[OPE-173] Migrate Slack integration from Socket Mode to HTTP Events API#101
Merged
Conversation
Replaces the Socket Mode WebSocket transport with standard Slack HTTP
endpoints, making the app Marketplace-compatible and fixing the "Enable
Events" toggle problem that prevented bi-directional sync.
Backend:
- SlackEventHandler now holds *slack.Client (plain Web API); socketmode
package and Start()/listen() goroutines removed entirely
- Three new public methods: HandleEventsAPI, HandleInteraction, HandleCommand
replace the socketmode event loop — all existing business logic unchanged
- SlackSignatureVerification middleware updated to accept the signing secret
as a parameter (DB-stored, not env var)
- Three new Gin routes: POST /api/v1/slack/{events,interactions,commands}
each protected by HMAC-SHA256 signature verification
- url_verification challenge handled in /slack/events for initial URL setup
- Migration 000039: drops app_token column from slack_config
- SLACK_APP_TOKEN (xapp-...) no longer required or stored
Frontend:
- App Token field removed from SlackSetupModal and WizardStepSlack
- has_app_token and app_token fields removed from API types
Manifest:
- socket_mode_enabled: false
- request_url added to event_subscriptions, interactivity, and slash command
- YOUR-INSTANCE placeholder replaces hardcoded example URL
- Incorporates OPE-169 scope fixes (app_mentions:read, reactions:read,
users:read.email, app_mention and reaction_added events)
- Replace /incident slash command with /regen across handler and manifests - Fix slack_config_repository: remove app_token from hardcoded DoUpdates column list - Remove dead SlackAppToken field from config (Socket Mode remnant) - SlackHandlerResolver: lazy-init event handler from DB on first request, no server restart needed after Slack config is saved via UI - SlackSignatureVerification: accept func() string so signing secret is read from DB per-request (survives config changes without restart) - Routes: always register /slack/* endpoints regardless of startup state; pass resolver + dynamic secret instead of static values at boot - Handlers: accept SlackHandlerResolver; ACK url_verification even when handler is not yet initialized - SaveSlackConfig/DeleteSlackConfig: accept HandlerInvalidator to clear cached handler on config change - Generic webhook: accept flat single-alert payload in addition to alerts array - Remove slack-app-manifest.yaml (superseded by UI-generated manifest) - Makefile: skip npm install when node_modules already exists - Manifest generators (WizardStepSlack, SlackSetupModal): correct scopes, routes, socket_mode_enabled false, /regen command, no Socket Mode path - Fix Bot Token setup instruction to mention Install to Workspace step - .dockerignore: exclude frontend/node_modules from Docker build context
5 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
request_urlis set in the manifestSLACK_APP_TOKEN(xapp-...) — users now only need Bot Token + Signing Secret@regenmentions,/incidentcommands, channel message → timeline syncWhat changed
Backend
SlackEventHandlernow uses*slack.Clientdirectly;socketmodepackage and WebSocket goroutines removedPOST /api/v1/slack/{events,interactions,commands}— each verified with HMAC-SHA256 before dispatchSlackSignatureVerificationmiddleware updated to accept signing secret as a parameter (read from DB, not env)url_verificationchallenge response handled for initial Slack URL setupapp_tokencolumn fromslack_configFrontend
SlackSetupModalandWizardStepSlackManifest
socket_mode_enabled: false+request_urlfields for events, interactions, slash commandapp_mentions:read,reactions:read,app_mention+reaction_addedevents)How to test
slack-app-manifest.yaml— replaceYOUR-INSTANCEwith your local ngrok URL/incident new Test, ✅ reaction → acknowledged,@regen summarise this incidentCloses
Closes OPE-173 | Unblocks OPE-168