Feat/decouple incident creation functions (#933)

* chore: add scripts to reset DynamoDB tables for incidents and webhooks

* feat: add development environment configuration settings

* feat: add success_creating message to incident localization files

* feat: refactor channel creation logic

* fix: re-enable log to sentinel

* feat: implement create_incident_conversation function

Author: gcharest

app/bin/reset_dev_db.sh renamed to app/bin/reset_dev_incident_db.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+
+delete_incident_table() {
+  local TABLE_NAME=$1
+
+  # Check if table exists
+  if aws dynamodb describe-table --table-name $TABLE_NAME --endpoint-url http://dynamodb-local:8000 >/dev/null 2>&1; then
+    # Delete table
+    aws dynamodb delete-table --table-name $TABLE_NAME --endpoint-url http://dynamodb-local:8000
+  else
+    echo "Table $TABLE_NAME does not exist, skipping deletion"
+  fi
+}
+
+create_incident_table() {
+  local TABLE_NAME=$1
+
+  # Check if table exists
+  if aws dynamodb describe-table --table-name $TABLE_NAME --endpoint-url http://dynamodb-local:8000 >/dev/null 2>&1; then
+    echo "Table $TABLE_NAME already exists, skipping creation"
+  else
+    # Create table
+    aws dynamodb create-table \
+      --table-name $TABLE_NAME \
+      --attribute-definitions AttributeName=id,AttributeType=S \
+      --key-schema AttributeName=id,KeyType=HASH \
+      --provisioned-throughput ReadCapacityUnits=2,WriteCapacityUnits=2 \
+      --endpoint-url http://dynamodb-local:8000 \
+      --no-cli-pager
+  fi
+}
+
+
+delete_incident_table "webhooks"
+create_incident_table "webhooks"

app/bin/reset_dev_webhooks_db.sh

@@ -271,6 +271,17 @@ def validate_issuer_config(cls, v: Optional[Dict[str, Dict[str, Any]]]) -> Any:
     )
 
 
+class DevSettings(BaseSettings):
+    """Development environment configuration settings."""
+
+    SLACK_DEV_MSG_CHANNEL: str = Field(default="", alias="SLACK_DEV_MSG_CHANNEL")
+    model_config = SettingsConfigDict(
+        env_file=".env",
+        case_sensitive=True,
+        extra="ignore",
+    )
+
+
 class FrontEndSettings(BaseSettings):
     FRONTEND_URL: str = Field(default="http://127.0.0.1:3000", alias="FRONTEND_URL")
     model_config = SettingsConfigDict(
@@ -308,6 +319,9 @@ class Settings(BaseSettings):
     aws_feature: AWSFeatureSettings
     feat_incident: IncidentFeatureSettings
 
+    # Development settings
+    dev: DevSettings
+
     @property
     def is_production(self) -> bool:
         """Check if the application is running in production."""
@@ -330,6 +344,7 @@ def __init__(self, **kwargs):
             "reports": ReportsSettings,
             "aws_feature": AWSFeatureSettings,
             "feat_incident": IncidentFeatureSettings,
+            "dev": DevSettings,
         }
 
         for setting_name, setting_class in settings_map.items():

app/core/config.py

@@ -18,6 +18,7 @@ en-US:
     security_yes: "Yes"
     security_no: "No"
     success: "Incident successfully created"
+    success_creating: "*Please wait while we are creating the incident channel*"
     user_added: "You have been added to the incident's conversation:\n"
     next_steps: "Wait! What's next?"
     next_steps_instructions: "Ask yourself these questions:"

app/locales/incident.en-US.yml

@@ -18,6 +18,7 @@ fr-FR:
     security_yes: "Oui"
     security_no: "Non"
     success: "Incident créé avec succès"
+    success_creating: "*Veuillez patienter pendant que nous créons le canal de l'incident*"
     user_added: "Vous avez ajouté à la discussion de cet incident:\n"
     next_steps: "Attendez! Que faire ensuite?"
     next_steps_instructions: "Posez-vous ces questions:"

app/locales/incident.fr-FR.yml

@@ -1,15 +1,15 @@
 import re
-import datetime
 import i18n  # type: ignore
 from slack_sdk import WebClient
-from slack_bolt import Ack
+from slack_bolt import Ack, App
 
 from integrations import opsgenie
 from integrations.slack import users as slack_users
-from integrations.sentinel import log_to_sentinel
 from integrations.google_workspace import meet
+from integrations.sentinel import log_to_sentinel
 
 from modules.incident import (
+    incident_conversation,
     incident_folder,
     incident_document,
     db_operations,
@@ -31,14 +31,20 @@
 i18n.set("fallback", "en-US")
 
 
-def register(bot):
+def register(bot: App):
     bot.command(f"/{PREFIX}incident")(open_create_incident_modal)
     bot.view("incident_view")(submit)
     bot.action("incident_change_locale")(handle_change_locale_button)
 
 
-def open_create_incident_modal(client, ack, command, body):
+def open_create_incident_modal(client: WebClient, ack, command, body):
     ack()
+    # private_metadata = json.dumps(
+    #     {
+    #         "channel_id": body["channel"]["id"],
+    #         "message_ts": body["message_ts"],
+    #     }
+    # )
     logger.info(
         "incident_command_called",
         command=command,
@@ -73,7 +79,7 @@ def open_create_incident_modal(client, ack, command, body):
         }
         for i in folders
     ]
-    loaded_view = generate_incident_modal_view(command, options, locale)
+    loaded_view = generate_incident_modal_view(command, options, None, locale)
     client.views_update(view_id=view["id"], view=loaded_view)
 
 
@@ -96,7 +102,7 @@ def handle_change_locale_button(ack, client, body):
     command = {"text": body["view"]["state"]["values"]["name"]["name"]["value"]}
     if command["text"] is None:
         command["text"] = ""
-    view = generate_incident_modal_view(command, options, locale)
+    view = generate_incident_modal_view(command, options, None, locale)
     client.views_update(view_id=body["view"]["id"], view=view)
 
 
@@ -126,6 +132,53 @@ def submit(ack: Ack, view, say, body, client: WebClient):  # noqa: C901
         ack(response_action="errors", errors=errors)
         return
 
+    channel_id = None
+    channel_name = None
+    slug = None
+
+    # private_metadata = json.loads(body["view"].get("private_metadata"))
+    # source_channel_id = private_metadata.get("channel_id")
+    # source_message_ts = private_metadata.get("message_ts")
+    try:
+        channel_created = incident_conversation.create_incident_conversation(
+            client, name
+        )
+        channel_id = channel_created["channel_id"]
+        channel_name = channel_created["channel_name"]
+        slug = channel_created["slug"]
+
+    except Exception as e:
+        logger.error(
+            "incident_channel_creation_failed",
+            error=str(e),
+            incident_name=name,
+        )
+        say(
+            text=":warning: Channel creation failed. Please contact the SRE team.",
+            channel=body["user"]["id"],
+        )
+        return
+
+    # if private_metadata:
+    #     # private_metadata = json.loads(private_metadata)
+    #     logger.info("private_metadata_found", private_metadata=private_metadata)
+    #     incident_alert.update_alert_with_channel_link(
+    #         client,
+    #         source_channel_id,
+    #         source_message_ts,
+    #         incident_details={"channel_id": channel_id, "channel_name": channel_name},
+    #     )
+
+    logger.info(
+        "incident_channel_created",
+        channel_id=channel_id,
+        channel_name=channel_name,
+        slug=slug,
+    )
+
+    view = generate_success_modal(body, channel_id, channel_name)
+    client.views_open(trigger_id=body["trigger_id"], view=view)
+
     logger.info(
         "incident_modal_submitted",
         name=name,
@@ -150,42 +203,16 @@ def submit(ack: Ack, view, say, body, client: WebClient):  # noqa: C901
             if r.get("ok"):
                 oncall.append(r["user"])
 
-    date = datetime.datetime.now().strftime("%Y-%m-%d")
-    slug = f"{date} {name}".replace(" ", "-").lower()
-
     # Create channel
-    # if we are testing ie PREFIX is "dev" then create the channel with name incident-dev-{slug}. Otherwise create the channel with name incident-{slug}
     environment = "prod"
-    channel_to_create = f"incident-{slug}"
     if PREFIX == "dev-":
         environment = "dev"
-        channel_to_create = f"incident-dev-{slug}"
-    try:
-        if len(channel_to_create) > 80:
-            channel_to_create = channel_to_create[:80]
-        response = client.conversations_create(name=channel_to_create)
-    except Exception as e:
-        logger.error(
-            "incident_channel_creation_failed",
-            error=str(e),
-            channel_name=channel_to_create,
-        )
-        say(
-            text=":warning: Channel creation failed. Please contact the SRE team.",
-            channel=body["user"]["id"],
-        )
-        return
-    channel_id = response["channel"]["id"]
-    channel_name = response["channel"]["name"]
     logger.info(
         "incident_channel_created",
         channel_id=channel_id,
         channel_name=channel_name,
     )
 
-    view = generate_success_modal(body, channel_id, channel_name)
-    client.views_open(trigger_id=body["trigger_id"], view=view)
-
     channel_url = f"https://gcdigital.slack.com/archives/{channel_id}"
 
     # Set topic
@@ -318,13 +345,19 @@ def submit(ack: Ack, view, say, body, client: WebClient):  # noqa: C901
     )
 
 
-def generate_incident_modal_view(command, options=[], locale="en-US"):
+def generate_incident_modal_view(
+    command, options=None, private_metadata=None, locale="en-US"
+):
+    """Generate the incident creation modal view."""
+    if options is None:
+        options = []
     handbook_string = f"For more details on what constitutes a security incident, visit our <{INCIDENT_HANDBOOK_URL}|Incident Management Handbook>"
     return {
         "type": "modal",
         "callback_id": "incident_view",
         "title": {"type": "plain_text", "text": i18n.t("incident.modal.title")},
         "submit": {"type": "plain_text", "text": i18n.t("incident.submit")},
+        "private_metadata": private_metadata,
         "blocks": [
             {
                 "type": "actions",

app/modules/incident/incident.py

@@ -3,6 +3,7 @@
 import pytz  # type: ignore
 from slack_sdk import WebClient  # type: ignore
 from slack_sdk.errors import SlackApiError  # type: ignore
+from slack_sdk.web import SlackResponse  # type: ignore
 from integrations.google_workspace import google_docs
 from integrations.slack import users as slack_users
 from integrations.sentinel import log_to_sentinel
@@ -13,14 +14,72 @@
 )
 from modules.incident import incident_helper, schedule_retro
 from core.logging import get_module_logger
+from core.config import settings
 
 
+PREFIX = settings.PREFIX
+
 START_HEADING = "DO NOT REMOVE this line as the SRE bot needs it as a placeholder."
 END_HEADING = "Trigger"
 
 logger = get_module_logger()
 
 
+def create_incident_conversation(client: WebClient, incident_name: str):
+    """Create an incident conversation channel.
+
+    Args:
+        client (WebClient): The Slack WebClient instance.
+        incident_name (str): The name of the incident.
+
+    Returns:
+        dict: A dictionary containing the channel ID, channel name, and slug.
+    """
+    date_now = datetime.now().strftime("%Y-%m-%d")
+    slug = f"{date_now} {incident_name}".strip().replace(" ", "-").lower()
+    channel_name_prefix = "incident-dev-" if PREFIX == "dev-" else "incident-"
+    base_channel_name = channel_name_prefix + slug
+    # Ensure base_channel_name is at most 80 chars
+    if len(base_channel_name) > 80:
+        base_channel_name = base_channel_name[:80]
+    i = 0
+    while True:
+        if i == 0:
+            attempt_channel_name = base_channel_name
+        else:
+            # Calculate the max length for the base part so that the suffix fits in 80 chars
+            suffix = f"-{i}"
+            max_base_length = 80 - len(suffix)
+            truncated_base = base_channel_name[:max_base_length]
+            attempt_channel_name = f"{truncated_base}{suffix}"
+        try:
+            response: SlackResponse = client.conversations_create(
+                name=attempt_channel_name
+            )
+            if response.get("ok"):
+                if i > 0:
+                    slug = f"{slug}{suffix}"
+                channel_details = response.get("channel")
+                if not isinstance(channel_details, dict):
+                    raise SlackApiError("Error creating the channel", response)
+                channel_id = channel_details.get("id", "")
+                channel_name = attempt_channel_name
+                break
+            elif response.get("error") != "name_taken":
+                raise SlackApiError("Error creating the channel", response)
+        except SlackApiError as e:
+            # If the error is name_taken, continue to next attempt; otherwise, raise
+            if (
+                hasattr(e, "response")
+                and getattr(e.response, "data", {}).get("error") == "name_taken"
+            ):
+                pass  # Try next channel name
+            else:
+                raise
+        i += 1
+    return {"channel_id": channel_id, "channel_name": channel_name, "slug": slug}
+
+
 # Make sure that we are listening only on floppy disk reaction
 def is_floppy_disk(event: dict) -> bool:
     return event["reaction"] == "floppy_disk"