Add support for Slack Apps for notification templates (and figure out how to handle soon-deprecated legacy Slack tokens)

[ryanpetrello]

ISSUE TYPE

• Bug Report

SUMMARY

see: #6517 (comment)

You're reading this because you're looking for info on legacy custom integrations - an outdated way for teams to integrate with Slack. These integrations lack newer features and they will be deprecated and possibly removed in the future. We do not recommend their use.
Legacy token generator
This tool will not allow creation of new tokens beginning May 5th, 2020. Learn more about why you shouldn't use it anymore.

It sounds like AWX's current Slack implementation is based on these legacy tokens, and it's been suggested by AWX users that the new Slack Apps don't work with AWX's current integration.

We'll likely need to support both.

[chrismeyersfsu]

TL;DR Instead of the legacy token you need to create an oauth token.

The current slack library continues to work with the new app based authorization in Slack.

1. Go to https://api.slack.com/apps
   
2. Click "Create New App" at the top right
3. Enter a name for your App and assign it to a workspace. Note: The name does not matter. Pick anything.
   
4. Click on "OAuth and Permissions" on the left.
   
5. Scroll down to Scopes and click "Add an OAuth Scope" and type "chat:write" and select the first result.
   
6. Scroll to the top and click "Install App to Workspace"
   
7. Click "Allow"
   
8. Under "Bot User OAuth Access Token" click "copy"
   
9. Paste the token in AWX Slack Notification Token box
   

[atlekberg]

I can confirm that this works for AWX v9.3.0. Only step missing from guide was that we need to, in Slack, add the new App/bot to the channel(s).

[chrismeyersfsu]

@atlekberg I didn't have to add the App/bot to channels. Maybe I made a mistake and chat:write.public is required?

[atlekberg]

@chrismeyersfsu I don't know, but it complained about not being in channel so the natural next step, for me at least, was to invite the the app (as I've read elsewhere that this is needed for bots).

I managed to dig up the output from the log as well.

2020-04-14 10:40:36,198 DEBUG    awx.main.dispatch task b91f650b-07a0-4f6b-9f6c-30133b1773b9 starting awx.main.tasks.send_notifications(*[[19]])
2020-04-14 10:40:36,556 DEBUG    awx.main.notifications.slack_backend {'ok': False, 'error': 'not_in_channel', 'headers': {'date': 'Tue, 14 Apr 2020 10:40:36 GMT', 'server': 'Apache', 'x-slack-req-id': '82aa70cb94f5ff07de081bbae61a46cc', 'x-oauth-scopes': 'chat:write', 'x-accepted-oauth-scopes': 'chat:write', 'access-control-expose-headers': 'x-slack-req-id, retry-after', 'x-slack-backend': 'r', 'x-content-type-options': 'nosniff', 'expires': 'Mon, 26 Jul 1997 05:00:00 GMT', 'cache-control': 'private, no-cache, no-store, must-revalidate', 'x-xss-protection': '0', 'vary': 'Accept-Encoding', 'pragma': 'no-cache', 'access-control-allow-headers': 'slack-route, x-slack-version-ts, x-b3-traceid, x-b3-spanid, x-b3-parentspanid, x-b3-sampled, x-b3-flags', 'strict-transport-security': 'max-age=31536000; includeSubDomains; preload', 'referrer-policy': 'no-referrer', 'content-encoding': 'gzip', 'access-control-allow-origin': '*', 'content-length': '57', 'content-type': 'application/json; charset=utf-8', 'x-via': 'haproxy-www-939f'}}
2020-04-14 10:40:36,557 ERROR    awx.main.notifications.slack_backend Exception sending messages: Slack Notification unable to send drift: Tower Notification Test 3 https://ansible.someserver.com (not_in_channel)
2020-04-14 10:40:36,559 ERROR    awx.main.tasks Send Notification Failed Slack Notification unable to send drift: Tower Notification Test 3 https://ansible.someserver.com (not_in_channel)
Traceback (most recent call last):
  File "/var/lib/awx/venv/awx/lib/python3.6/site-packages/awx/main/tasks.py", line 324, in send_notifications
    sent = notification.notification_template.send(notification.subject, notification.body)
  File "/var/lib/awx/venv/awx/lib/python3.6/site-packages/awx/main/models/notifications.py", line 196, in send
    return backend_obj.send_messages([notification_obj])
  File "/var/lib/awx/venv/awx/lib/python3.6/site-packages/awx/main/notifications/slack_backend.py", line 56, in send_messages
    raise RuntimeError("Slack Notification unable to send {}: {} ({})".format(r, m.subject, ret['error']))
RuntimeError: Slack Notification unable to send drift: Tower Notification Test 3 https://ansible.someserver.com (not_in_channel)

[Orabig]

I can confirm that this works for AWX v9.3.0. Only step missing from guide was that we need to, in Slack, add the new App/bot to the channel(s).

Yes, it looks like it's necessary but... how will you do that ? I can't find where in any slack menu it can be done...

[atlekberg]

Yes, it looks like it's necessary but... how will you do that ? I can't find where in any slack menu it can be done...

@Orabig it's been a while while since I did this, but I believe you have to create a bot for your workspace and then invite that bot to the channel(s):
https://slack.com/intl/en-no/help/articles/115005265703-Create-a-bot-for-your-workspace

Hope that points you in the right direction.

[pauby]

I know this issue is closed but I wanted to update the notes on this comment to say that chart:write was not available for an app we already had installed (it was a Bot app that requires access to the RTM API) so I had to add chat:write:user to get it to work.

UPDATE: Actually chat:write:user did work, but it ended up posting as me rather than as the app name. What worked for was to use the Slack Webhook by selecting the Notification type of Mattermost in Ansible Tower and pasting the Slack Webhook URL in.

[louise-zhang]

Mattermost works for me as mentioned by @pauby

[ddavtian]

Also don't forget to add the app created to the channel