Terraform to set up slack integration (#98)

This required some setup first: - Creating a Slack app with webhooks: https://api.slack.com/apps/A06KYD43DPE/incoming-webhooks? - Setting up a secret in Secret Manager in the cloud project with the webhook URL This will post to a new Slack channel in transparency-dev called `cloudbuild-dev`, which I've created as a private group with me as the only member for testing. When we're happy with this, we can deploy a prod version which posts to a public channel in the Slack channel.
transparency-dev · Feb 21, 2024 · 62bdaea · 62bdaea
1 parent 3b56a27
commit 62bdaea
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 0 deletions.
diff --git a/deployment/live/cloudbuild/dev/.terraform.lock.hcl b/deployment/live/cloudbuild/dev/.terraform.lock.hcl
diff --git a/deployment/modules/cloudbuild/main.tf b/deployment/modules/cloudbuild/main.tf
@@ -109,3 +109,18 @@ resource "google_project_iam_member" "cloudrun_deployer" {
   member  = "serviceAccount:${google_service_account.cloudbuild_service_account.email}"
 }
 
+module "cloud-build-slack-notifier" {
+  # This should be set back to the registry version when the following is merged:
+  # https://github.com/simplifi/terraform-google-cloud-build-slack-notifier/pull/8
+  source     = "github.com/mhutchinson/terraform-google-cloud-build-slack-notifier"
+  # source  = "simplifi/cloud-build-slack-notifier/google"
+  # version = "0.3.0"
+
+  name       = "gcp-slack-notifier-${var.env}"
+  project_id = var.project_id
+
+  # https://api.slack.com/apps/A06KYD43DPE/incoming-webhooks
+  slack_webhook_url_secret_id      = "gcb_slack_webhook_${var.env}"
+  slack_webhook_url_secret_project = var.project_id
+}
+