Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add support for TLSConfig in webhook receiver #247

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

add support for TLSConfig in webhook receiver #247

wants to merge 8 commits into from

Conversation

titolins
Copy link

@titolins titolins commented Sep 19, 2024
edited
Loading

@CLAassistant
Copy link

CLAassistant commented Sep 19, 2024
edited
Loading

CLA assistant check
All committers have signed the CLA.

This was referenced Sep 19, 2024
Open
Open
@titolins titolins marked this pull request as ready for review September 20, 2024 00:42
@titolins titolins requested a review from a team as a code owner September 20, 2024 00:42
fayzal-g
fayzal-g reviewed Sep 20, 2024
View reviewed changes
receivers/webhook/webhook.go
@@ -111,13 +112,21 @@ func (wn *Notifier) Notify(ctx context.Context, as ...*types.Alert) (bool, error
return false, tmplErr
}

var tlsConfig *tls.Config
if wn.settings.TLSConfig != nil {
if tlsConfig, err = wn.settings.TLSConfig.ToCryptoTLSConfig(); err != nil {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Slightly unrelated to this PR, but we are pretty much redefining the library here: https://github.com/grafana/dskit/blob/main/crypto/tls/tls.go#L87

It would need to be updated to take the certs/keys as a string though (currently only takes filepaths)

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, that's a good point. You'd mention that library but I just went with the same setup that we had for mqtt and forgot about it.
The dskit is more complete also. I could adapt both to use that instead or create another issue to standardize it after this is merged - wdyt?

receivers/webhook/webhook_test.go
},
},
expMsgError: fmt.Errorf("Unable to use the provided CA certificate"),
},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add another test case for InsecureSkipVerify: true?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, done now 👍

@titolins titolins force-pushed the titolins/support_tls_config_for_webhook_receiver branch from caa9015 to e29973e Compare October 15, 2024 12:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nightfall-for-github nightfall-for-github[bot] nightfall-for-github[bot] left review comments

@fayzal-g fayzal-g Awaiting requested review from fayzal-g

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
Alerting
Status: In review
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@titolins @CLAassistant @fayzal-g