Slack plugin for dashboad alerts
I'd like to describe you a use case, perceived problems and possible work around in order to get feedback from you and hopefully future improvements from seq.
With the new dashboards / alerts one understandably might wants to send the alerts to Slack. We do have a [plugin for Slack](https://github.com/bytenik/Seq.App.Slack) already, but it was written in pre-dashboard era.
In particular, this plugin always assumes to be associated with an event and displays [(View on Seq)](https://github.com/bytenik/Seq.App.Slack/blob/master/SlackReactor.cs#L183) link that is not possible to switch off. Alerts are often not associated with any particular event so you have a link that leads to a error page instead.
This is in itself is not a very huge problem and is easily corrected within the plugin code.
Another issue is a bit bigger. With dashboard graph, one might want to see the graphs _in slack_. Of course a link to dashboard could be added via `MessageTemplate` option of the Slack Plugin, but in my use case these links are internal and people would like to make sense of their Seq alerts externally in Slack application.
When one is not logged in to their corporate network on their phone and get the Slack message Seq alert the links won't work as the Seq instance is not exposed externally from security, infrastructure and architecture reasons.
There is [a question](http://docs.getseq.net/discuss/59ad4912b2c6f80037bd1465) related to it and there is a [relevant github issue]( https://github.com/datalust/seq-releases/issues/565), but I would like to explore this topic a bit further.
**Access to rendered dashboard images**
It would be nice if one could use the API or at least HTTP request to be able to get a dashboard image. Currently this is impossible, and having read your response to the question linked above I'm not holding my breath. I was successful in scraping the images with [phantomjs](http://phantomjs.org/), [svg-crowbar](http://nytimes.github.io/svg-crowbar/), [selenium](http://www.seleniumhq.org/projects/ide/), phantomjs web driver, [svg.net](https://github.com/vvvv/SVG), and a lot of duct tape.
Yet, an "official" way of doing this would be nice. A big problem of the scraping approach, that Seq can help with (relatively easily) is authentication. In order to scrape you need to log-in. In order to login you need to provide credentials. Currently it's not possible to get the charts with an API key at all but it is on the list of improvements listed above, so I'm hopeful.
Scraping is liable to break when layout of the html page changes. It is quite fragile, and easy to break. If it is difficult to provide exportable images, maybe it would be easier to document html markers that could be used to scrape the dashboard page for each image. That will give some assurance that scraping won't break with the next Seq version.
**Credential management for access to the images**
The next thing is providing either credentials or API key to the plugin. This can be done via plugin configuration UI, but it feels very lame. The plugin configuration UI looks and feels as part of SEQ, and it feels very weird that I need to key it the API key on that page or worse my user name and password. Currently one would have to resort to the latter.
To be clear: I'm talking about hypothetical slack plugin that would fetch images from the dashboard and need credentials to do so.
As it is now, I *have* to key in a user account and a user password. Since user management somewhat lacking in seq (we only have the Administrator flag, no groups or permissions) it means that every administrator will have access to this configuration page. In an actual organisation I'd like to give some permission (like create a new API key) to certain people (who are now given admin rights) but I certainly do not want these people to have access to my service account credentials. Currently it seems unavoidable. In addition this service account consumes 1 user in my license entitlement and it does not feel good at all.
Maybe a better permission system can be added? Similar, to say Octopus?
All in all I feel like there is a room for improvement here, but because of the next section, if it does not get implemented it is still workable.
**Plugin-level access to Seq**
What I really would like to see is that plugin having access to the Seq API _and_ being able to scrape without logging in. We could assume that people installing the plugin have enough authorization to access the system, so that the plugin can do it on their behalf. Certainly access to API would be expected, but because API does not give us the chart images and the HTTP requests do, also access to the website from within the plugin.
A slack plugin posting dashboard image is workable:
- Plugin collects user credentials
- Plugin scrapes the page using the credentials
- Plugin converts/posts the image on slack
Disadvantages of this approach:
- Credentials not stored securely
- Scraping is awkward to perform
- Scraping depends a lot on the html generated which is likely to change between version and break the plugin.
- Mark images in the html so the scraping can survive version upgrade reliably
- Make dashboard available with an API key without need to log in
- Make plugins automatically using appropriate API key without need to configure one in the interface for access to the dashboard.
- Better permissions system
- Plugin access to API
- Charts accessible via API - that would be ideal
- Protected fields for plugin configuration for holding sensitive information
- Service accounts not to consume user license
Please, your thoughts?
Posted by Andrew Savinykh almost 4 years ago