Send alerts to Keybase team chat channels

StatHat can now send alert notifications to Keybase team chat channels.

Since team chat on Keybase is end-to-end encrypted, we can’t just post a message to some API endpoint like we do for Slack and PagerDuty. You need to add our bot user to your team.

We created a Keybase user named stathatbot. You should check it out to make sure it is legit by doing:

keybase id stathatbot

It should have valid proofs for @stathat on twitter, DNS for stathat.com, and DNS for numerotron.com. Given those proofs, you can be confident that stathatbot belongs to us here at StatHat. You can follow stathatbot to keep track of its proofs and notice any changes.

Now you need to add stathatbot to one of your teams. Please note that once on the team, stathatbot will be able to read (and write) messages to all the channels on the team.

The best way to protect your data is to use a subteam that is just for alerts or bots. If stathatbot is just a member of a subteam, it can only access chat channels in that subteam, and not the root team or any other subteams. So, let’s say your team on Keybase is treehouse, you would do:

keybase team create treehouse.alerts

to create the subteam. And then

keybase team add-member treehouse.alerts --user=stathatbot --role=reader

The reader role is a little confusing, but it means that it will only have read access to any files you happen to put in /keybase/team/treeehouse.alerts. It can still read and write to any chat channel in treehouse.alerts. (For the record, the stathatbot doesn’t even have file system access turned on, but you should still give this bot as little access as you can.) You will need to add yourself and anyone else that wants to see the alerts to the subteam.

Now, you’re all set on the Keybase side.

In StatHat alert destinations settings, there’s a new section for Keybase. You would enter treehouse.alerts for the team name and you can leave the channel blank to use the default general channel.

Once you enable this Keybase destination for manual and automatic alerts on the main settings page, all alert notifications will be sent to your Keybase team’s chat channel.

Let us know if you have any further questions or issues setting this up.

P.S. If you’re curious how this works: we have an isolated server where there’s a user logged in to Keybase as stathatbot. There’s some code pulling alerts off of an SQS queue. When it gets one it uses keybase chat api to send a message to the appropriate team/channel.

Comments? Send us a tweet.

Permalink:

Previous:
83% Bandwidth Reduction via API Response Change
Next:
Goodbye, api-ssl-balancer