Sending Slack notifications with GuardRails
Introduction
This tutorial will show you how to enable Slack notifications for GuardRails. With this integration, you and your team can be notified when scans are performed on your code by the GuardRails platform.
Prerequisites:
Slack Workspace
GuardRails account
Configure Slack App and Incoming Webhook URL
In this step, we will configure a Slack app and a webhook URL to allow GuardRails to send messages to your desired Slack workspace and channel.
Create a Slack App from https://api.slack.com/apps/new
Select the option to create an app "From Scratch"
Select your App Name and the Slack Workspace that you would like to send notifications to.
Now select "Incoming Webhooks".
Opt to enable the webhook next to "Activate Incoming Webhooks".
Select the Slack channel that you would like GuardRails to send messages to.
Now copy the Webhook URL. We will use it in the GuardRails dashboard to configure the Slack Integration.
Configure the Slack integration at an account level
In the GuardRails Dashboard, go to Settings > General > Slack Webhook.
In the Webhook URL, you can paste the Slack Webhook URL we saved from the previous step. Then set the remaining options as desired and hit "Save".
Enable Webhook:
- Enable - Turn on Slack integration
- Disable - Turn off Slack integration
Send Notifications On:
- All Scans - Send a Slack message on every scan
- Only When Scan has Findings - Send a Slack message only when a scan has findings
- Only When PR has Findings - Send a Slack message only when a PR has findings
Webhook URL:
- URL Field - Your desired Slack App's "Incoming Webhook URL", which was created in the previous steps.
Keep in mind these will be the default settings for all repositories under this account, however, you can enable/disable Slack webhooks at a repository level.
Configure the Slack integration at a repository level
While by default repositories inherit Slack integration settings from the "Account Level" config, you can also control settings at a per-repository level.
To do this, go to your desired repository in the GuardRails Dashboard
Afterwards, go to the "Settings" tab
Find the "Slack Webhook" settings (you may need to scroll to the bottom of the page).
Enable Webhook:
- Inherit from Account Config - Use the global account settings
- Enable - Turn on Slack integration
- Disable - Turn off Slack integration
Send Notifications On:
- Inherit from Account Config - Use the global account settings
- All Scans - Send a Slack message on every scan
- Only When Scan has Findings - Send a Slack message only when a scan has findings
- Only When PR has Findings - Send a Slack message only when a PR has findings
Webhook URL:
- URL Field - Your desired Slack App's "Incoming Webhook URL", which was created in the previous steps.
Slack Notification Usage
Slack notification from a Scan
Run a scan on any branch from your GuardRails Dashboard/API/CLI.
You should see the scan generated on the repository's scan page
Finally you should also receive a Slack Notification from the Slack App on your desired channel.
Following the link in the notification will take you to the GuardRails Dashboard, where you can review the vulnerabilities detected in the scan.
Slack notification from a PR
If you have enabled notifications for "Any Scans" or for "PR only", you should see a slack notification as soon as a PR request is made on a repository that GuardRails is monitoring.
Conclusion
After following this tutorial, you should now be able to set up and configure your Slack integration with GuardRails. You can now use the integration to keep your team aware of the latest GuardRails scans and their findings in real-time.