From e1128c1885b17949cd53506e73307119ff5ed307 Mon Sep 17 00:00:00 2001 From: Michael Pruitt Date: Fri, 24 Apr 2026 08:53:44 -0500 Subject: [PATCH 1/2] INTEROP-8979: Wire Slack webhook notifications into firewatch step - Mount firewatch-slack-webhook secret at /tmp/secrets/slack - Read /tmp/secrets/slack/url into SLACK_WEBHOOK_URL env var - Add minimal test config to verify end-to-end webhook delivery Co-Authored-By: Claude Opus 4.6 --- ...QE-firewatch-main__slack-webhook-test.yaml | 55 +++++++++++++++++++ .../firewatch-report-issues-commands.sh | 4 ++ .../firewatch-report-issues-ref.yaml | 6 ++ 3 files changed, 65 insertions(+) create mode 100644 ci-operator/config/RedHatQE/firewatch/RedHatQE-firewatch-main__slack-webhook-test.yaml diff --git a/ci-operator/config/RedHatQE/firewatch/RedHatQE-firewatch-main__slack-webhook-test.yaml b/ci-operator/config/RedHatQE/firewatch/RedHatQE-firewatch-main__slack-webhook-test.yaml new file mode 100644 index 0000000000000..79ee7f7efeec7 --- /dev/null +++ b/ci-operator/config/RedHatQE/firewatch/RedHatQE-firewatch-main__slack-webhook-test.yaml @@ -0,0 +1,55 @@ +base_images: + cli: + name: "4.21" + namespace: ocp + tag: cli +build_root: + image_stream_tag: + name: release + namespace: openshift + tag: rhel-9-release-golang-1.23-openshift-4.20 +images: +- context_dir: . + dockerfile_path: Dockerfile + to: firewatch-pr +resources: + '*': + requests: + cpu: 200m + memory: 400Mi +tests: +- as: slack-webhook-test + cron: 0 23 31 2 * + steps: + cluster_profile: aws-cspi-qe + dependencies: + firewatch-report-issues: pipeline:firewatch-pr + env: + BASE_DOMAIN: cspilp.interop.ccitredhat.com + FIREWATCH_CONFIG: | + { + "failure_rules": [ + {"step": "*", "failure_type": "all", "classification": "Test", "jira_project": "INTEROP"} + ] + } + FIREWATCH_DEFAULT_JIRA_PROJECT: INTEROP + FIREWATCH_DEFAULT_JIRA_ASSIGNEE: mpruitt@redhat.com + post: + - ref: firewatch-report-issues + pre: + - ref: ipi-conf + - ref: ipi-conf-aws + - chain: ipi-install + test: + - as: noop + commands: echo "Slack webhook test - this step intentionally passes" + from: cli + resources: + requests: + cpu: 100m + memory: 100Mi +zz_generated_metadata: + branch: main + org: RedHatQE + repo: firewatch + variant: slack-webhook-test diff --git a/ci-operator/step-registry/firewatch/report-issues/firewatch-report-issues-commands.sh b/ci-operator/step-registry/firewatch/report-issues/firewatch-report-issues-commands.sh index 0597051b1c151..d2b3daf0d9ae1 100644 --- a/ci-operator/step-registry/firewatch/report-issues/firewatch-report-issues-commands.sh +++ b/ci-operator/step-registry/firewatch/report-issues/firewatch-report-issues-commands.sh @@ -42,6 +42,10 @@ if [ -f "${SHARED_DIR}/${FIREWATCH_JIRA_ADDITIONAL_LABELS_FILE}" ]; then report_command+=" --additional-labels-file=${SHARED_DIR}/${FIREWATCH_JIRA_ADDITIONAL_LABELS_FILE}" fi +if [ -f /tmp/secrets/slack/url ]; then + export SLACK_WEBHOOK_URL=$(cat /tmp/secrets/slack/url) +fi + echo $report_command eval "$report_command" diff --git a/ci-operator/step-registry/firewatch/report-issues/firewatch-report-issues-ref.yaml b/ci-operator/step-registry/firewatch/report-issues/firewatch-report-issues-ref.yaml index f3da045038b39..be17fbad0df2d 100644 --- a/ci-operator/step-registry/firewatch/report-issues/firewatch-report-issues-ref.yaml +++ b/ci-operator/step-registry/firewatch/report-issues/firewatch-report-issues-ref.yaml @@ -12,6 +12,9 @@ ref: - namespace: test-credentials name: firewatch-tool-private-deck-credentials mount_path: /tmp/secrets/private-deck + - namespace: test-credentials + name: firewatch-slack-notify-webhook-url + mount_path: /tmp/secrets/slack resources: requests: cpu: 10m @@ -74,6 +77,9 @@ ref: - name: FIREWATCH_CONFIG_FILE_PATH default: "" documentation: The URL/file path of the Firewatch configuration (json file). + - name: SLACK_WEBHOOK_URL + default: "" + documentation: Slack incoming webhook URL. When set, firewatch posts notifications on issue creation and duplicate detection. documentation: |- Please see the CSPI-QE repository for more documentation on this tool: https://github.com/CSPI-QE/firewatch \ No newline at end of file From 5b4c0c0772769424bc856111b83896ef96f7e8d4 Mon Sep 17 00:00:00 2001 From: Michael Pruitt Date: Fri, 24 Apr 2026 10:35:23 -0500 Subject: [PATCH 2/2] Add slack_user to firewatch webhook test rule Wire up per-rule Slack routing in the test config so pj-rehearse validates that the webhook payload includes the slack_user field. Co-Authored-By: Claude Opus 4.6 --- .../firewatch/RedHatQE-firewatch-main__slack-webhook-test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci-operator/config/RedHatQE/firewatch/RedHatQE-firewatch-main__slack-webhook-test.yaml b/ci-operator/config/RedHatQE/firewatch/RedHatQE-firewatch-main__slack-webhook-test.yaml index 79ee7f7efeec7..d4898027176fc 100644 --- a/ci-operator/config/RedHatQE/firewatch/RedHatQE-firewatch-main__slack-webhook-test.yaml +++ b/ci-operator/config/RedHatQE/firewatch/RedHatQE-firewatch-main__slack-webhook-test.yaml @@ -29,7 +29,7 @@ tests: FIREWATCH_CONFIG: | { "failure_rules": [ - {"step": "*", "failure_type": "all", "classification": "Test", "jira_project": "INTEROP"} + {"step": "*", "failure_type": "all", "classification": "Test", "jira_project": "INTEROP", "slack_user": "mpruitt@redhat.com"} ] } FIREWATCH_DEFAULT_JIRA_PROJECT: INTEROP