Skip to main content
Tags, environments, secrets, webhooks, and dependencies are supporting resources you define alongside monitors and alert channels.

Tags

Tags organize monitors for filtering and alert routing: 
tags:
  - name: production
    color: "#10b981"
  - name: api
    color: "#3b82f6"
  - name: database
FieldTypeRequiredDescription
namestringYesTag name, unique within the organization
colorstringHex color code (e.g., #10b981)
Reference tags by name in monitors: 
monitors:
  - name: API Health
    tags: [production, api]

Environments

Environments represent deployment stages with variable substitution: 
environments:
  - name: Production
    slug: production
    isDefault: true
    variables:
      BASE_URL: https://api.example.com
      TIMEOUT: "30"

  - name: Staging
    slug: staging
    variables:
      BASE_URL: https://staging-api.example.com
      TIMEOUT: "60"
FieldTypeRequiredDescription
namestringYesHuman-readable name
slugstringYesURL-safe identifier (lowercase, hyphens, underscores)
isDefaultbooleanWhether this is the default environment
variablesmapKey-value pairs for variable substitution
Reference environments by slug in monitors: 
monitors:
  - name: API Health
    environment: production

Secrets

Secrets store sensitive credentials in the DevHelm vault. Define them in YAML and reference them in monitor auth blocks: 
secrets:
  - key: API_TOKEN
    value: ${API_TOKEN}
  - key: BASIC_CREDS
    value: ${BASIC_AUTH_CREDENTIALS}
FieldTypeRequiredDescription
keystringYesSecret name (used to reference in auth blocks)
valuestringYesSecret value (use ${VAR} to inject from environment)
Reference secrets by key in monitor authentication: 
monitors:
  - name: Protected API
    type: HTTP
    config:
      url: https://api.example.com/internal
    auth:
      type: BearerAuthConfig
      secret: API_TOKEN
Secret values are write-only. The CLI compares SHA-256 hashes for drift detection — actual values are never read back from the API.

Webhooks

Platform webhooks push events from DevHelm to your HTTP endpoints: 
webhooks:
  - url: https://hooks.example.com/devhelm
    events: [monitor.created, incident.created, incident.resolved]
    description: Event forwarder
    enabled: true
FieldTypeRequiredDescription
urlstringYesEndpoint URL (also used as the unique identifier)
eventsstring[]YesEvent types to subscribe to
descriptionstringHuman-readable description
enabledbooleanWhether the webhook is active (default: true)

Dependencies

Track third-party services from the Status Data catalog: 
dependencies:
  - service: github
    alertSensitivity: INCIDENTS_ONLY
  - service: aws-s3
    alertSensitivity: MAJOR_ONLY
    component: us-east-1
FieldTypeRequiredDescription
servicestringYesService slug from the catalog
alertSensitivitystringALL, INCIDENTS_ONLY, or MAJOR_ONLY
componentstringSpecific service component to monitor

Next steps

Monitors

Define monitors that use tags, environments, and secrets.

File format

Full YAML schema overview.