stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity
Files
c58a236d70742082c8dda5a967972d08424732f2
git.stella-ops.org/docs/doctor/articles/notify/slack-connectivity.md
master c58a236d70 Doctor plugin checks: implement health check classes and documentation 
Implement remediation-aware health checks across all Doctor plugin modules
(Agent, Attestor, Auth, BinaryAnalysis, Compliance, Crypto, Environment,
EvidenceLocker, Notify, Observability, Operations, Policy, Postgres, Release,
Scanner, Storage, Vex) and their backing library counterparts (AI, Attestation,
Authority, Core, Cryptography, Database, Docker, Integration, Notify,
Observability, Security, ServiceGraph, Sources, Verification).

Each check now emits structured remediation metadata (severity, category,
runbook links, and fix suggestions) consumed by the Doctor dashboard
remediation panel.

Also adds:
- docs/doctor/articles/ knowledge base for check explanations
- Advisory AI search seed and allowlist updates for doctor content
- Sprint plan for doctor checks documentation

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 12:28:00 +02:00

2.1 KiB
Raw Blame History

checkId, plugin, severity, tags
checkId plugin severity tags
check.notify.slack.connectivity stellaops.doctor.notify warn
notify
slack
connectivity
network

Slack Connectivity

What It Checks

Verifies that the configured Slack webhook endpoint is reachable. The check:

  • Sends an empty-text POST payload to the webhook URL with a 10-second timeout.
  • Slack returns no_text for empty messages, which proves the endpoint is alive without posting a visible message.
  • Passes if the response is successful or contains no_text.
  • Warns if an unexpected HTTP status is returned (e.g., invalid or revoked webhook).
  • Fails on connection timeout or HTTP request exceptions.

The check only runs when Notify:Channels:Slack:WebhookUrl is set and is a valid absolute URL.

Why It Matters

A configured but unreachable Slack webhook means notifications are silently dropped. Teams relying on Slack for release alerts and security findings will miss critical events.

Common Causes

  • Invalid or expired webhook URL
  • Slack workspace configuration changed
  • Webhook URL revoked or regenerated
  • Rate limiting by Slack
  • Firewall blocking outbound HTTPS to hooks.slack.com
  • Proxy configuration required but not set

How to Fix

Docker Compose

Test connectivity from the container:

docker exec <notify-container> curl -v https://hooks.slack.com/

If behind a proxy:

environment:
  HTTPS_PROXY: "http://proxy.example.com:8080"

Bare Metal / systemd

curl -v https://hooks.slack.com/
curl -X POST -H 'Content-type: application/json' \
  --data '{"text":"Doctor test"}' \
  'https://hooks.slack.com/services/YOUR/WEBHOOK/URL'

Kubernetes / Helm

kubectl exec -it <notify-pod> -- curl -v https://hooks.slack.com/

If the webhook URL has been revoked, create a new one in the Slack App settings under Incoming Webhooks and update the configuration.

Verification

stella doctor run --check check.notify.slack.connectivity

Related Checks

  • check.notify.slack.configured — verifies Slack webhook URL is set
  • check.notify.queue.health — verifies the notification delivery queue is healthy