Awx: Add support for Slack Apps for notification templates (and figure out how to handle soon-deprecated legacy Slack tokens)

Created on 6 Apr 2020 · 6Comments · Source: ansible/awx

ISSUE TYPE

Bug Report

SUMMARY

see: https://github.com/ansible/awx/issues/6517#issuecomment-609637267

You're reading this because you're looking for info on legacy custom integrations - an outdated way for teams to integrate with Slack. These integrations lack newer features and they will be deprecated and possibly removed in the future. We do not recommend their use.
Legacy token generator
This tool will not allow creation of new tokens beginning May 5th, 2020. Learn more about why you shouldn't use it anymore.

It _sounds like_ AWX's current Slack implementation is based on these legacy tokens, and it's been suggested by AWX users that the new Slack Apps don't work with AWX's current integration.

We'll likely need to support both.

api high bug

Source

ryanpetrello

Most helpful comment

TL;DR Instead of the legacy token you need to create an oauth token.

The current slack library continues to work with the new app based authorization in Slack.

Go to https://api.slack.com/apps
Click "Create New App" at the top right
Enter a name for your App and assign it to a workspace. Note: The name does not matter. Pick anything.
Click on "OAuth and Permissions" on the left.
Scroll down to Scopes and click "Add an OAuth Scope" and type "chat:write" and select the first result.
Scroll to the top and click "Install App to Workspace"
Click "Allow"
Under "Bot User OAuth Access Token" click "copy"
Paste the token in AWX Slack Notification Token box

chrismeyersfsu on 13 Apr 2020

👍3

All 6 comments

TL;DR Instead of the legacy token you need to create an oauth token.

The current slack library continues to work with the new app based authorization in Slack.

Go to https://api.slack.com/apps
Click "Create New App" at the top right
Enter a name for your App and assign it to a workspace. Note: The name does not matter. Pick anything.
Click on "OAuth and Permissions" on the left.
Scroll down to Scopes and click "Add an OAuth Scope" and type "chat:write" and select the first result.
Scroll to the top and click "Install App to Workspace"
Click "Allow"
Under "Bot User OAuth Access Token" click "copy"
Paste the token in AWX Slack Notification Token box

chrismeyersfsu on 13 Apr 2020

👍3

I can confirm that this works for AWX v9.3.0. Only step missing from guide was that we need to, in Slack, add the new App/bot to the channel(s).

atlekberg on 14 Apr 2020

👍1

@atlekberg I didn't have to add the App/bot to channels. Maybe I made a mistake and chat:write.public is required?

chrismeyersfsu on 16 Apr 2020

@chrismeyersfsu I don't know, but it complained about not being in channel so the natural next step, for me at least, was to invite the the app (as I've read elsewhere that this is needed for bots).

I managed to dig up the output from the log as well.

2020-04-14 10:40:36,198 DEBUG    awx.main.dispatch task b91f650b-07a0-4f6b-9f6c-30133b1773b9 starting awx.main.tasks.send_notifications(*[[19]])
2020-04-14 10:40:36,556 DEBUG    awx.main.notifications.slack_backend {'ok': False, 'error': 'not_in_channel', 'headers': {'date': 'Tue, 14 Apr 2020 10:40:36 GMT', 'server': 'Apache', 'x-slack-req-id': '82aa70cb94f5ff07de081bbae61a46cc', 'x-oauth-scopes': 'chat:write', 'x-accepted-oauth-scopes': 'chat:write', 'access-control-expose-headers': 'x-slack-req-id, retry-after', 'x-slack-backend': 'r', 'x-content-type-options': 'nosniff', 'expires': 'Mon, 26 Jul 1997 05:00:00 GMT', 'cache-control': 'private, no-cache, no-store, must-revalidate', 'x-xss-protection': '0', 'vary': 'Accept-Encoding', 'pragma': 'no-cache', 'access-control-allow-headers': 'slack-route, x-slack-version-ts, x-b3-traceid, x-b3-spanid, x-b3-parentspanid, x-b3-sampled, x-b3-flags', 'strict-transport-security': 'max-age=31536000; includeSubDomains; preload', 'referrer-policy': 'no-referrer', 'content-encoding': 'gzip', 'access-control-allow-origin': '*', 'content-length': '57', 'content-type': 'application/json; charset=utf-8', 'x-via': 'haproxy-www-939f'}}
2020-04-14 10:40:36,557 ERROR    awx.main.notifications.slack_backend Exception sending messages: Slack Notification unable to send drift: Tower Notification Test 3 https://ansible.someserver.com (not_in_channel)
2020-04-14 10:40:36,559 ERROR    awx.main.tasks Send Notification Failed Slack Notification unable to send drift: Tower Notification Test 3 https://ansible.someserver.com (not_in_channel)
Traceback (most recent call last):
  File "/var/lib/awx/venv/awx/lib/python3.6/site-packages/awx/main/tasks.py", line 324, in send_notifications
    sent = notification.notification_template.send(notification.subject, notification.body)
  File "/var/lib/awx/venv/awx/lib/python3.6/site-packages/awx/main/models/notifications.py", line 196, in send
    return backend_obj.send_messages([notification_obj])
  File "/var/lib/awx/venv/awx/lib/python3.6/site-packages/awx/main/notifications/slack_backend.py", line 56, in send_messages
    raise RuntimeError("Slack Notification unable to send {}: {} ({})".format(r, m.subject, ret['error']))
RuntimeError: Slack Notification unable to send drift: Tower Notification Test 3 https://ansible.someserver.com (not_in_channel)

atlekberg on 16 Apr 2020

I can confirm that this works for AWX v9.3.0. Only step missing from guide was that we need to, in Slack, add the new App/bot to the channel(s).

Yes, it looks like it's necessary but... how will you do that ? I can't find where in any slack menu it can be done...

Orabig on 18 Aug 2020

Yes, it looks like it's necessary but... how will you do that ? I can't find where in any slack menu it can be done...

@Orabig it's been a while while since I did this, but I believe you have to create a bot for your workspace and then invite that bot to the channel(s):
https://slack.com/intl/en-no/help/articles/115005265703-Create-a-bot-for-your-workspace

Hope that points you in the right direction.

atlekberg on 20 Aug 2020

Was this page helpful?

0 / 5 - 0 ratings