Create an actual slack bot #29
Description
🚀 Feature Request
Is your feature request related to a problem? Please describe.
Right now this "bot" only sends a report when it's actively run -- run the app, it sends out a one-off report. It'd be great to have it more on-demand.
Describe the solution you'd like
Add a new reporter that's an actual real Slack bot, that sits in a channel to respond to user queries. Then you would be able to run commands like:
# Gather the full org summary report
/vulnbot summary underdog-tech
# Gather a team summary report
/vulnbot team underdog-tech/team-name
# Gather an individual repo report
/vulnbot repo underdog-tech/vulnbot
I think this will lend well to actual developer workflows, as opposed to just having a report message go out once a week that might get ignored.
This would probably be run something like
./vulnbot -c config.toml slack-bot
To start with we could implement just a single command. Probably the full org summary report.
Describe alternatives you've considered
This could potentially be built as a separate application that imports this one as a dependency. But that feels like it might be excessive. Then again including a full Slack bot in an application where you just want to, for example, send emails might also be excessive. Definitely open to discussion on this.
Additional context
This definitely depends on #5 to be implemented first.