mark webhook URL as a secret (#3228)
Signed-off-by: Simon Rozet <me@simonrozet.com>
This commit is contained in:
parent
01f3a474c9
commit
8f559aad34
|
@ -473,7 +473,8 @@ type WebhookConfig struct {
|
||||||
HTTPConfig *commoncfg.HTTPClientConfig `yaml:"http_config,omitempty" json:"http_config,omitempty"`
|
HTTPConfig *commoncfg.HTTPClientConfig `yaml:"http_config,omitempty" json:"http_config,omitempty"`
|
||||||
|
|
||||||
// URL to send POST request to.
|
// URL to send POST request to.
|
||||||
URL *URL `yaml:"url" json:"url"`
|
URL *SecretURL `yaml:"url" json:"url"`
|
||||||
|
|
||||||
// MaxAlerts is the maximum number of alerts to be sent per webhook message.
|
// MaxAlerts is the maximum number of alerts to be sent per webhook message.
|
||||||
// Alerts exceeding this threshold will be truncated. Setting this to 0
|
// Alerts exceeding this threshold will be truncated. Setting this to 0
|
||||||
// allows an unlimited number of alerts.
|
// allows an unlimited number of alerts.
|
||||||
|
|
|
@ -1116,7 +1116,7 @@ The webhook receiver allows configuring a generic receiver.
|
||||||
[ send_resolved: <boolean> | default = true ]
|
[ send_resolved: <boolean> | default = true ]
|
||||||
|
|
||||||
# The endpoint to send HTTP POST requests to.
|
# The endpoint to send HTTP POST requests to.
|
||||||
url: <string>
|
url: <secret>
|
||||||
|
|
||||||
# The HTTP client's configuration.
|
# The HTTP client's configuration.
|
||||||
[ http_config: <http_config> | default = global.http_config ]
|
[ http_config: <http_config> | default = global.http_config ]
|
||||||
|
|
|
@ -103,7 +103,7 @@ func (n *Notifier) Notify(ctx context.Context, alerts ...*types.Alert) (bool, er
|
||||||
|
|
||||||
resp, err := notify.PostJSON(ctx, n.client, n.conf.URL.String(), &buf)
|
resp, err := notify.PostJSON(ctx, n.client, n.conf.URL.String(), &buf)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return true, err
|
return true, notify.RedactURL(err)
|
||||||
}
|
}
|
||||||
defer notify.Drain(resp)
|
defer notify.Drain(resp)
|
||||||
|
|
||||||
|
|
|
@ -37,7 +37,7 @@ func TestWebhookRetry(t *testing.T) {
|
||||||
}
|
}
|
||||||
notifier, err := New(
|
notifier, err := New(
|
||||||
&config.WebhookConfig{
|
&config.WebhookConfig{
|
||||||
URL: &config.URL{URL: u},
|
URL: &config.SecretURL{URL: u},
|
||||||
HTTPConfig: &commoncfg.HTTPClientConfig{},
|
HTTPConfig: &commoncfg.HTTPClientConfig{},
|
||||||
},
|
},
|
||||||
test.CreateTmpl(t),
|
test.CreateTmpl(t),
|
||||||
|
@ -98,3 +98,21 @@ func TestWebhookTruncateAlerts(t *testing.T) {
|
||||||
require.Len(t, truncatedAlerts, 10)
|
require.Len(t, truncatedAlerts, 10)
|
||||||
require.EqualValues(t, numTruncated, 0)
|
require.EqualValues(t, numTruncated, 0)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestWebhookRedactedURL(t *testing.T) {
|
||||||
|
ctx, u, fn := test.GetContextWithCancelingURL()
|
||||||
|
defer fn()
|
||||||
|
|
||||||
|
secret := "secret"
|
||||||
|
notifier, err := New(
|
||||||
|
&config.WebhookConfig{
|
||||||
|
URL: &config.SecretURL{URL: u},
|
||||||
|
HTTPConfig: &commoncfg.HTTPClientConfig{},
|
||||||
|
},
|
||||||
|
test.CreateTmpl(t),
|
||||||
|
log.NewNopLogger(),
|
||||||
|
)
|
||||||
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
test.AssertNotifyLeaksNoSecret(ctx, t, notifier, secret)
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue