forked from prometheus/alertmanager
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
SMTP config: add global and local password file fields (prometheus#3038)
* SMTP config: add global and local password file fields Add config fields (for both global email config and route-specific email config) that specify path to file containing SMTP password. We don't want the password in the config file itself, and reading the password from a k8s-secret-backed file keeps the password itself "encrypted at rest" in etcd, and cleanly separated from the rest of the AM config. I used the same approach as pull request prometheus#2534 "Add support to set the Slack URL in the file" <https://github.com/prometheus/alertmanager/pull/2534/files> in the upstream repo. Signed-off-by: Eric R. Rath <eric.rath@oracle.com> * changed *AuthPasswordFile field types to string per review feedback Signed-off-by: Eric R. Rath <eric.rath@oracle.com> * added error to getPassword() retval per review feedback Signed-off-by: Eric R. Rath <eric.rath@oracle.com> * simplified conf.smtp-* files Signed-off-by: Eric R. Rath <eric.rath@oracle.com> * update docs to reflect field type change Signed-off-by: Eric R. Rath <eric.rath@oracle.com> * don't treat username-without-password as invalid Signed-off-by: Eric R. Rath <eric.rath@oracle.com> * test cleanup Signed-off-by: Eric R. Rath <eric.rath@oracle.com> * Apply suggestions from code review Co-authored-by: Simon Pasquier <spasquie@redhat.com> Signed-off-by: Eric R. Rath <4080262+ericrrath@users.noreply.github.com> * Updated per review feedback Signed-off-by: Eric R. Rath <eric.rath@oracle.com> * added sub-test per review feedback Signed-off-by: Eric R. Rath <eric.rath@oracle.com> * added test on Email.getPassword() per feedback Signed-off-by: Eric R. Rath <eric.rath@oracle.com> * only inherit global SMTP passwords if neither local password field is set Signed-off-by: Eric R. Rath <eric.rath@oracle.com> * removed blank line caught by gofumpt Signed-off-by: Eric R. Rath <eric.rath@oracle.com> Signed-off-by: Eric R. Rath <eric.rath@oracle.com> Signed-off-by: Eric R. Rath <4080262+ericrrath@users.noreply.github.com> Co-authored-by: Simon Pasquier <spasquie@redhat.com> Signed-off-by: Yijie Qin <qinyijie@amazon.com>
- Loading branch information
Showing
9 changed files
with
226 additions
and
36 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
global: | ||
smtp_smarthost: 'localhost:25' | ||
smtp_from: 'alertmanager@example.org' | ||
smtp_auth_username: 'alertmanager' | ||
smtp_auth_password: "multiline\nmysecret" | ||
smtp_auth_password_file: "/tmp/global" | ||
smtp_hello: "host.example.org" | ||
route: | ||
receiver: 'email-notifications' | ||
receivers: | ||
- name: 'email-notifications' | ||
email_configs: | ||
- to: 'one@example.org' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
global: | ||
smtp_smarthost: 'localhost:25' | ||
smtp_from: 'alertmanager@example.org' | ||
smtp_hello: "host.example.org" | ||
route: | ||
receiver: 'email-notifications' | ||
receivers: | ||
- name: 'email-notifications' | ||
email_configs: | ||
- to: 'one@example.org' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
global: | ||
smtp_smarthost: 'localhost:25' | ||
smtp_from: 'alertmanager@example.org' | ||
smtp_auth_username: 'globaluser' | ||
smtp_auth_password_file: '/tmp/globaluserpassword' | ||
smtp_hello: "host.example.org" | ||
route: | ||
receiver: 'email-notifications' | ||
receivers: | ||
- name: 'email-notifications' | ||
email_configs: | ||
# Use global | ||
- to: 'one@example.org' | ||
# Override global with other file | ||
- to: 'two@example.org' | ||
auth_username: 'localuser1' | ||
auth_password_file: '/tmp/localuser1password' | ||
# Override global with inline password | ||
- to: 'three@example.org' | ||
auth_username: 'localuser2' | ||
auth_password: 'mysecret' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters