Skip to content

tailscale/accessbot

Repository files navigation

Request Access

This automation features an access request workflow where users can create a request (with details) that is routed to another user to approve or deny.

When approved, the workflow will assign a custom device posture attribute to the requester's device.

[!NOTE] This experiment is in its early days and requires a feature flag be enabled on your account before you can make use of it. Please contact us if you'd like to test it - we're eager to hear your feedback.

Setup

Before getting started, first make sure you have a development workspace where you have permission to install apps. Please note that the features in this project require that the workspace be part of a Slack paid plan.

Install the Slack CLI

To use this sample, you need to install and configure the Slack CLI. Step-by-step instructions can be found in our Quickstart Guide.

Configuration

Configure your access profiles in config.json. You can see configuration schema in types/config.ts.

Create an OAuth client in Tailscale with the devices:write scope. For running locally, put your OAuth client credentials into the .env file. In production, configure the same variables using slack env commands after deploying, e.g.

slack env add TAILSCALE_CLIENT_ID ...
slack env add TAILSCALE_CLIENT_SECRET ..

Running Your Project Locally

While building your app, you can see your changes appear in your workspace in real-time with slack run. You'll know an app is the development version if the name has the string (local) appended.

# Run app locally
$ slack run

Connected, awaiting events

To stop running locally, press <CTRL> + C to end the process.

Deploying Your App

Once development is complete, deploy the app to Slack infrastructure using slack deploy:

$ slack deploy

When deploying for the first time, you'll be prompted to create a new link trigger for the deployed version of your app. When that trigger is invoked, the workflow should run just as it did when developing locally (but without requiring your server to be running).

Viewing Activity Logs

Activity logs of your application can be viewed live and as they occur with the following command:

$ slack activity --tail

Project Structure

.slack/

Contains apps.dev.json and apps.json, which include installation details for development and deployed apps.

datastores/

Datastores securely store data for your application on Slack infrastructure. Required scopes to use datastores include datastore:write and datastore:read.

functions/

Functions are reusable building blocks of automation that accept inputs, perform calculations, and provide outputs. Functions can be used independently or as steps in workflows.

triggers/

Triggers determine when workflows are run. A trigger file describes the scenario in which a workflow should be run, such as a user pressing a button or when a specific event occurs.

workflows/

A workflow is a set of steps (functions) that are executed in order.

Workflows can be configured to run without user input or they can collect input by beginning with a form before continuing to the next step.

manifest.ts

The app manifest contains the app's configuration. This file defines attributes like app name and description.

slack.json

Used by the CLI to interact with the project's SDK dependencies. It contains script hooks that are executed by the CLI and implemented by the SDK.

About

No description, website, or topics provided.

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published