Skip to content
Get Slack notifications from Google Cloud Platform
Branch: master
Clone or download
Latest commit 23bfeaa Aug 13, 2017
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
tutorial
.gitignore
LICENSE
Makefile
README.md
index.js
package-lock.json
package.json

README.md

gSlack

Prerequisites

  • Have a Google Cloud Platform project with enabled billing
  • Have access to a user with Owner role on the project
  • Have gcloud SDK and CLI installed on your machine (quickstart)

Deployment

  • Make sure your gcloud SDK and CLI environment is authenticated against the requested GCP project with a user that has Owner permissions.
  • Run $ make create-export PROJECT=<YOUR_PROJECT_ID> (Replace <YOUR_PROJECT_ID> with your project ID)
  • Run $ make deploy-function PROJECT=<YOUR_PROJECT_ID> (Replace <YOUR_PROJECT_ID> with your project ID)
  • Configure the deployment using the Datastore UI

Generate Slack API Token

  • Go to https://<YOUR_SLACK_TEAM>.slack.com/apps/new/A0F7YS25R-bots
  • Enter a name for the bot to post with. (i.e. gcp-alert-service)
  • Click Add bot integration.
  • Wait until the UI displays the API Token and copy the string (i.e. xxxx-yyyyyyyyyyyy-zzzzzzzzzzzzzzzzzzzzzzzz)
  • Configure the deployment configuration using the Datastore UI by adding a Config {"name":"slackAPIToken","value":"<YOUR_SLACK_API_TOKEN>"} entity.

Datastore configuration

  • Config {"name":"slackAPIToken","value":"...."} (exactly 1)
  • Test {"slackChannel":"...","test":"...","message":"..."} (1 or more)

test Must be a a valid JS expression that returns a boolean. If it returns true the test passes. e.g. $.protoPayload.serviceName==='cloudfunctions.googleapis.com'

message Must be a a valid JS string template. It will be evaluated to produce the message. e.g. This is the logname: ${$.logName}

Examples

The information received by the function for the log entry is something like this:

{
 protoPayload: {
  @type:  "type.googleapis.com/google.cloud.audit.AuditLog"    
  status: {
  }
  authenticationInfo: {
   principalEmail:  "...@doit-intl.com"     
  }
  requestMetadata: {
   callerIp:  "..."     
   callerSuppliedUserAgent:  "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36,gzip(gfe)"     
  }
  serviceName:  "storage.googleapis.com"    
  methodName:  "storage.buckets.create"    
  authorizationInfo: [
   0: {
    permission:  "storage.buckets.create"      
    granted:  true      
   }
  ]
  resourceName:  "projects/_/buckets/bababab-vadim"    
  serviceData: {
   @type:  "type.googleapis.com/google.iam.v1.logging.AuditData"     
   policyDelta: {
    bindingDeltas: [
     0: {
      action:  "ADD"        
      role:  "roles/storage.legacyBucketOwner"        
      member:  "projectOwner:..."        
     }
     1: {
      action:  "ADD"        
      role:  "roles/storage.legacyBucketOwner"        
      member:  "projectEditor:..."        
     }
     2: {
      action:  "ADD"        
      role:  "roles/storage.legacyBucketReader"        
      member:  "projectViewer:..."        
     }
    ]
   }
  }
  request: {
   defaultObjectAcl: {
    bindings: [
     0: {
      members: [
       0:  "projectOwner:..."         
       1:  "projectEditor:..."         
      ]
      role:  "roles/storage.legacyObjectOwner"        
     }
     1: {
      members: [
       0:  "projectViewer:..."         
      ]
      role:  "roles/storage.legacyObjectReader"        
     }
    ]
    @type:  "type.googleapis.com/google.iam.v1.Policy"      
   }
  }
 }
 insertId:  "552D5EE8A9ED9.A65A379.EF01047D"   
 resource: {
  type:  "gcs_bucket"    
  labels: {
   storage_class:  ""     
   location:  "US-CENTRAL1"     
   bucket_name:  "bababab-vadim"     
   project_id:  "..."     
  }
 }
 timestamp:  "2017-06-26T05:07:46.673Z"   
 severity:  "NOTICE"   
 logName:  "projects/.../logs/cloudaudit.googleapis.com%2Factivity"   
 receiveTimestamp:  "2017-06-26T05:07:54.586745618Z"   
}

Google Cloud Storage Bucket Created/Deleted

Display bucket name, created/deleted, location, project and by who.

{
    slackChannel:"...",

    test:"$.protoPayload.serviceName==='storage.googleapis.com' && ( $.protoPayload.methodName==='storage.buckets.create' || $.protoPayload.methodName==='storage.buckets.delete')",
    
    message:"Bucket '${$.resource.labels.bucket_name}' was ${$.protoPayload.methodName==='storage.buckets.create'?'created':'deleted'} at location '${$.resource.labels.location}' by '${$.protoPayload.authenticationInfo.principalEmail}' in project '${$.resource.labels.project_id}'"
}

Google Compute Engine Instance Started/Stopped

Display instance name, started/stopped, zone, project and by who.

{
    slackChannel:"...",
    
    test:"$.protoPayload.serviceName==='compute.googleapis.com' && ( $.protoPayload.methodName==='v1.compute.instances.start' || $.protoPayload.methodName==='v1.compute.instances.stop') && $.operation.last",
    
    message:"Instance '${$.protoPayload.resourceName.split('/').slice(-1)[0]}' was ${$.protoPayload.methodName==='v1.compute.instances.start'?'started':'stopped'} at zone '${$.resource.labels.zone}' by '${$.protoPayload.authenticationInfo.principalEmail}' in project '${$.resource.labels.project_id}'"
}

Google App Engine New Version Deployed

Display project, module, version and by who.

{
    slackChannel:"...",
    test:"$.protoPayload.serviceName==='appengine.googleapis.com' && $.protoPayload.methodName==='google.appengine.v1.Versions.CreateVersion' && $.operation.last",
    
    message:"Google AppEngine version created with version ID '${$.resource.labels.version_id}' for module '${$.resource.labels.module_id}' by '${$.protoPayload.authenticationInfo.principalEmail}' in project '${$.resource.labels.project_id}'"
}
You can’t perform that action at this time.