update docs and remove all references to slack webhooks

Author: yasunariw

README.md

@@ -22,7 +22,7 @@ Run the `_build/default/src/notabot.exe` binary. The following commands are supp
 
 - `run`: Launch the HTTP server
 - `check_gh <GH_PAYLOAD>`: read a Github notification from a file and display the actions that will be taken (used for testing)
-- `check_slack <SLACK_PAYLOAD> <SLACK_WEBHOOK>`: read a Slack notification from a file and send it to a webhook (used for testing)
+- `check_slack <SLACK_PAYLOAD>`: read a Slack notification from a file and send it to a channel (used for testing)
 
 ### Documentation
 

documentation/config_docs.md

@@ -79,7 +79,7 @@ A **label rule** specifies whether or not a Slack channel should be notified, ba
 |-|-|-|-|
 | `allow` | whitelist of labels that should match the rule | Yes | all labels allowed if no list provided |
 | `ignore` | blacklist of labels that shouldn't match the rule | Yes | - |
-| `channel` | channel to use as webhook if the rule is matched | No | - |
+| `channel` | channel to notify if the rule is matched | No | - |
 
 ## Prefix Options
 
@@ -116,7 +116,7 @@ A **prefix rule** specifies whether or not a Slack channel should be notified, b
 |-|-|-|-|
 | `allow` | whitelist of file prefixes that should match the rule | Yes | all prefixes allowed if no list provided |
 | `ignore` | blacklist of file prefixes that shouldn't match the rule | Yes | - |
-| `channel` | channel to use as webhook if the rule is matched | No | - |
+| `channel` | channel to notify if the rule is matched | No | - |
 
 ## Status Options
 

documentation/secret_docs.md

@@ -8,44 +8,20 @@ A secrets file stores sensitive information. Unlike the repository configuration
 
 ```json
 {
-    "slack_hooks": [
-        {
-            "url": "https://slack_webhook_url",
-            "channel": "default"
-        },
-        {
-            "url": "https://slack_webhook_url",
-            "channel": "aa"
-        },
-        {
-            "url": "https://slack_webhook_url",
-            "channel": "backend"
-        },
-        {
-            "url": "https://slack_webhook_url",
-            "channel": "all-push-events"
-        },
-        {
-            "url": "https://slack_webhook_url",
-            "channel": "frontend-bot"
-        },
-        {
-            "url": "https://slack_webhook_url",
-            "channel": "aa-git"
-        },
-        {
-            "url": "https://slack_webhook_url",
-            "channel": "siren"
-        }
-    ]
+    "slack_client_id": "",
+    "slack_client_secret": ""
 }
 ```
 
 | value | description | optional | default |
 |-|-|-|-|
-| `slack_hooks` | list of channel names (`channel`) and their corresponding webhook endpoint (`url`) | No | - |
 | `gh_token` | specify to grant the bot access to private repositories; omit for public repositories | Yes | - |
 | `gh_hook_token` | specify to ensure the bot only receives GitHub notifications from pre-approved repositories | Yes | - |
+| `slack_client_id` | slack client ID, used for [oauth](https://api.slack.com/authentication/oauth-v2) authentication; can be found in your slack app's [management page](https://api.slack.com/apps) | No | - |
+| `slack_client_secret` | slack client secret, used for [oauth](https://api.slack.com/authentication/oauth-v2) authentication; can be found in your slack app's [management page](https://api.slack.com/apps) | No | - |
+| `slack_signing_secret` | specify to verify incoming slack requests; can be found in your slack app's [management page](https://api.slack.com/apps) | Yes | - |
+| `slack_oauth_state` | specify some unique value to maintain state b/w oauth request and callback and prevent CSRF (see [RFC6749](https://tools.ietf.org/html/rfc6749#section-4.1.1)) | Yes | - |
+| `slack_access_token` | slack bot token obtained via [oauth](https://api.slack.com/authentication/oauth-v2), enabling message posting to the workspace; if not provided initially, the first sucessful oauth exchange will update this field both in memory and on disk | Yes | - |
 
 ## `gh_token`
 

lib/config.atd

@@ -30,12 +30,6 @@ type config = {
   ?main_branch_name : string nullable; (* the name of the main branch; used to filter out notifications about merges of main branch into other branches *)
 }
 
-(* This specifies the Slack webhook to query to post to the channel with the given name *)
-type webhook = {
-  url : string; (* webhook URL to post the Slack message *)
-  channel : string; (* name of the Slack channel to post the message *)
-}
-
 (* This is the structure of the secrets file which stores sensitive information, and
    shouldn't be checked into version control.  *)
 type secrets = {

lib/slack.atd

@@ -1,9 +1,9 @@
-type webhook_notification_field = {
+type notification_field = {
   ?title: string nullable;
   value: string;
 }
 
-type webhook_notification_attachment = {
+type notification_attachment = {
   fallback: string nullable;
   ?mrkdwn_in: string list nullable;
   ?color: string nullable;
@@ -14,7 +14,7 @@ type webhook_notification_attachment = {
   ?title: string nullable;
   ?title_link: string nullable;
   ?text: string nullable;
-  ?fields: webhook_notification_field list nullable;
+  ?fields: notification_field list nullable;
   ?image_url: string nullable;
   ?thumb_url: string nullable;
   ?ts: int nullable;
@@ -39,25 +39,25 @@ type text_object = {
   text: string;
 }
 
-type webhook_notification_text_block = {
+type notification_text_block = {
   notification_type <json name="type"> : notification_section_block_type;
   text: text_object;
 }
 
-type webhook_notification_divider_block = {
+type notification_divider_block = {
   notification_type <json name="type"> : notification_divider_block_type;
 }
 
-type webhook_notification_block = [
-  Text of webhook_notification_text_block
-  | Divider of webhook_notification_divider_block
+type notification_block = [
+  Text of notification_text_block
+  | Divider of notification_divider_block
 ] <json adapter.ocaml="Atdgen_runtime.Json_adapter.Type_field">
 
 type notification = {
   channel: string;
   ?text: string nullable;
-  ?attachments: webhook_notification_attachment list nullable;
-  ?blocks: webhook_notification_block list nullable;
+  ?attachments: notification_attachment list nullable;
+  ?blocks: notification_block list nullable;
 }
 
 (* expected payload when exchanging oauth code for access token *)

lib/slack.ml

@@ -7,8 +7,6 @@ open Slack_j
 
 let log = Log.from "slack"
 
-type channel_hook = string
-
 let empty_attachments =
   {
     mrkdwn_in = None;

src/notabot.ml

@@ -96,10 +96,6 @@ let gh_payload =
   let doc = "JSON file containing a github webhook payload" in
   Arg.(required & pos 0 (some file) None & info [] ~docv:"GH_PAYLOAD" ~doc)
 
-let slack_webhook_url =
-  let doc = "slack webhook url" in
-  Arg.(required & pos 0 (some string) None & info [] ~docv:"SLACK_WEBHOOK" ~doc)
-
 let slack_payload =
   let doc = "JSON file containing a slack notification" in
   Arg.(required & pos 1 (some file) None & info [] ~docv:"SLACK_PAYLOAD" ~doc)