How to add popular GOV.UK Slack integrations
Seal
Seal is a Slack bot that informs teams which pull requests they have open.
Configuration
Create a PR which adds some information (including team name and Slack channel) to alphagov.yml in the Seal repo. The Slack channel and team name must match the ones in the developer docs.
You can then set the following values to true if you want to receive the respective alerts:
- morning_seal_quotes: Morning quotes set by your team
- afternoon_seal_quotes: Afternoon quotes set by your team
- seal_prs: Morning alerts about old and recent pull requests by team members
If you choose to receive quotes, you will need to add them under a quotes key.
Make sure that the Slack channel name has been set as the ‘team’ in repos.yml in the GOV.UK Developer Docs repo. This will update this JSON endpoint which is used by the Seal.
Dependapanda
Dependapanda is a Slack bot which posts a list of open Dependabot Pull Requests for repos that a team owns.
Configuration
The process is the same as configuring the Seal. Just find your team in the config file and set dependapanda: true.
More information about the Seal can be found in Seal’s Github Readme.
Rotabot
The Rotabot calculates who’s turn it is to do the housekeeping today and tomorrow (usually tasks such as being in charge of Dependabots and Sentry alerts). The tasks in the Slack message are configured using Markdown, so it’s fairly flexible.
Configuration
The Rotabot is configured using the govuk-rota-announcer repo. Add your team config to the weekday or weekly config depending on how often they want to be notified.
Release App Badger
The Release App Badger informs the team if there are pull requests that have not been deployed for a while or if environments are out of sync. This was originally configured in a repo called GOV.UK Deploy Lag Badger but the functionality was moved into the Release app as a result of the move to EKS.
Configuration
In the Release app, the badger will notify teams depending on the dependency_team which is set in repos.json. The dependency_team field in the repos.json file is pulled from the team field in the repos.yml file if dependency_team isn’t set. If dependency_team isn’t set, the team in repos.yml file would need to be the name of the Slack channel that you want to post to.
Sentry
Sentry is an error monitoring tool that we use on GOV.UK.
Configuration
Please see these docs. When creating a rule to send a notification to Slack, you may find that you need to input a channel ID as well as channel name. The ID can be found by clicking on the channel name in Slack and scrolling down until you can see the channel ID.
CI Bot
We must ensure all our repositories undergo regular security scans to establish a fundamental level of security awareness, effectively addressing vulnerabilities in both our code and third-party dependencies and mitigating the risk of Common Vulnerabilities and Exposures (CVEs).
To facilitate this, the CI Bot informs teams about missing scans in their repos’ CI pipelines. It is currently configured to check if repos have CodeQL(SAST) and Dependency Review (SCA) scans.
Configuration
These scans must be included as jobs in the CI pipeline of all GOV.UK repositories. It’s essential to ensure that every repository has these scans. If there’s a compelling reason to exclude a repository from this check, please modify the ignored_ci_repos.yml file in the Seal repository. Ensure that any exclusions are accompanied by a well-justified reason.
Gem Version Checker
A workflow that checks if our gems have unreleased versions and sends a Slack notification to the owning team warning them about it.
Configuration
No configuration needed, the Seal will get a list of all the repos marked as gems from the dev docs.
Report GitHub workflow run failure to Slack
A custom GitHub action that sends a notification to a nominated Slack channel when a GitHub workflow run fails. The action is typically used to notify a team about critical CI failures on the main branch.
Configuration
Add the GitHub action as a step by following the instructions in the README.