Slack

Cimon is able to send a Slack webhook to a desired endpoint whenever a security violation is found in the pipeline. In order to configure the Slack webhook, you will need to provide a Slack webhook endpoint as a parameter to the Cimon agent. This can be done through our custom Github Action by specifying the parameter name slack-webhook-endpoint.

Creating a Slack Webhook

Before configuring Cimon to send a Slack webhook, you must create one in Slack. Here are the steps to create a webhook:

Open the Slack workspace where you want to create the webhook.
Click on the workspace name in the top left corner and select "Settings & administration".
Click on "Manage apps".
Click on "Custom Integrations" in the sidebar.
Click on "Incoming Webhooks".
Click on "Add to Slack".
Select the channel where you want the webhook to post messages.
Click on "Add Incoming Webhooks integration".
Copy the webhook URL.

Configuring Cimon to Send a Slack Webhook

Once you have created a webhook in Slack, you can configure Cimon to send a webhook to that endpoint whenever a security violation is found in the pipeline. The workflow for the Cimon installation looks like this:

Open the Github repository where you want to configure Cimon.
Modify the workflow in which you add or modify the current Cimon installation.
Set up Cimon as follows:

steps:
  - uses: cycodelabs/cimon-action@v0
    with:
      client-id: ${{ secrets.CIMON_CLIENT_ID }}
      secret: ${{ secrets.CIMON_SECRET }}
      ...
      slack-webhook-endpoint: ${{ secrets.SLACK_WEBHOOK_ENDPOINT }}

Replace ${{ secrets.SLACK_WEBHOOK_ENDPOINT }} with the secret name containing your Slack webhook endpoint.

Creating a Slack Webhook​

Configuring Cimon to Send a Slack Webhook​

Creating a Slack Webhook

Configuring Cimon to Send a Slack Webhook