/code-pipeline-slack

Slack bot for code pipeline deployments

Primary LanguagePythonApache License 2.0Apache-2.0

Code Pipeline Slack Bot

This bot will notify you of CodePipeline progress (using CloudWatch Events).

We attempt to provide a unified summary, by pulling together multiple events, as well as information obtained by the API into a single message view.

Build

Launch

us-east-1 us-west-2
Launch Launch

Configuration / Customization

No configuration is necessary per pipeline. As part of the CF Stack, we subscribe to all CodePipeline and CodeBuild events (using CloudWatch Events).

When creating the CloudFormation stack, you can customize:

  • SlackChannel (defaults to builds).
  • SlackBotName (defaults to PipelineBuildBot).
  • SlackBotIcon (defaults to :robot_face: 🤖 ).

Additionally, you must provide both a SlackOAuthAccessToken and a SlackBotUserOAuthAccessToken, (see BotUsers for creating a slack bot user with an OAuth token). If you have the legacy integration token, just add that token to both fields. It is required to add the permission scope 'Access user’s public channels' (channels:history).

How it works

We utilize CloudWatch Events for CodePipline and CodeBuild to get notified of all status changes.

Using the notifications, as well as using the CodePipeline APIs, we are able to present a unified summary of your Pipeline and Build status.

IAM permissions

As part of the deployment, we create an IAM policy for the bot lambda function of:

Policies:
  - AWSLambdaBasicExecutionRole
  - Version: '2012-10-17'
    Statement:
      - Effect: Allow
        Action:
          - 'codepipeline:Get*'
          - 'codepipeline:List*'
        Resource: '*'
      - Effect: Allow
        Action:
          - 'codebuild:Get*'
        Resource: '*'

So we can retrieve information about all pipelines and builds. See template.yml for more detail.