-
Notifications
You must be signed in to change notification settings - Fork 0
Notifiers
Notifiers receive every event that passes their when expression — they are not tied to the scm.provider annotation. All support name, enabled, when; message-based ones support template.
notifiers:
slack:
- name: prod-alerts
enabled: true
secretRef:
secretName: slack-webhook
channel: "#prod-alerts"
when: 'event.Namespace == "production" && stateIn("failure", "error")'
template: |
:rotating_light: *{{.PipelineName}}* failed in *{{.Namespace}}*
Run: {{.RunName}} · Commit: `{{ .CommitSHA | trunc 8 }}`
{{if .TargetURL}}<{{.TargetURL}}|View logs>{{end}}Tip: without a
when, a notifier fires for every state of every run — includingrunning. Production configs almost always wantstateIn("failure", "error")or terminal-states-only.
-
Auth: incoming webhook (
secretRef.secretName→ keywebhook_url) or bot token (bot_token.tokenRef.secretName→ keytoken, plusbot_token.channel_id). - Extras:
channel,username,icon_emoji. Message uses Slack mrkdwn.
-
Auth: incoming webhook URL (
secretRef.secretName→ keywebhook_url). - Rendered as an Adaptive Card; keep templates concise.
-
Auth: webhook URL (
secretRef.secretName) or bot token (bot_token.*with channel snowflake ID). Extra:username.
-
Auth: Events API v2 integration key (
secretRef.secretName→ keyintegration_key). - Extra:
severity. No template — the relay builds the alert payload. Pair withwhen: 'stateIn("failure", "error")'(and resolve flows on success).
-
Auth: API key (
secretRef.secretName→ keyapi_key). Extras:site(e.g.datadoghq.eu),tags. - Emits Datadog events for correlation on dashboards/monitors.
Posts a deployment/event marker to the Grafana Annotations API — the vertical line that lets you correlate "the graph changed here" with "we deployed here".
grafana:
- name: deploy-markers
enabled: true
url: https://grafana.company.example.com
secretRef:
secretName: grafana-token # service-account token, key "token"
tags: ["deploy"] # added to: tekton-events-relay, <state>
when: 'isPipelineRun() && event.PipelineName.startsWith("deploy-") && stateIn("success", "failure")'The annotation timestamp is the run's finish time; default text is {{.PipelineName}} {{.State}} ({{.RunName}}) (templatable).
Creates a Sentry release (version = CommitSHA, Sentry's recommended scheme) and marks a deploy to the environment (scm.context annotation, default production) — unlocking "this error first appeared in commit X". Fires only on success; creating an existing release is an upsert.
sentry:
- name: sentry
enabled: true
org: acme # organization slug
projects: ["api"]
secretRef:
secretName: sentry-token # auth token, key "token"
# base_url: https://sentry.company.example.com # self-hosted
when: 'isPipelineRun() && event.PipelineName.startsWith("deploy-")'Sends the event as JSON to any HTTP endpoint — the escape hatch for systems without a dedicated notifier.
webhook:
- name: devlake
enabled: true
secretRef:
secretName: devlake-webhook # key "url"
headers:
X-Source: tekton-events-relay
transform: |
{pipeline: .pipeline_name, result: .state, sha: .commit_sha,
startedDate: .started_at, finishedDate: .finished_at}
when: 'isPipelineRun() && stateIn("success", "failure")'-
Auth (
auth.type):bearer,basic,apikey(customheader), orhmac(signs the payload so the receiver can verify it). Each reads its material from*_fileSecret mounts. -
transform: a gojq expression reshaping the event JSON into whatever schema the destination expects — see the DevLake example.
Outbound calls go through the shared retry policy (backoff + jitter, Retry-After aware). Failures are visible in /readyz, tekton_events_relay_notifier_retries_total and, for permanent errors with the DLQ enabled, replayable.
Getting started
Reference
SCM providers
Notifiers
Running in production
More