Integration cookbook
Each integration takes one secret (token / webhook URL) per tenant, stored in the OS keychain. Set it once in Settings → Integrations; workflows then call out without rehandling credentials.
Available
| Integration | What it does | Secret |
|---|---|---|
| Slack | Post a message to a channel. | Incoming-webhook URL |
| GitHub | Create an issue in a repo. | Personal access token (issues:write) |
| AWS SSM | Send a shell command to an EC2 instance. | access_key_id + secret_access_key (JSON) |
| Datadog | Post a custom metric. | API key |
| PagerDuty | Trigger an incident. | Events API v2 routing key |
| Linear | Create an issue in a team. | Personal API key |
| GitLab | Create an issue in a project. | Personal access token (api scope) |
| Cloudflare | Purge zone cache. | API token (Cache Purge zone-scoped) |
Setting a secret
In the desktop: Settings → Integrations → Add. Pick a tenant, pick a kind, paste the secret. The renderer hands it to the Rust backend which writes to the OS keychain; the plaintext never touches disk.
Recipes
Page-on-failure for a backup workflow
Edit the nightly-backup workflow. Add a notify child of the ship node. In the renderer, wire the notify to "PagerDuty trigger" with severity=critical when ship exits non-zero. v2 will offer this as a one-click "add escalation".
Claude triage → Linear issue
Append a node to the log-error-scan workflow: kind=claude (Haiku) summarizing findings into a Linear-issue-shaped JSON, followed by an integration node that creates the issue if severity ≥ medium.
Cloudflare purge after deploy
Add a final node to a deploy workflow: kind=integration, callback=cloudflare_purge_cache with purge_everything: true or a specific URL list. Idempotent and fast.
Coming next
- Webhook trigger source (incoming) — let any external system kick off a workflow.
- Workflow node kind = integration — first-class instead of one-off ops commands.
- Public webhook outbound — let downstream consumers subscribe to workflow events.