RepoMirrors
/
alertmanager
mirror of https://github.com/prometheus/alertmanager
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

mark webhook URL as a secret (#3228) 

Signed-off-by: Simon Rozet <me@simonrozet.com>
This commit is contained in:
Simon Rozet 2023-02-02 17:23:51 +01:00 committed by GitHub
parent 01f3a474c9
commit 8f559aad34
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 23 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config/notifiers.go
View File

@ -473,7 +473,8 @@ type WebhookConfig struct {
HTTPConfig *commoncfg.HTTPClientConfig `yaml:"http_config,omitempty" json:"http_config,omitempty"`
// URL to send POST request to.
URL *URL `yaml:"url" json:"url"`
URL *SecretURL `yaml:"url" json:"url"`
// MaxAlerts is the maximum number of alerts to be sent per webhook message.
// Alerts exceeding this threshold will be truncated. Setting this to 0
// allows an unlimited number of alerts.

2
docs/configuration.md
View File

@ -1116,7 +1116,7 @@ The webhook receiver allows configuring a generic receiver.
[ send_resolved: <boolean> | default = true ]
# The endpoint to send HTTP POST requests to.
url: <string>
url: <secret>
# The HTTP client's configuration.
[ http_config: <http_config> | default = global.http_config ]

2
notify/webhook/webhook.go
View File

@ -103,7 +103,7 @@ func (n *Notifier) Notify(ctx context.Context, alerts ...*types.Alert) (bool, er
resp, err := notify.PostJSON(ctx, n.client, n.conf.URL.String(), &buf)
if err != nil {
return true, err
return true, notify.RedactURL(err)
}
defer notify.Drain(resp)

20
notify/webhook/webhook_test.go
View File

@ -37,7 +37,7 @@ func TestWebhookRetry(t *testing.T) {
}
notifier, err := New(
&config.WebhookConfig{
URL: &config.URL{URL: u},
URL: &config.SecretURL{URL: u},
HTTPConfig: &commoncfg.HTTPClientConfig{},
},
test.CreateTmpl(t),
@ -98,3 +98,21 @@ func TestWebhookTruncateAlerts(t *testing.T) {
require.Len(t, truncatedAlerts, 10)
require.EqualValues(t, numTruncated, 0)
}
func TestWebhookRedactedURL(t *testing.T) {
ctx, u, fn := test.GetContextWithCancelingURL()
defer fn()
secret := "secret"
notifier, err := New(
&config.WebhookConfig{
URL: &config.SecretURL{URL: u},
HTTPConfig: &commoncfg.HTTPClientConfig{},
},
test.CreateTmpl(t),
log.NewNopLogger(),
)
require.NoError(t, err)
test.AssertNotifyLeaksNoSecret(ctx, t, notifier, secret)
}