | |||
| "name": "SITE_PASSWORD_SECRET_KEY", | |||
| "valueFrom": "STAGING_SITE_PASSWORD_SECRET_KEY" | |||
| }, | |||
| { | |||
| "name": "SLACK_SIGNING_SECRET", | |||
There was a problem hiding this comment.
need to add to SSM also right. Rmb when deploying!
Problem
At present, we are using express' router for interfacing with slack, which is less ergonomic than using bolt. this is problematic because we want to offload some tasks from form -> slack bot, which might be more cumbersome using bolt.
Solution
Shift from using express to using
bolt+ExpressReceiver. This simplifies code-flow abit, but note that there si some validation logic which isn't captured here but will be downstreamTests
NOTE: This is untested at present
Deploy Notes
SLACK