XuqmGroup-PrivateDeploy/scripts/alert-webhook.sh

#!/usr/bin/env bash
set -euo pipefail

ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
. "$ROOT_DIR/scripts/lib.sh"
load_env

EVENT="${1:-UNKNOWN}"
MESSAGE="${2:-}"
TIMESTAMP="$(now)"

# Webhook URL from config (never logged)
WEBHOOK_URL="${ALERT_WEBHOOK_URL:-}"
WEBHOOK_TYPE="${ALERT_WEBHOOK_TYPE:-wecom}"  # wecom | dingtalk | feishu

[ -n "$WEBHOOK_URL" ] || {
  printf 'ALERT_WEBHOOK_URL not configured; alert suppressed: [%s] %s\n' "$EVENT" "$MESSAGE" >&2
  exit 0
}

# Sanitize message: strip any passwords, tokens, keys
SAFE_MSG="$(printf '%s' "$MESSAGE" | sed 's/password=[^ ]*/password=***/gi; s/token=[^ ]*/token=***/gi; s/secret=[^ ]*/secret=***/gi')"

build_payload() {
  local event="$1"
  local msg="$2"
  local ts="$3"
  local version="${PRIVATE_VERSION:-unknown}"
  case "$WEBHOOK_TYPE" in
    dingtalk)
      printf '{"msgtype":"markdown","markdown":{"title":"[%s] XuqmGroup Private","text":"**[%s]** %s\n\n版本: %s\n时间: %s"}}' \
        "$event" "$event" "$msg" "$version" "$ts"
      ;;
    feishu)
      printf '{"msg_type":"text","content":{"text":"[%s] %s\n版本: %s\n时间: %s"}}' \
        "$event" "$msg" "$version" "$ts"
      ;;
    *)
      # WeCom (企业微信)
      printf '{"msgtype":"markdown","markdown":{"content":"**[%s]** %s\n>版本: `%s`\n>时间: %s"}}' \
        "$event" "$msg" "$version" "$ts"
      ;;
  esac
}

PAYLOAD="$(build_payload "$EVENT" "$SAFE_MSG" "$TIMESTAMP")"

if command -v curl >/dev/null 2>&1; then
  HTTP_CODE="$(curl -s -o /dev/null -w '%{http_code}' \
    -X POST -H 'Content-Type: application/json' \
    -d "$PAYLOAD" \
    --max-time 10 \
    "$WEBHOOK_URL" 2>/dev/null || echo '000')"
  if [ "$HTTP_CODE" = "200" ]; then
    audit "alert" "SENT" "event=$EVENT"
  else
    audit "alert" "FAILED" "event=$EVENT http=$HTTP_CODE"
  fi
else
  audit "alert" "SKIPPED" "curl not available event=$EVENT"
fi

# Consecutive failure tracking for auto-alert on healthcheck failures
FAIL_COUNT_FILE="$ROOT_DIR/.deploy-state/healthcheck-fail-count.txt"
if [ "$EVENT" = "HEALTHCHECK_FAILED" ]; then
  COUNT="$(cat "$FAIL_COUNT_FILE" 2>/dev/null || echo 0)"
  COUNT=$((COUNT + 1))
  printf '%s\n' "$COUNT" > "$FAIL_COUNT_FILE"
else
  printf '0\n' > "$FAIL_COUNT_FILE"
fi