Skip to main content

Overview

Actions define what your Edge Connector executes in response to events. Each action specifies:
  • Type: Script or HTTP request
  • Source Type: Local scripts or Git-based scripts
  • Trigger: Which events activate this action
  • Parameters: User-configurable inputs (for manual triggers)
  • Execution details: Scripts to run or HTTP requests to make

Automatic vs Callable Actions

Edge Connector actions fall into two categories with different behaviors:

Automatic Actions (on: section)

What they are:
  • Execute automatically in response to Rootly system events
  • Run without user interaction
  • Configured in the on: section where the event type is the key
When to use:
  • Auto-remediation (restart services when alerts fire)
  • Notifications (send webhooks when incidents are created)
  • Data collection (gather logs when alerts trigger)
  • Monitoring integration (sync status to external systems)
Configuration:
Characteristics:
  • ✅ No parameter_definitions needed (no user input)
  • ✅ Execute immediately when events occur
  • ✅ Registered with backend for visibility/audit
  • ✅ Appear in Rootly UI as read-only badges (visible but not clickable)
  • ✅ Users can see what automations are configured
How they appear in Rootly UI:
  • Badge: ”🔄 Script: alert.created” or ”🌐 HTTP: incident.created”
  • Read-only display showing what’s automated
  • No interaction possible (run automatically only)

Callable Actions (callable: section)

What they are:
  • Triggered manually by users from the Rootly UI
  • Require user input via parameter forms
  • Configured in the callable: section where the action slug is the key
When to use:
  • Manual remediation (restart specific services on demand)
  • User-initiated operations (deploy hotfixes, scale infrastructure)
  • Diagnostic tools (collect logs, run health checks)
  • Administrative tasks (clear caches, trigger backups)
Configuration:
Characteristics:
  • ✅ Require parameter_definitions to create UI forms
  • ✅ Users provide input values before execution
  • ✅ Registered with backend to generate UI buttons
  • ✅ Appear in Rootly UI as interactive buttons
  • ✅ Can be triggered from alerts, incidents, or standalone
How they appear in Rootly UI:
  • Button: “Restart Service” with form dialog
  • Users click → fill out form → submit → action executes
  • Real-time execution status and results shown

Comparison Table

Registration Behavior

Both automatic and callable actions are registered with the Rootly backend on connector startup:
  1. Connector Startup:
    • Reads actions.yml configuration
    • Sends all actions to POST /rec/v1/actions endpoint
    • Backend syncs actions for this connector
  2. Backend Processing:
    • Automatic actions (no parameter_definitions):
      • Stored for visibility and audit
      • Displayed as read-only badges in UI
      • Users can see what automations exist
    • Callable actions (with parameter_definitions):
      • UI forms generated from parameter definitions
      • Displayed as interactive buttons
      • Users can click and provide inputs
  3. Sync Behavior:
    • Backend matches actions by slug
    • Creates new actions not seen before
    • Updates existing actions with new configuration
    • Removes actions no longer in config
What gets sent to backend:
  • Action slug, name, description (for UI display)
  • Action type (script or HTTP) and timeout
  • Trigger event types
  • Parameter definitions (for callable actions only)
What stays on connector:
  • Script paths and execution details
  • HTTP URLs, headers, and body templates
  • Security settings and environment variables
The presence of parameter_definitions is what tells the backend whether an action is automatic (read-only) or callable (interactive).

Action File Structure

Actions are defined in an actions.yml file with three main sections:

Action Types

Script Actions

Execute scripts from local filesystem or Git repositories.

Local Scripts

Execute scripts stored on the Edge Connector host:
Key Fields:
  • script: Absolute path to the script to execute
  • timeout: Maximum execution time in seconds
  • parameter_definitions: User inputs when triggered manually
  • trigger: Specifies the event type (alert.action_triggered, incident.action_triggered, or defaults to action.triggered)
  • source_type: local (default) or git

Git-Based Scripts

Execute scripts from a Git repository that the Edge Connector syncs automatically:
Git Options:
  • url: Git repository URL (HTTPS or SSH)
  • branch: Branch to checkout (default: main)
  • poll_interval_sec: How often to pull updates (default: 300)
Git-based scripts allow you to version control your automation scripts and update them without redeploying the Edge Connector.

HTTP Actions

Make HTTP/HTTPS requests to external APIs or webhooks.
HTTP Configuration:
  • url: Target endpoint (supports templates)
  • method: GET, POST, PUT, PATCH, DELETE
  • headers: HTTP headers (supports templates)
  • params: Query parameters
  • body: Request body (supports templates for JSON/text)

Action Triggers

Automatic Event Triggers

These actions run automatically when system events occur. They are defined in the on: section where the event type is the key. Alert Events:
Incident Events:
Available Automatic Triggers:
  • alert.created, alert.updated, alert.acknowledged, alert.resolved, alert.deleted
  • incident.created, incident.updated, incident.in_triage, incident.mitigated, incident.resolved, incident.cancelled, incident.deleted
Automatic triggers do not require parameter_definitions - they execute automatically with event data.

Manual Trigger Events

These actions are triggered manually by users from the Rootly UI. They require parameter_definitions to create input forms. Action on Alert:
Action on Incident:
Standalone Action:

Parameter Definitions

Parameters create user input forms for manually triggered actions.

Parameter Types

String:
Number:
Boolean:
List (Dropdown):
Use type: list with options array for dropdown selections. This is preferred over type: string with options for clarity.

Parameter Fields

  • name: Parameter identifier (used in templates as {{ parameters.name }})
  • type: Data type (string, number, boolean)
  • required: Whether input is mandatory
  • default: Default value if not provided
  • options: List of allowed values (creates dropdown)
  • description: Help text shown in UI

Using Templates in Actions

Actions support Liquid templates for dynamic values. See the Template Syntax guide for detailed documentation.

Event Data Templates

Access event data in your action configuration:

User Parameter Templates

Access user inputs in manually triggered actions:

Environment Variables

Access environment variables securely:

Complete Examples

Example 1: Automatic Alert Response

Automatically restart a service when critical alerts are detected:

Example 2: Manual Service Scaling

Allow users to manually scale services from incidents:

Example 3: Webhook Notification

Send HTTP notification when incidents are mitigated:

Example 4: PagerDuty Integration

Create PagerDuty incidents for high-severity Rootly incidents:

Best Practices

Security

  • Store secrets in environment variables, never in action configuration
  • Use absolute paths for scripts to prevent path traversal
  • Validate user inputs in your scripts
  • Limit script permissions - run with minimal privileges
  • Audit action execution logs regularly

Reliability

  • Set appropriate timeouts based on expected execution time
  • Implement retry logic in your scripts for transient failures
  • Handle errors gracefully and return meaningful error messages
  • Test actions thoroughly before deploying to production
  • Monitor action execution via Rootly dashboard

Configuration

  • Use descriptive IDs (snake_case: restart_production_db)
  • Provide clear names for UI display
  • Write helpful descriptions explaining when to use the action
  • Add parameter descriptions to guide users
  • Use options for parameters with limited valid values

Templates

  • Use default filter for optional fields: {{ field | default: "N/A" }}
  • Test templates with sample event data before deploying
  • Keep templates simple - complex logic belongs in scripts
  • Document template variables in action descriptions

Action Configuration File

Actions are defined in an actions.yml file with three main sections:
The Edge Connector reads this file on startup and registers all actions with Rootly. Key Concepts:
  • defaults: section: Global settings applied to all actions unless overridden
  • on: section: Automatic actions where event type is the key
  • callable: section: Manual actions where action slug is the key
  • source_type: local for filesystem scripts, git for repository-based scripts
  • parameter_definitions: Create user input forms; auto-accessible as {{ parameters.X }}
  • parameters: section: Adds extra parameters beyond user inputs
  • Scripts receive all parameters as REC_PARAM_* environment variables

Next Steps