Getting "incoming_webhook" Configuration for Terraforming Slack Extension

I’m working on Terraforming Slack Extension as seen in


and

And I’m unsure of how to get the values for incoming_webhook block of the configuration (other than using the UI to authorize the slack integration and pulling those from Chrome developer console, or from Terraform plan after the UI change).

Anybody has managed to programmatically get those values, using Terraform or otherwise?

Just an example from one of those posts, this is how the whole config looks like:

 ~ resource "pagerduty_extension" "slack_nbh" {
      ~ config            = jsonencode(
          ~ {
              ~ access_token     = "redacted" -> "xoxp-******-******-******-******"
                bot              = {
                    bot_user_id = "U******1"
                }
                enterprise_id    = null
                incoming_webhook = {
                    channel           = "#fr-******-pagerduty"
                    channel_id        = "C******X"
                    configuration_url = "https://******.slack.com/services/******"
                    url               = "https://hooks.slack.com/services/******/******/******"
                }
                notify_types     = {
                    acknowledge = false
                    annotate    = true
                    assignments = false
                    escalate    = true
                    resolve     = false
                    trigger     = true
                }
                ok               = true
                referer          = "https://******.pagerduty.com/services/******/integrations"
                scope            = "identify,bot,commands,incoming-webhook,channels:read,groups:read,im:read,team:read,users:read,users:read.email,channels:write,chat:write:user,chat:write:bot,groups:write"
                team_id          = "T******Y"
                team_name        = "******"
                urgency          = {
                    high = true
                    low  = true
                }
                user_id          = "U******6"
            }
        )
        extension_objects = [
            "P******7",
        ]
        extension_schema  = "P******R"
        id                = "P******P"
        name              = "MyService103 - #fr-******-pagerduty in ******.slack.com"
    }

In the incoming_webhook block, how do I get channel_id , url and configuration_url

Hi there,

You can get the values for the incoming_webhook block by making a REST API request to the Get an extension endpoint. If you do not know the ID of the Slack extension, you can use the List extensions endpoint to list all of the extensions on your account and locate the ID for the Slack extension as well as the incoming_webhook data.

I hope this helps! Please let me know if you have any questions.

Cheers,

Cassie Champagne
Technical Support Specialist
PagerDuty Support
Be ready for anything in a world of digital everything:
Register now to join us for free at PagerDuty Summit 2021, June 22-25!

Hi Cassie,

If I understand correctly, the Get extension API will allow me to pull channel_id , url and configuration_url after I create and “authorize” the extension to interact with Slack.
I’m looking for a way to create and authorize them with Terraform, so those values wouldn’t be available via the extension API.

Oded

Hello Oded,

You are right. You would need to create the extension in order to pull the ID.

At this time, there isn’t a resource that would enable you authorise the Slack extension with Terraform. However, I have added your voice to a Feature Request round this.

Kind regards,

Hi. Thanks to others who have posted and replied in this thread

FWIW, we have the exact same problem and use case that Oded in this thread encountered. We wrote a module to automate creating PD services, where each one needs to have its own Slack extension.

But discovered same issue - incoming_webhook.url + incoming_webhook.configuration_url are not reliable for a few reasons:

  • they cannot be used by two technical services even if they posting to the same Slack channel. So if I want to automate creating services Foo and Bar under the same business service (our common use case), and posting to same Slack channel, they would still have different values for incoming_webhook.url + incoming_webhook.configuration_url. Our usual workaround for programatically accessing Slack webhooks is to store them in AWS SSM and access them as a TF data block via AWS provider. But now we would need to do that for every PD service, rather than just for every Slack channel

  • they will change if a user changes the Slack channel in UI for a given service, then reauthes and changes back to the original service. Eg, if service posts to Channel 1, then reauths to Channel 2, then reauths back to Channel 1, the original incoming_webhook.url + incoming_webhook.configuration_url for Channel 1 would no longer work for the service. This is less of a problem that we can control via PD UI perms, but just noticed the behavior and found it quite surprising, again because it can make a webhook invalid even if it is on same service, for same channel

This is all pretty frustrating behavior that is a blocker to fully automating our PD config via Terraform. Is there any timeline to addressing it or has anybody found another workaround? My only idea at this point is to spike the behavior I want myself, using a generic webhook extension.

Our configuration is essentially the same that Oded posted earlier in this thread, if it helps:

resource "pagerduty_extension" "this" {
  name              = "${pagerduty_service.this.name}-Slack V2"
  extension_schema  = data.pagerduty_extension_schema.this.id
  extension_objects = [pagerduty_service.this.id]

  config = jsonencode(
    {
      "app_id"              = local.slack.app_id,
      "bot_access_token_v2" = data.aws_ssm_parameter.slack_bot_token.value
      "bot_user_id"         = local.slack.bot_user_id,
      "token_type"          = "bot",

      "incoming_webhook" = {
        "channel"    = "#${var.slack_channel}",
        "channel_id" = lookup(local.slack.channel_ids, replace(var.slack_channel, "-", "_"))
        "configuration_url" = format(
          "https://REDACTED.slack.com/services/%s",
          split("/", trimprefix(data.aws_ssm_parameter.slack_webhook.value, "https://hooks.slack.com/services/"))[1]
        )
        "url" = data.aws_ssm_parameter.slack_webhook.value
      },

      "notify_types" = {
        "resolve"     = true,
        "trigger"     = true,
        "escalate"    = true,
        "acknowledge" = true,
        "assignments" = true,
        "annotate"    = true
      },
      "urgency" = {
        "high" = true,
        "low"  = true
      },
      "referer" = format("https://READACTED.pagerduty.com/services/%s/integrations", pagerduty_service.this.id),
      "ok"      = true,
      "scope"   = "app_mentions:read,channels:join,channels:manage,channels:read,chat:write,chat:write.public,commands,groups:read,groups:write,im:read,im:write,incoming-webhook,pins:write,team:read,users:read,workflow.steps:execute"
    }
  )
}

Is this still applicable with the latest version of the PagerDuty Slack integration and Terraform provider?

Hi Doug, I think so. We are using the latest version of Terraform PD provider, 1.11.0 and the Slack V2 extension schema. I also filed a separate ticket with PD support and the answer was in line with this thread - ie, that this use case is not currently handled.