Notifications & Webhooks

You can configure Webhooks in steadybit under Settings > Notifications & Webhooks. You can use Webhooks to recieve notifications via Slack or to integrate with you custom tooling.

Slack Notifications

You can use this Webhook to receive Slack/Rocket Chat messages, whenever a experiment is executed or experimenting is stopped/continued.

If you use an on-prem installation make sure to set the STEADYBIT_WEB_PUBLIC_URL, so we can add links to open steadybit via links in the message.

NameThe name for this integration will not show up in the message.
URLThe Slack webhook URL, which you can create in Slack by navigating Manage apps > Custom Integrations > Incoming Webhooks.
ChannelThe Slack channel which receives the message. If omitted the default from the Slack Webhook configuration will be used.
optional
Icon UrlYou may specify a different icon to be used for the message.
optional
TeamIf no team is specified, you'll receieve all events. If you do specify a team you'll only receive notifications relevant for this team
EventsYou may select the events you want to recieve.

Webhooks

NameThe name for this integration will not show up in the JSON body.
URLThe URL, which will receive a HTTP Post request with the JSON body
SecretYou may a specify a secret which will be used to sign the body. Verifying the signature.
optional
TeamIf no team is specified, you'll receieve all events. If you do specify a team you'll only receive events relevant for this team
EventsYou may select the events you want to recieve.

Content

The content type is application/json and the message is described in our OpenAPI specification as WebhookPayload.

Verifying the Signature

If a secret is provided a signature of the body is computed using HMAC SHA-256 and sent as X-CM-Signature http header. You can use this header to verify the message.

Here is an example of doing this in Java:

private static boolean validateSignature(byte[] body, String secret, String header) throws Exception {
//calculate the signature using the secret
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(new SecretKeySpec(secret.getBytes(StandardCharsets.UTF_8), "HmacSHA256"));
byte[] signature = mac.doFinal(body);
//remove the algorithm prefix and decode the hex to bytes[]
byte[] receivedSignature = Hex.decode(header.replaceFirst("^hmac-sha256 ", ""));
//compare using time-constant algorithm
return MessageDigest.isEqual(signature, receivedSignature);
}
Need Help? Get in touch with us© steadybit. All rights reserved.