MQL5-Google-Onedrive/TELEGRAM_CONFIGURATION_UPDATE.md

Telegram Bot & Webhook Configuration Update

This document summarizes the changes made to configure the Telegram bot and webhook defaults in the repository.

Overview

The repository has been updated to support Telegram bot integration for deployment automation. The actual credentials are stored securely in config/vault.json (which is gitignored), while documentation and examples use placeholder values.

Changes Made

1. Configuration Files

.env.example

• Added TELEGRAM_BOT_NAME, TELEGRAM_BOT_API, and TELEGRAM_BOT_TOKEN fields
• Uses placeholder values to demonstrate the format

config/vault.json.example

• Created a template showing the proper structure for vault.json
• Includes sections for Cloudflare, Telegram bot, and GitHub PAT
• Uses placeholder values for all sensitive fields

config/startup_config.json

• Updated notifications section to include Telegram bot configuration
• Added telegram subsection with bot_name, bot_token, and enabled fields
• Set webhook URL to Telegram Bot API reference

config/vault.json (gitignored)

• Create a local vault file with your credentials
• This file is never committed to version control (see .gitignore)
• Contains your Telegram bot credentials and (optionally) a GitHub PAT

2. Documentation Updates

scripts/TELEGRAM_BOT_SETUP.md

• Removed references to specific bot credentials
• Updated to use generic placeholder values
• Added guidance on how to create and configure your own bot

docs/Secrets_Management.md

• Updated vault.json structure documentation
• Added new fields for Telegram bot configuration
• Includes GitHub PAT configuration

README.md

• Added a new section on Telegram Bot Deployment
• Provides quick reference to bot commands
• Links to detailed setup guide

3. Code Updates

scripts/load_vault.py

• Added new helper functions:
  • get_telegram_bot_name() - Gets bot name with default fallback
  • get_telegram_webhook_url() - Gets webhook URL with default
  • get_github_pat() - Gets GitHub Personal Access Token
• Added constants for default values (DEFAULT_TELEGRAM_BOT_NAME, DEFAULT_TELEGRAM_WEBHOOK_URL)
• Enhanced get_telegram_token() to support both 'token' and 'api' fields
• Updated main block to export all new environment variables

Credentials (Example / Template)

Store your real credentials in config/vault.json (gitignored). Example structure:

{
  "telegram_bot": {
    "name": "t.me/your_bot_name",
    "token": "your_bot_token_here",
    "webhook_url": "https://core.telegram.org/bots/api"
  },
  "github": {
    "pat": "your_github_personal_access_token_here"
  }
}

Note: If you accidentally committed a real token, rotate it immediately.

Usage

Loading Credentials

# (Optional) Verify vault.json is readable by Python
python3 scripts/load_vault.py

Starting the Telegram Bot

# With credentials from vault.json
python3 scripts/telegram_deploy_bot.py

# Or with environment variables
export TELEGRAM_BOT_TOKEN="your_bot_token_here"
export TELEGRAM_ALLOWED_USER_IDS="your_user_id"
python3 scripts/telegram_deploy_bot.py

Security

• All actual credentials are stored in config/vault.json which is gitignored
• Documentation and example files use placeholder values only
• GitHub PAT is available for automation scripts that need GitHub API access
• Telegram bot token is used for deployment automation via Telegram

Testing

All changes have been validated:

• ✅ Repository validation passed (python scripts/ci_validate_repo.py)
• ✅ CodeQL security scan passed (0 alerts)
• ✅ load_vault.py tested and working correctly
• ✅ Credentials properly isolated from version control

Next Steps

1. Ensure your Telegram user ID is added to allowed_user_ids in vault.json
2. Test the bot by running python scripts/telegram_deploy_bot.py
3. Send /start to your bot on Telegram to verify it's working
4. Use the deployment commands to automate your workflows