Grafana Webhook Receiver

A Flask server that receives Grafana/Alertmanager webhook POSTs and inserts them into alerts.lark_alerts.

Key file: alert_webhook.py

Setup

.venv/bin/python3 alert_webhook.py              # default port 5050
.venv/bin/python3 alert_webhook.py --port 5050 --host 0.0.0.0

Grafana contact point config:

Field	Value
Type	Webhook
URL	http://<host>:5050/webhook/alerts
Method	POST

How It Works

Payload Parsing (parse_webhook_payload)

Receives the standard Grafana/Alertmanager webhook JSON. Each alert in the alerts[] array becomes one row:

1. Status mapping: "firing" becomes "Firing", everything else becomes "Resolved".
2. Cluster metadata: Extracted from alert labels -- cluster_id, cluster_name, admin_email, account_name, region.
3. Region fallback: If no explicit region label, attempts to parse region from the alertmanager instance name (e.g., alertmanager-region-us-east-1).
4. URLs: dashboardURL or generatorURL for dashboard link; silenceURL for silence link; admin console URL built from cluster_id.
5. Timestamps: startsAt is used as created_at. For Resolved alerts, endsAt is used if available.

Deduplication (_make_message_id)

Each alert gets a deterministic message ID:

wh_ + SHA256(alertname | cluster_id | status | startsAt)[:16]

The wh_ prefix prevents collisions with Lark-sourced message IDs (om_ prefix). Re-posting the same webhook payload is a no-op since StarRocks uses DUPLICATE KEY(message_id, created_at).

Database Connection

Uses a lazy singleton mysql.connector connection to StarRocks. Reads connection details from environment variables or .env file. Reconnects automatically on connection loss via ping(reconnect=True).