In the , I described a poster child for automation: managing the repetitive tasks around a conference submission workflow. I wrote about the setup, and how to use to redirect webhooks to my computer. This week, I’d like to write about some of the hiccups I encountered along the way. previous post ngrok Registering a Trello webhook Most SaaS providers allow to register webhooks through their GUI. This is the case of GitHub for example: it’s located in the menu. Settings >  Webhooks For better or worse, this is not the case of Trello. To , one needs to execute an HTTP request. This requires: register a webhook An , which is . The fun part is, it cannot be reset. Don’t leak it, or you’ll be sorry! API key unique per account A token, which is should be generated for each application. To generate a token, follow instructions on . Required parameters are the following: the relevant page The : read, write, etc. scopes The application name An expiration date The board’s ID. In order to get it, append .json at the end of the board’s URL to display its JSON representation. The ID is among the first few parameters: { "id": "5d383691a3aeaa3b5741953d", "name": "My board", "desc": "", "descData": null, "closed": false, "idOrganization": null, "idEnterprise": null } Finally, send a POST request similar to the following: curl -X POST -H \
https://api.trello.com/1/tokens/{token}/webhooks/ \
-d "Content-Type: application/json" '{
  "key": "{key}",
  "callbackURL": "http://www.mywebsite.com/trelloCallback",
  "idModel":"{boardID}",
  "description": "Name of the webhook"
}' Preparing for the webhook To check the webhook is valid, Trello will immediately send a request to the just-registered callback. If this request is not successful, then registration will fail. For example, this will happen if the app is not up, or if the URL is not reachable. HEAD The HTTP method is rarely used. For example, when using Spring Boot, it requires explicitly configuring such an endpoint: HEAD = router { handler = TriggerHandler(runtimeService)
  POST( , handler::post)
  HEAD( , handler::head)
} ( runtimeService: RuntimeService) { : ServerResponse { } = ServerResponse.ok().build()
} fun routes (runtimeService: ) RuntimeService val "/trigger" "/trigger" class TriggerHandler private val fun post (request: ) ServerRequest // Starts the workflow instance fun head (request: ) ServerRequest The above snippet isn’t very compliant with the HTTP specifications as the controller doesn’t offer any endpoint': GET The HEAD method is identical to GET except that the server MUST NOT return a message-body in the response. The metainformation contained in the HTTP headers in response to a HEAD request SHOULD be identical to the information sent in response to a GET request. This method can be used for obtaining metainformation about the entity implied by the request without transferring the entity-body itself. This method is often used for testing hypertext links for validity, accessibility, and recent modification. — Hypertext Transfer Protocol -- HTTP/1.1 https://ietf.org/rfc/rfc2616.txt In all cases, it gets the job done. Besides, I didn’t find any way to easily create a endpoint that delegates to a endpoint. Hints are more than welcome. HEAD GET Google permissions Google requires permission to manage objects: read, write, etc. The problem with the most recent documentation, whether on Calendar or Sheets (or any other Google API), is that it’s skewed toward Android . In such a use-case, the request for permission is interactive: the user is first presented with a authenticate screen, and then asked to give the required permission. e.g. Calendar Java Quickstart Workflows in general allow for interactive or automated steps. An interactive step allows to enter one’s credentials and authorize the app, but the previously-defined workflow only has automated steps. For a truly automated workflow, interactive steps should be avoided if possible. However, Google prevents to use one’s account credentials - login and password - for security reasons. But it provides an alternative: one can create a so-called service account, and give it write permissions to the relevant calendar and documents. Creating a Google service account To create a service account: Go to the in the Google Cloud console service account page Create or select a project Fill in the required fields Select the newly-created account, click on and then on . Download the key and store it in an safe place, as it contains the credentials necessary to authenticate oneself as the created service account. Edit Create Key Configuring permissions To give the service account access to one’s calendar (or documents) requires two steps: First, one should give the project permissions to use the API. In the context of the project the service account was created in, open the left menu. Go to . Select , and in the opening page, click on . Repeat for . APIs & Services > Library Google Calendar API Enable Google Calendar API Then, one should give delegation access to one’s own calendar. In Calendar, locate the list, then click on the associated menu, and on . Find the section, and add the service account with access level to events. For Google Sheets, share the document with the service account. My calendars Settings and sharing Share with specific people Manage changes If the option is grayed out, it means the domain administrator didn’t allow it. If you’re the administrator of your own domain, go to the . Then, click on . Click on . Select , and . This allows to give accounts outside the organization - such as service accounts - write access. Repeat for Google Sheets, if necessary. Google administration console Apps > G Suite > Calendar Sharing settings External sharing options for primary calendars Share all information, and outsiders can change calendars Conclusion While the previous post described the context behind automating a workflow, this post lists the necessary configuration steps: the Trello webhook and the Google service accounts. While nothing out-of-the-ordinary, it takes time to research the above facts if one doesn’t know about them previously. To go further: Trello Webhooks Trello authorization Where's my Trello Board ID Google Service Accounts Creating and enabling service accounts for instances Previously published at A Java Geek on May 17th, 2020

Google

Trello

Combatting Overengineering: Don't Be Afraid To Throw Away Your Code

Automating a Conference Submission Workflow: Tech Stack And Setup

Read all my posts!

Read My Stories

Follow @nicolas_frankel on Twitter

Developer Advocate

Too Long; Didn't Read

Automating a Conference Submission Workflow: Solution Integration

Automating a Conference Submission Workflow: Solution Integration

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

16 Best Practices For Securing Your APIs with Apache APISIX - Part 1

100 Days of AI Day 1: From Newsletter to Podcast, Leveraging AI for Audio Transformation

10 Threats to an Open API Ecosystem

10 Indications That You Should Invest in Automation Via APIs

10 Best Practices for Securing Your API

16 Best Practices For Securing Your APIs with Apache APISIX - Part 1

100 Days of AI Day 1: From Newsletter to Podcast, Leveraging AI for Audio Transformation

10 Threats to an Open API Ecosystem

10 Indications That You Should Invest in Automation Via APIs

10 Best Practices for Securing Your API

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps