feat: Add new report, and alert type: webhook

[kistoth90]

SUMMARY

I add webhook as a new selectable report type.

By the use of webhook the user can post csv/png/pdf to any endpoint, with some informative parameters as:

• name of the report
• id of the report
• report type (chart, or dashboard)
• content id
• content format

For security reasons I made a new optional parameter: WEBHOOK_SECRET. It's a secret string between the Superset and the webhook endpoint. In the case where WEBHOOK_SECRET is filled, Superset adds an "X-Webhook-Signature" parameter to the header of the post call, which hashes the json data to be sent. The receiving party can verify that the party sending the webhook is the real sender by hashing the received json data and comparing it with the sending party's "X-Webhook-Signature" parameter. If the two parameters do not match, the receiving party may reject the call because the sender is not the supposed host.

On the report log, we can get feedback about the successful, and not successful requests as well.

I'm happy to share my code with you guys!

TESTING INSTRUCTIONS

0. (optional) Fill the WEBHOOK_SECRET input parameter in the config file
1. On the Alerts & reports page, press the "+ Report" or "+ Alert" button.
2. On the notification panel, you can select Webhook as Notification method
3. Fill the webhook endpoint url
4. Fill all the mandatory input

By the result you will get the selectend chart/dashboard file on your webhook endpoint with some informative parameters as:

• name of the report
• id of the report
• report type (chart, or dashboard)
• content id
• content format

ADDITIONAL INFORMATION

• Has associated issue:
• Required feature flags:
• Changes UI
• Includes DB Migration (follow approval process in SIP-59)
  • Migration is atomic, supports rollback & is backwards-compatible
  • Confirm DB migration upgrade and downgrade tested
  • Runtime estimates and downtime expectations provided
• Introduces new feature or API
• Removes existing feature or API

[github-actions]

Congrats on making your first PR and thank you for contributing to Superset! 🎉 ❤️

We hope to see you in our Slack community too! Not signed up? Use our Slack App to self-register.

[codecov]

Codecov Report

Attention: Patch coverage is 54.05405% with 34 lines in your changes missing coverage. Please review.

Project coverage is 70.84%. Comparing base (76d897e) to head (a4aca41).
Report is 909 commits behind head on master.

Files with missing lines	Patch %	Lines
superset/reports/notifications/webhook.py	47.91%	25 Missing ⚠️
.../features/alerts/components/NotificationMethod.tsx	62.50%	3 Missing and 3 partials ⚠️
...d/src/features/alerts/components/RecipientIcon.tsx	0.00%	3 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##           master   #30044       +/-   ##
===========================================
+ Coverage   60.48%   70.84%   +10.35%     
===========================================
  Files        1931     1990       +59     
  Lines       76236    80378     +4142     
  Branches     8568     9154      +586     
===========================================
+ Hits        46114    56940    +10826     
+ Misses      28017    21216     -6801     
- Partials     2105     2222      +117     

Flag	Coverage Δ
hive	48.90% <52.72%> (-0.26%)	⬇️
javascript	58.60% <52.63%> (+0.89%)	⬆️
mysql	76.76% <54.54%> (?)
postgres	76.86% <54.54%> (?)
presto	53.38% <52.72%> (-0.42%)	⬇️
python	83.88% <54.54%> (+20.39%)	⬆️
sqlite	76.32% <54.54%> (?)
unit	60.85% <52.72%> (+3.23%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[villebro]

Really cool idea @kistoth90!

[rusackas]

I love the idea here. Approving the next CI run... ping me if it needs to be kicked again.

[kistoth90]

At this point I don't know what, or how should I fix the errors:

• I tried to run the cypress on my desk (cypress-run-chrome) but I got constant "400 Bad Request: The CSRF token is missing." during the login call. I was able to log in manually by the test credentials.
• the pre-commit works locally fine... i dont know why it want to refresh the source code during the CI run.

I would appreciate some assistance about, becauseI'm stuck.

[dpgaspar]

do we need to create a new app_context here?

[dpgaspar]

digestmod could be a new configuration key

[dpgaspar]

we still support python 3.9, in order to use the new union type annotation we need to import:

from __future__ import annotations

[dpgaspar]

if using from __future__ import annotations let's change this to:

def _get_header(
    self, data: dict[str, Optional[str | None | int]]
...

[dpgaspar]

WDYT about creating a TypeDict to make this payload structure more explicit

[dpgaspar]

use:

logger.info("Report webhook has been successfully sent to %s", host)

instead

[fisjac]

For the Pre-commit issue, have you tried running ruff and black locally to remove the formatting blocks?

[kistoth90]

Hi @fisjac,

Yepp, the ruff, and Blacklist passed as well!

I made some changes by the guidance of dpgaspar. Let's hope the best! 🤞

[sadpandajoe]

Closing and reopening to try to get tests to kick off.