Skip to content

Commit

Permalink
Merge branch 'master' into patch-2
Browse files Browse the repository at this point in the history
  • Loading branch information
thulieblack authored May 20, 2024
2 parents b35298c + 03077d9 commit 2fb29f8
Show file tree
Hide file tree
Showing 19 changed files with 1,907 additions and 15 deletions.
50 changes: 43 additions & 7 deletions .github/workflows/bounty-program-commands.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,18 @@ on:
types:
- created

env:
BOUNTY_PROGRAM_LABELS_JSON: |
[
{"name": "bounty", "color": "0e8a16", "description": "Participation in the Bounty Program"}
]
jobs:
guard-against-unauthorized-use:
if: >
github.actor != ('aeworxet' || 'thulieblack') &&
(
contains(github.event.comment.body, '/bounty' )
startsWith(github.event.comment.body, '/bounty' )
)
runs-on: ubuntu-latest
Expand All @@ -46,15 +52,10 @@ jobs:
if: >
github.actor == ('aeworxet' || 'thulieblack') &&
(
contains(github.event.comment.body, '/bounty' )
startsWith(github.event.comment.body, '/bounty' )
)
runs-on: ubuntu-latest
env:
BOUNTY_PROGRAM_LABELS_JSON: |
[
{"name": "bounty", "color": "0e8a16", "description": "Participation in the Bounty Program"}
]

steps:
- name: Add label `bounty`
Expand Down Expand Up @@ -88,3 +89,38 @@ jobs:
repo: context.repo.repo,
labels: [BOUNTY_PROGRAM_LABELS[0].name]
})
remove-label-bounty:
if: >
github.actor == ('aeworxet' || 'thulieblack') &&
(
startsWith(github.event.comment.body, '/unbounty' )
)
runs-on: ubuntu-latest

steps:
- name: Remove label `bounty`
uses: actions/github-script@v6

with:
github-token: ${{ secrets.GH_TOKEN }}
script: |
const BOUNTY_PROGRAM_LABELS = JSON.parse(process.env.BOUNTY_PROGRAM_LABELS_JSON);
let LIST_OF_LABELS_FOR_ISSUE = await github.rest.issues.listLabelsOnIssue({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.issue.number,
});
LIST_OF_LABELS_FOR_ISSUE = LIST_OF_LABELS_FOR_ISSUE.data.map(key => key.name);
if (LIST_OF_LABELS_FOR_ISSUE.includes(BOUNTY_PROGRAM_LABELS[0].name)) {
console.log('Removing label `bounty`...');
github.rest.issues.removeLabel({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
name: [BOUNTY_PROGRAM_LABELS[0].name]
})
}
2 changes: 1 addition & 1 deletion .github/workflows/create-event-ad-hoc.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
meeting_desc: ${{ github.event.inputs.desc }}
meeting_banner: ${{ github.event.inputs.meeting_banner }}
host: [email protected]
alternative_host: "[email protected],[email protected],[email protected],[email protected]"
alternative_host: "[email protected],[email protected],[email protected],[email protected],[email protected]"
issue_template_path: .github/workflows/create-event-helpers/issues_templates/ad-hoc.md
create_zoom: true
secrets:
Expand Down
45 changes: 45 additions & 0 deletions .github/workflows/slack-integration.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
name: Automatic Slack Management

on:
push:
paths:
- '**/slack/**/*'
- 'MAINTAINERS.yaml'
- 'WORKING_GROUPS.yaml'
- '.github/workflows/slack-integration.yml'

jobs:
deploy-changes-to-slack:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Deploy changes to Slack
run: |
cd .github/workflows/slack
terraform init
terraform apply \
-var "slack_token=${{ secrets.SLACK_INFRA_TOKEN }}" \
-auto-approve
- name: Check if there are any uncommitted changes
id: git-check
run: |
# Set the output should_push to true if there are uncommitted changes
if [ -n "$(git status --porcelain)" ]; then
echo "Changes detected"
echo "should_push=true" >> $GITHUB_OUTPUT
else
echo "No changes detected"
echo "should_push=false" >> $GITHUB_OUTPUT
fi
- name: Push changes to GitHub
if: steps.git-check.outputs.should_push == 'true'
uses: peter-evans/create-pull-request@38e0b6e68b4c852a5500a94740f0e535e0d7ba54 # use 4.2.4 https://github.com/peter-evans/create-pull-request/releases/tag/v4.2.4
with:
token: ${{ secrets.GH_TOKEN }}
commit-message: 'chore(slack): update slack configuration'
committer: asyncapi-bot <[email protected]>
author: asyncapi-bot <[email protected]>
title: 'ci(slack): update slack configuration'
body: 'This PR was automatically created by the Automatic Slack Management GitHub Action.'
branch: 'chore/slack-update-${{ github.run_number }}'
25 changes: 25 additions & 0 deletions .github/workflows/slack/.terraform.lock.hcl

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

147 changes: 147 additions & 0 deletions .github/workflows/slack/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,147 @@
## Infrastructure for slack integration

This directory contains the infrastructure for Slack integration. It is used to create/manage Slack channels and groups and invite users to Slack channels. The Slack integration is implemented using the [slack-terraform-provider](https://github.com/pablovarela/terraform-provider-slack).

### Prerequisites

- [A slack App](https://api.slack.com/apps) with the following scopes under `User Token Scopes` in `OAuth & Permissions`:

Write Permissions:
- `channels:write`
- `groups:write`
- `usergroups:write`

Read Permissions:
- `channels:read`
- `groups:read`
- `usergroups:read`

> [!CAUTION]
> Try to use a bot to log into Slack to prevent any changes from being attributed to the workspace owner. This is due to using a `user token` for authentication, which does the changes on behalf of the user who created the token.
- [API Token](https://api.slack.com/apps) after installing the app in your workspace. ( `xoxp-<your-slack-token>` )

- [Terraform](https://www.terraform.io/downloads.html) installed on your local machine.

### Usage

- Create a `terraform.tfvars` file in the `slack` directory with the following content:

```hcl
slack_token = "xoxp-<your-slack-token>"
```

- Run the following commands to create the Slack resources:

```bash
terraform init
terraform apply
```

> [!TIP]
> The `terraform apply` command will create the resources better to use `terraform plan` to see the changes before applying.
### How it works

Three main resources are created using the slack integration:

- `slack_channel`: This resource creates a slack channel. The channels are defined in the [channels.yaml](./channels/channels.yaml) file. with the structure explained there.

- `slack_usergroup`: This resource creates a Slack user group. The usergroups are defined in the [usergroups.yaml](./groups/groups.yaml) file, and their structure is explained there.

> [!CAUTION]
> The user groups should be unique across the workspace (i.e., no channel, user, or user group should have the same handle). Also, in case of user groups mentioned in the yaml existing in the workspace, you have to run the following command to import it to terraform state:
> ```bash
> terraform import module.groups.slack_usergroup.<resource name>[\"<usergroup name>\"] <usergroup id>
>
> # Example
> terraform import module.groups.slack_usergroup.wg_groups[\"Developer Experience\"] <actual_group_id>
> ```
- `slack_user`: This resource invites users to the Slack workspace. The users are defined in the [users.tf](./users/users.tf) file, and their structure is explained there.
### Pitfalls
- Use of bot token of the format `xoxo-<your-slack-token>` is not supported for creating user groups.
- The user group should be unique across the workspace (i.e., no channel, user, or user group should have the same handle).
- Please [import](#importing-existing-resources) the user groups to terraform state if they already exist in the workspace, as they **cannot be deleted** in Slack 😢.
> [!IMPORTANT]
> The terraform state will overwrite any description, name, or topic change. It is better to manage the changes in the YAML files and then apply them. However, the terraform state will not affect bookmarks, pinned items, etc.
### Importing existing resources
In case you have existing resources such as channels, user groups in the workspace, you can import them to the terraform state by transforming the `json` response from the slack API. An example script can be seen below:
```javascript
const fs = require('fs');
const fetch = require('node-fetch');
const token = 'xoxp-<your-slack-token>';
const fetchResource = async (resource, url_params) => {
// convert the url_params to query string
const url = new URL(`https://slack.com/api/${resource}`);
Object.keys(url_params).forEach(key => url.searchParams.append(key, url_params[key]));
const response = await fetch(url, {
method: 'GET',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': `Bearer ${token}`
}
});
const data = await response.json();
return data;
}
async function main() {
const channels = await fetchResource('conversations.list', { exclude_archived: true });
const usergroups = await fetchResource('usergroups.list', { include_users: true });
channels.channels.forEach(channel => {
console.log(`terraform import module.channels.slack_conversation.channels[\\"${channel.name}\\"] ${channel.id}`);
});
usergroups.usergroups.forEach(usergroup => {
console.log(`terraform import module.groups.slack_usergroup.wg_groups[\\"${usergroup.name}\\"] ${usergroup.id}`);
});
}
main();
```
### What all can be done?
#### Groups
The groups can be mentioned in the slack messages using the `@<group-name>` syntax. Addition of groups can be done by adding the group to the [groups.yaml](./groups/groups.yaml) file.
The following groups are being created currently:
- `tsc`
This group is for the Technical Steering Committee members mentioned in the [TSC_MEMBERS](../../../TSC_MEMBERS.json) file. Can be used to mention all the TSC members at once.
- `maintainers`
This group is for the all maintainers of the repository mentioned in the [MAINTAINERS](../../../MAINTAINERS.yaml) file. Can be used to mention all the maintainers at once.
- `studio`
This group consists of members actively working on the studio project.
- `coc_commitee`
This group consists of members of the Code of Conduct committee.
In addition to these groups are also being created for each working group mentioned in the [WORKING_GROUPS](../../../WORKING_GROUPS.yaml) file. Example: `@dx_wg`.
We are also having groups for maintainers of each repository mentioned in the [MAINTAINERS](../../../MAINTAINERS.yaml) file. You can mention the maintainers of a repository using `@maintainers_<repo-name>`. Example: `@maintainers_studio`.
#### Channels
Two types of channels are being created currently:
- General channels: The channels are defined in the [channels.yaml](./channels/channels.yaml) file with the structure explained there.
- Working group channels: The working group channels are created for each working group mentioned in the [WORKING_GROUPS](../../../WORKING_GROUPS.yaml) file. The channels are created with the name `wg_<working-group-name>` or custom nameas configured in the [WORKING_GROUPS](../../../WORKING_GROUPS.yaml) file.
85 changes: 85 additions & 0 deletions .github/workflows/slack/channels/channels.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
terraform {
required_providers {
slack = {
source = "pablovarela/slack"
version = "~> 1.0"
}
}
}

variable "data_sources" {
default = {
tsc_members_user_ids = []
maintainers_user_ids = []
repo_maintainers = {}
}
description = "Data sources for the slack channels from the users module"
}

locals {
channel_data = yamldecode(file("${path.module}/channels.yaml"))
channels = {
for channel in local.channel_data : channel.name => {
name = channel.name
topic = channel.topic
purpose = channel.purpose

# if permanent_members is not provided, then it wil be taken from local with the name in data sources
permanent_members = lookup(channel, "permanent_members", lookup(var.data_sources, lookup(channel, "data_source", channel.name), []))
is_private = channel.is_private
action_on_destroy = channel.action_on_destroy

# if private channel, then kick all users on update else none
action_on_update_permanent_members = channel.is_private ? "kick" : "none"
adopt_existing_channel = true
}
}
}

resource "slack_conversation" "channels" {
for_each = local.channels
name = each.value.name
topic = each.value.topic
purpose = each.value.purpose
permanent_members = each.value.permanent_members

is_private = each.value.is_private
action_on_destroy = each.value.action_on_destroy
action_on_update_permanent_members = each.value.action_on_update_permanent_members
adopt_existing_channel = each.value.adopt_existing_channel
}

locals {
working_groups_data = yamldecode(file("${path.module}/../../../../WORKING_GROUPS.yaml")).working_groups
wg_channels = {
for wg_data in local.working_groups_data : wg_data.name => {
name = lookup(lookup(lookup(wg_data, "slack", {}), "channel", {}), "handle", "wg-${replace(lower(wg_data.name), " ", "-")}")
purpose = lookup(lookup(lookup(wg_data, "slack", {}), "channel", {}), "description", lookup(wg_data, "description", ""))
topic = lookup(lookup(lookup(wg_data, "slack", {}), "channel", {}), "topic", "")

permanent_members = concat([for member in wg_data.chairpersons : member.slack], [for member in wg_data.members : member.slack])
is_private = false

action_on_destroy = "archive"
action_on_update_permanent_members = "none"
adopt_existing_channel = true
}
}
}

resource "slack_conversation" "wg_channels" {
for_each = local.wg_channels
name = each.value.name
topic = each.value.topic
purpose = each.value.purpose
permanent_members = each.value.permanent_members

is_private = each.value.is_private
action_on_destroy = each.value.action_on_destroy
action_on_update_permanent_members = each.value.action_on_update_permanent_members
adopt_existing_channel = each.value.adopt_existing_channel
}

output "wg_channels" {
value = slack_conversation.wg_channels
}
Loading

0 comments on commit 2fb29f8

Please sign in to comment.