Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/m-mizutani/nounify
The unified customizable notification service for all HTTP requests with Rego
https://github.com/m-mizutani/nounify
go rego slack
Last synced: 14 days ago
JSON representation
The unified customizable notification service for all HTTP requests with Rego
- Host: GitHub
- URL: https://github.com/m-mizutani/nounify
- Owner: m-mizutani
- License: apache-2.0
- Created: 2024-06-29T12:15:27.000Z (4 months ago)
- Default Branch: main
- Last Pushed: 2024-07-18T04:54:51.000Z (4 months ago)
- Last Synced: 2024-10-04T21:36:07.016Z (about 1 month ago)
- Topics: go, rego, slack
- Language: Go
- Homepage:
- Size: 111 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# nounify
The unified notification service for all HTTP requests.
`nounify` can receives any notification from any services via HTTP. For example, you can send a notification from GitHub Webhooks, Google Pub/Sub, and so on. When receiving a notification via HTTP request, `nounify` validates and modifies the notification message based on Rego policies. Rego can not only permit or deny the request but also creating a new message from notification data. So you can customize the notification message for each channel.
For example, here is a rule that converts a GitHub Webhook message to a Slack message. The rule is triggered when a new issue is opened, and the message is sent to the `#github-notify` channel with the octopus emoji.
```rego
package schema.github_webhook
msg[{
"channel": "github-notify",
"color": "#2EB67D",
"emoji": ":octopus:",
"title": "New issue opened",
"body": input.body.issue.body,
"fields": [
{
"name": "Author",
"value": input.body.issue.user.login,
"link": input.body.issue.user.html_url,
},
{
"name": "Issue",
"value": sprintf("#%d: %s", [input.body.issue.number, input.body.issue.title]),
"link": input.body.issue.html_url,
},
],
}] {
input.header["X-Github-Event"] == "issues"
input.body.action == "opened"
}
```
When creating a new issue such as [this](https://github.com/m-mizutani/nounify/issues/2), the following message will be emitted.
## Usage
### Prerequisites
- Create a Slack App and get OAuth token.
- The app should have `chat:write`, `chat:write.customize` and `chat:write.public` scope.
- Install the app to your workspace.
- If you need to receive messages from GitHub App, create a GitHub App.
- Enable permissions for your interest and subscribe them. See [Using webhooks with GitHub Apps](https://docs.github.com/en/apps/creating-github-apps/registering-a-github-app/choosing-permissions-for-a-github-app) for more information.
- Install the app to your repository.
- Set random secret key for webhook, and keep it secret.
### Deploy
Set following environment variables to deploy `nounify`.
- Basic settings
- `NOUNIFY_ADDR` (required): The address to listen to. e.g. `0.0.0.0:8080`
- `NOUNIFY_RULE` (required): The path to the Rego policy file. e.g. `policies.rego`
- `NOUNIFY_SLACK_OAUTH_TOKEN` (required): The OAuth token of Slack App. It's recommended to set the token as a secret.
- Authentication settings
- `NOUNIFY_GITHUB_SECRET` (optional): The secret key for GitHub webhook. If you don't need to receive messages from GitHub, you can skip this.
- `NOUNIFY_GITHUB_ACTION_TOKEN` (optional): If set, nounify validates the token in `Authorization` header as `Bearer` from GitHub Actions OIDC.
- `NOUNIFY_GOOGLE_ID_TOKEN` (optional): If set, nounify validates the token in `Authorization` header as `Bearer` from Google ID Token.
Run `nounify` with the following command.
```shell
$ nounify serve
```
See [the example release configs](https://github.com/m-mizutani/releases/tree/main/cloud-run/nounify) with Cloud Build and Cloud Run.
## Rule
See [the rule document](docs/rule.md) for more information.
## License
Apache License 2.0