Configure a custom Slack app for fully self-hosted Chalk deployments.
This page covers setting up Slack alerting for fully self-hosted Chalk deployments. For standard Chalk deployments, see the Slack integration guide.
If you are running Chalk as a fully self-hosted deployment, you will need to create your own Slack app and configure its credentials in the metadata plane Helm chart.
Chalk Monitoring) and select the Slack workspace where it will be installed.Under OAuth & Permissions → Scopes → Bot Token Scopes, add the following scopes:
| Scope | Purpose |
|---|---|
chat:write | Post alert messages to channels |
chat:write.public | Post to public channels without being a member |
channels:read | List available channels |
team:read | Read workspace metadata |
Under OAuth & Permissions → Redirect URLs, add:
https://<your-chalk-frontend-host>
Replace <your-chalk-frontend-host> with the hostname of your Chalk dashboard.
From the Basic Information page of your app, copy for the next step:
You will also need your app’s display name (the name you chose in step 1, e.g. Chalk Monitoring).
Using whichever secrets workflow your team prefers (kubectl, Vault, External Secrets Operator, etc.), create a Kubernetes secret containing all three values:
| Key | Value |
|---|---|
SLACK_CLIENT_ID | Your app’s OAuth client ID |
SLACK_BOT_NAME | Display name shown to users in the Chalk dashboard |
SLACK_CLIENT_SECRET | Your app’s OAuth client secret |
The key names must be exactly as shown — Chalk reads these env vars by name.
Note: This secret is not managed by Helm. Create it before or alongside your helm upgrade — the pods will pick it up on start.
In your values.yaml for the chalk-metadata-plane chart, reference the secret you created:
chalk:
metadata:
load_vars_from_secrets:
- chalk-slack-credentials # (or whatever name you used)helm upgrade <release-name> chalk-metadata-plane -f values.yamlAfter the pods restart, reload the Slack settings page in the Chalk dashboard to connect your workspace.