diff --git a/falcosidekick/CHANGELOG.md b/falcosidekick/CHANGELOG.md index 5601a57f4..7e32676c5 100644 --- a/falcosidekick/CHANGELOG.md +++ b/falcosidekick/CHANGELOG.md @@ -9,6 +9,7 @@ Before release 0.1.20, the helm chart can be found in `falcosidekick` [repositor * Add `alertmanager.extralabels` and `alertmanager.extraannotations` to the values, as a list of comma separated labels and annotations to add to the AlertManager trigger. +* Add `smtp.autmechanism` and associated fields to be able to use any SASL mechanism. ## 0.5.6 diff --git a/falcosidekick/README.md b/falcosidekick/README.md index 230d1987e..09a91cbfb 100644 --- a/falcosidekick/README.md +++ b/falcosidekick/README.md @@ -320,13 +320,17 @@ The following table lists the main configurable parameters of the Falcosidekick | `config.slack.outputformat` | `all` (default), `text` (only text is displayed in Slack), `fields` (only fields are displayed in Slack) | `all` | | `config.slack.username` | Slack username | `falcosidekick` | | `config.slack.webhookurl` | Slack Webhook URL (ex: ), if not `empty`, Slack output is *enabled* | `""` | -| `config.smtp.from` | Sender address (mandatory if SMTP output is *enabled*) | `""` | | `config.smtp.hostport` | "host:port" address of SMTP server, if not empty, SMTP output is *enabled* | `""` | -| `config.smtp.minimumpriority` | minimum priority of event for using use this output, order is `emergency\|alert\|critical\|error\|warning\|notice\|informational\|debug or ""` | `debug` | -| `config.smtp.outputformat` | html, text | `html` | +| `config.smtp.authmechanism` | SASL Mechanisms : plain, oauthbearer, external, anonymous or "" (disable SASL). | `plain` | +| `config.smtp.user` | user to access SMTP server | `""` | | `config.smtp.password` | password to access SMTP server | `""` | +| `config.smtp.token` | OAuthBearer token for OAuthBearer Mechanism | `""` | +| `config.smtp.identity` | identity string for Plain and External Mechanisms | `""` | +| `config.smtp.trace` | trace string for Anonymous Mechanism | `""` | +| `config.smtp.from` | Sender address (mandatory if SMTP output is *enabled*) | `""` | | `config.smtp.to` | comma-separated list of Recipident addresses, can't be empty (mandatory if SMTP output is *enabled*) | `""` | -| `config.smtp.user` | user to access SMTP server | `""` | +| `config.smtp.outputformat` | html, text | `html` | +| `config.smtp.minimumpriority` | minimum priority of event for using use this output, order is `emergency\|alert\|critical\|error\|warning\|notice\|informational\|debug or ""` | `debug` | | `config.stan.checkcert` | check if ssl certificate of the output is valid | `true` | | `config.stan.clientid` | Client ID, if not empty, STAN output is *enabled* | `""` | | `config.stan.clusterid` | Cluster name, if not empty, STAN output is *enabled* | `debug` | diff --git a/falcosidekick/templates/secrets.yaml b/falcosidekick/templates/secrets.yaml index e7a9c9357..7ad7cb137 100644 --- a/falcosidekick/templates/secrets.yaml +++ b/falcosidekick/templates/secrets.yaml @@ -94,9 +94,13 @@ data: AWS_KINESIS_MINIMUMPRIORITY: "{{ .Values.config.aws.kinesis.minimumpriority | b64enc }}" # SMTP Output + SMTP_HOSTPORT: "{{ .Values.config.smtp.hostport | b64enc }}" + SMTP_AUTHMECHANISM: "{{ .Values.config.smtp.authmechanism | b64enc }}" SMTP_USER: "{{ .Values.config.smtp.user | b64enc }}" SMTP_PASSWORD: "{{ .Values.config.smtp.password | b64enc }}" - SMTP_HOSTPORT: "{{ .Values.config.smtp.hostport | b64enc }}" + SMTP_TOKEN: "{{ .Values.config.smtp.token | b64enc }}" + SMTP_IDENTITY: "{{ .Values.config.smtp.identity | b64enc }}" + SMTP_TRACE: "{{ .Values.config.smtp.trace | b64enc }}" SMTP_FROM: "{{ .Values.config.smtp.from | b64enc }}" SMTP_TO: "{{ .Values.config.smtp.to | b64enc }}" SMTP_OUTPUTFORMAT: "{{ .Values.config.smtp.outputformat | b64enc }}" diff --git a/falcosidekick/values.yaml b/falcosidekick/values.yaml index 828ab28d2..251cbc8ba 100644 --- a/falcosidekick/values.yaml +++ b/falcosidekick/values.yaml @@ -165,8 +165,12 @@ config: smtp: hostport: "" - user: "" - password: "" + authmechanism: "plain" # SASL Mechanisms : plain, oauthbearer, external, anonymous or "" (disable SASL). Default: plain + user: "" # user for Plain Mechanism + password: "" # password for Plain Mechanism + token: "" # OAuthBearer token for OAuthBearer Mechanism + identity: "" # identity string for Plain and External Mechanisms + trace: "" # trace string for Anonymous Mechanism from: "" to: "" outputformat: "html"