{"id":50166011,"url":"https://github.com/jae-labs/concierge","last_synced_at":"2026-06-07T01:01:43.572Z","repository":{"id":359445008,"uuid":"1246113986","full_name":"jae-labs/conCIerge","owner":"jae-labs","description":"A Slack ChatOps Bot written in GoLang which provisions resources, manages access, and automates workflows across various vendors via Terraform.","archived":false,"fork":false,"pushed_at":"2026-06-02T22:39:04.000Z","size":506,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-02T23:20:58.923Z","etag":null,"topics":["bot","chatops","golang","iac","slack","terraform"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jae-labs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null},"funding":{"github":"luiz1361","buy_me_a_coffee":"luiz1361"}},"created_at":"2026-05-21T22:17:08.000Z","updated_at":"2026-06-02T22:41:42.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/jae-labs/conCIerge","commit_stats":null,"previous_names":["jae-labs/concierge"],"tags_count":22,"template":false,"template_full_name":null,"purl":"pkg:github/jae-labs/conCIerge","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jae-labs%2FconCIerge","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jae-labs%2FconCIerge/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jae-labs%2FconCIerge/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jae-labs%2FconCIerge/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jae-labs","download_url":"https://codeload.github.com/jae-labs/conCIerge/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jae-labs%2FconCIerge/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33924832,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-04T02:00:06.755Z","response_time":64,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bot","chatops","golang","iac","slack","terraform"],"created_at":"2026-05-24T21:00:40.728Z","updated_at":"2026-06-05T00:01:05.139Z","avatar_url":"https://github.com/jae-labs.png","language":"Go","funding_links":["https://github.com/sponsors/luiz1361","https://buymeacoffee.com/luiz1361"],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n\u003cimg src=\"assets/logo.png\" alt=\"conCierge Logo\" width=\"120\"/\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n\u003ca href=\"https://codecov.io/gh/jae-labs/conCIerge\"\u003e\u003cimg src=\"https://codecov.io/gh/jae-labs/conCIerge/branch/main/graph/badge.svg\" alt=\"codecov\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/jae-labs/conCIerge/issues\"\u003e\u003cimg src=\"https://img.shields.io/github/issues/jae-labs/conCIerge\" alt=\"GitHub issues\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/jae-labs/conCIerge/stargazers\"\u003e\u003cimg src=\"https://img.shields.io/github/stars/jae-labs/conCIerge\" alt=\"GitHub stars\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/jae-labs/conCIerge/network\"\u003e\u003cimg src=\"https://img.shields.io/github/forks/jae-labs/conCIerge\" alt=\"GitHub forks\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/jae-labs/conCIerge/releases\"\u003e\u003cimg src=\"https://img.shields.io/github/downloads/jae-labs/conCIerge/total\" alt=\"Downloads\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/jae-labs/conCIerge/actions/workflows/ci.yml\"\u003e\u003cimg src=\"https://github.com/jae-labs/conCIerge/actions/workflows/ci.yml/badge.svg\" alt=\"CI\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/jae-labs/conCIerge/actions/workflows/release.yml\"\u003e\u003cimg src=\"https://github.com/jae-labs/conCIerge/actions/workflows/release.yml/badge.svg\" alt=\"Release\"\u003e\u003c/a\u003e\n\u003ca href=\"https://goreportcard.com/report/github.com/jae-labs/conCIerge\"\u003e\u003cimg src=\"https://goreportcard.com/badge/github.com/jae-labs/conCIerge\" alt=\"Go Report Card\"\u003e\u003c/a\u003e\n\u003ca href=\"LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/github/license/jae-labs/conCIerge\" alt=\"License\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/jae-labs/conCIerge/releases\"\u003e\u003cimg src=\"https://img.shields.io/github/v/release/jae-labs/conCIerge\" alt=\"GitHub release\"\u003e\u003c/a\u003e\n\u003ca href=\"go.mod\"\u003e\u003cimg src=\"https://img.shields.io/github/go-mod/go-version/jae-labs/conCIerge\" alt=\"Go Version\"\u003e\u003c/a\u003e\n\u003ca href=\"https://buymeacoffee.com/luiz1361\"\u003e\u003cimg src=\"https://img.shields.io/badge/Buy%20Me%20A%20Coffee-donate-orange.svg?logo=buymeacoffee\" alt=\"Buy Me A Coffee\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\nSlack-native GitOps for infrastructure changes across GitHub, Cloudflare, and Doppler.\n\n`conCIerge` is a Go Slack bot that turns structured Slack requests into reviewed Terraform pull requests. Users request changes in Slack, the bot fetches live Terraform locals from the external `jae-labs/terraform` repository, validates intent, edits HCL, opens a PR, and posts the request summary back to `#concierge`.\n\nIt does not mutate production directly. The control point stays where it should: normal GitHub review, merge, and CI/CD in the Terraform repository.\n\n## Why conCIerge?\n\n- Replaces ad hoc infrastructure requests with structured Slack workflows.\n- Keeps infrastructure changes in Git, reviewable, auditable, and reversible.\n- Reads live Terraform state from the `jae-labs/terraform` repository to populate modals and validate input.\n- Supports GitHub repositories, org settings, team membership, Cloudflare DNS, and Doppler projects.\n- Uses nonce-protected multi-step Slack flows to avoid stale or duplicated submissions.\n- Keeps the apply boundary outside the bot; it prepares code changes, not direct infra mutations.\n\n## Quick Start\n\n### Prerequisites\n\n- Go `1.25+`\n- Slack app credentials\n- GitHub App credentials with access to the Terraform repository\n- Doppler CLI if you use Doppler for local secret injection\n\n### Required configuration\n\nRequired baseline config:\n\n- `SLACK_BOT_TOKEN`\n- `SLACK_REQUESTS_CHANNEL_ID`\n- `GITHUB_APP_ID`\n- `GITHUB_APP_INSTALLATION_ID`\n- `GITHUB_APP_PRIVATE_KEY`\n- `GITHUB_OWNER` -- owner of the Terraform repository the bot mutates\n- `GITHUB_REPO` -- repository name of the Terraform repository, not this bot repo\n- `SLACK_APP_TOKEN` for Socket Mode or `SLACK_SIGNING_SECRET` for HTTP mode\n\n### Run locally\n\nUse Doppler if that is your secret source:\n\n```sh\ndoppler login\ndoppler setup\ndoppler run -- go run ./cmd/concierge\n```\n\nLive reload:\n\n```sh\nair\n```\n\nBuild manually:\n\n```sh\ngo build ./cmd/concierge\n./concierge\n```\n\nLocal development defaults to Slack Socket Mode. Production runs the same binary with `SLACK_MODE=http` behind nginx and exposes `GET /health` for uptime checks.\n\n## What it manages\n\n| Domain | Resource | Actions |\n|---|---|---|\n| GitHub | Repository | Add, Remove, Update |\n| GitHub | Org Settings | Update |\n| GitHub | Team Membership | Add to Team, Remove from Team, Change Role |\n| Cloudflare | DNS Records | Add, Remove, Update |\n| Doppler | Projects | Add, Remove, Update |\n\n## Why this design\n\n| Capability | Benefit |\n|---|---|\n| Slack-first request intake | Lowers friction for operators and requesters |\n| Terraform PR generation | Preserves review, audit trail, and rollback path |\n| HCL parse + render validation | Reduces malformed output risk |\n| Thread-keyed in-memory state | Keeps multi-step flows isolated per request |\n| Nonce-based callback protection | Rejects stale modal submissions safely |\n| GitHub App auth | Avoids long-lived personal credentials |\n| OpenTelemetry + Prometheus + Sentry hooks | Improves observability and incident triage |\n\n## CI and releases\n\n| Workflow | Trigger | Behavior |\n|---|---|---|\n| `ci.yml` | Pushes to `main` and pull requests | Runs formatting, lint, tests, coverage upload, build checks, and security-oriented validation |\n| `release.yml` | Pushes to `main` | Builds release artifacts, creates GitHub releases, builds and pushes the container image, and deploys production via the external Ansible repository |\n\nPublished release assets:\n\n| Platform | Asset |\n|---|---|\n| Linux amd64 | `concierge-linux-amd64` |\n| Linux arm64 | `concierge-linux-arm64` |\n| macOS amd64 | `concierge-darwin-amd64` |\n| macOS arm64 | `concierge-darwin-arm64` |\n\n## Related repositories\n\n| Repository | Purpose |\n|---|---|\n| [`jae-labs/terraform`](https://github.com/jae-labs/terraform) | Terraform source of truth edited by the bot |\n| [`jae-labs/ansible`](https://github.com/jae-labs/ansible) | OCI host configuration and production deployment automation |\n\n## Documentation\n\n| Document | Description |\n|---|---|\n| [Architecture](docs/architecture.md) | Runtime design, package map, request lifecycle, env vars, IaC coupling |\n| [Adding a Resource Type](docs/adding-a-resource-type.md) | Checklist for adding new Terraform-backed resources |\n| [Validation Patterns](docs/validation-patterns.md) | Input validation rules and error handling patterns |\n| [Modals and Blocks](docs/modals-and-blocks.md) | Block Kit conventions, modal builders, and flow structure |\n\n## Test\n\n```sh\ngo test ./...\n```\n\n## Contributing\n\nSee `AGENTS.md` and the docs in `docs/` before changing flow behavior, Terraform file paths, or modal structures. This project has hard coupling to the external `jae-labs/terraform` repository, so README-level simplification does not remove implementation constraints.\n\n## License\n\nSee [LICENSE](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjae-labs%2Fconcierge","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjae-labs%2Fconcierge","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjae-labs%2Fconcierge/lists"}