SMTP config: add global and local password file fields #3038
Conversation
ericrrath
force-pushed
the
add-smtp-password-file
branch
from
a93e4eb to
aa036db
Compare
|
Can't wait to see this PR in place, thank you much @ericrrath |
|
it looks this PR is what I need to avoid to do weird thing such as :
What this PR requires to do some progress? |
config/notifiers.go
Outdated
| Smarthost HostPort `yaml:"smarthost,omitempty" json:"smarthost,omitempty"` | ||
| AuthUsername string `yaml:"auth_username,omitempty" json:"auth_username,omitempty"` | ||
| AuthPassword Secret `yaml:"auth_password,omitempty" json:"auth_password,omitempty"` | ||
| AuthPasswordFile Secret `yaml:"auth_password_file,omitempty" json:"auth_password_file,omitempty"` |
There was a problem hiding this comment.
We don't need the *File fields to be of type Secret, they can be plain string.
There was a problem hiding this comment.
No problem, fixed.
config/config.go
Outdated
| SMTPSmarthost HostPort `yaml:"smtp_smarthost,omitempty" json:"smtp_smarthost,omitempty"` | ||
| SMTPAuthUsername string `yaml:"smtp_auth_username,omitempty" json:"smtp_auth_username,omitempty"` | ||
| SMTPAuthPassword Secret `yaml:"smtp_auth_password,omitempty" json:"smtp_auth_password,omitempty"` | ||
| SMTPAuthPasswordFile Secret `yaml:"smtp_auth_password_file,omitempty" json:"smtp_auth_password_file,omitempty"` |
There was a problem hiding this comment.
same here about the field's type.
There was a problem hiding this comment.
No problem, fixed.
config/config.go
Outdated
| @@ -365,8 +369,13 @@ func (c *Config) UnmarshalYAML(unmarshal func(interface{}) error) error { | |||
| if ec.AuthUsername == "" { | |||
| ec.AuthUsername = c.Global.SMTPAuthUsername | |||
| } | |||
| if ec.AuthPassword == "" { | |||
| // require a password only if a username is provided | |||
There was a problem hiding this comment.
I don't see how this change relates to the original issue? Can you elaborate?
There was a problem hiding this comment.
Another good catch. I thought username-but-no-password was an invalid config, but now see that it's explicitly supported. Simplified.
There was a problem hiding this comment.
Ugh, wait, sorry, I was rushing, and misread the code in that last part. no-username is supported, but username-without-password still produces errors. Hold on, let me get this sorted. Sorry for the hassle.
There was a problem hiding this comment.
Okay, I finally remembered. Local configs inherit fields from the global config, and now that the SMTP password can come from two different kinds of field -- literal or from-file -- I wanted to avoid having a local config with one kind of field inheriting the other kind of field from global. I.e. if the global config has SMTPAuthPasswordFile set, and a local config has AuthPassword set, that local config should not inherit SMTPAuthPasswordFile.
I updated the code again to enforce that; local configs now only inherit the global SMTP password fields if both of the local fields are unset.
notify/email/email.go
Outdated
| } | ||
| content, err := os.ReadFile(string(n.conf.AuthPasswordFile)) | ||
| if err != nil { | ||
| return "" |
There was a problem hiding this comment.
we should return an error, rather than silently discarding the issue.
There was a problem hiding this comment.
Good catch, fixed. My first instinct was to have this new func treat both the "raw" and "file" fields being unset as an error, and return that error. But the "upstream" code already has a check for that case, so I just had the new func return "" if both fields are unset.
Add config fields (for both global email config and route-specific email config) that specify path to file containing SMTP password. We don't want the password in the config file itself, and reading the password from a k8s-secret-backed file keeps the password itself "encrypted at rest" in etcd, and cleanly separated from the rest of the AM config. I used the same approach as pull request prometheus#2534 "Add support to set the Slack URL in the file" <https://github.com/prometheus/alertmanager/pull/2534/files> in the upstream repo. Signed-off-by: Eric R. Rath <[email protected]>
Signed-off-by: Eric R. Rath <[email protected]>
ericrrath
force-pushed
the
add-smtp-password-file
branch
from
aaedd7b to
397db16
Compare
Signed-off-by: Eric R. Rath <[email protected]>
Signed-off-by: Eric R. Rath <[email protected]>
Signed-off-by: Eric R. Rath <[email protected]>
Signed-off-by: Eric R. Rath <[email protected]>
Signed-off-by: Eric R. Rath <[email protected]>
Co-authored-by: Simon Pasquier <[email protected]> Signed-off-by: Eric R. Rath <[email protected]>
Signed-off-by: Eric R. Rath <[email protected]>
There was a problem hiding this comment.
could you add sub-tests here that verify the happy (password file configured with good value) and sad (password file configured with wrong value) paths?
Signed-off-by: Eric R. Rath <[email protected]>
Another good catch; done! |
Signed-off-by: Eric R. Rath <[email protected]>
… set Signed-off-by: Eric R. Rath <[email protected]>
Signed-off-by: Eric R. Rath <[email protected]>
Done! |
| @@ -365,8 +369,9 @@ func (c *Config) UnmarshalYAML(unmarshal func(interface{}) error) error { | |||
| if ec.AuthUsername == "" { | |||
| ec.AuthUsername = c.Global.SMTPAuthUsername | |||
| } | |||
| if ec.AuthPassword == "" { | |||
| if ec.AuthPassword == "" && ec.AuthPasswordFile == "" { | |||
* SMTP config: add global and local password file fields Add config fields (for both global email config and route-specific email config) that specify path to file containing SMTP password. We don't want the password in the config file itself, and reading the password from a k8s-secret-backed file keeps the password itself "encrypted at rest" in etcd, and cleanly separated from the rest of the AM config. I used the same approach as pull request prometheus#2534 "Add support to set the Slack URL in the file" <https://github.com/prometheus/alertmanager/pull/2534/files> in the upstream repo. Signed-off-by: Eric R. Rath <[email protected]> * changed *AuthPasswordFile field types to string per review feedback Signed-off-by: Eric R. Rath <[email protected]> * added error to getPassword() retval per review feedback Signed-off-by: Eric R. Rath <[email protected]> * simplified conf.smtp-* files Signed-off-by: Eric R. Rath <[email protected]> * update docs to reflect field type change Signed-off-by: Eric R. Rath <[email protected]> * don't treat username-without-password as invalid Signed-off-by: Eric R. Rath <[email protected]> * test cleanup Signed-off-by: Eric R. Rath <[email protected]> * Apply suggestions from code review Co-authored-by: Simon Pasquier <[email protected]> Signed-off-by: Eric R. Rath <[email protected]> * Updated per review feedback Signed-off-by: Eric R. Rath <[email protected]> * added sub-test per review feedback Signed-off-by: Eric R. Rath <[email protected]> * added test on Email.getPassword() per feedback Signed-off-by: Eric R. Rath <[email protected]> * only inherit global SMTP passwords if neither local password field is set Signed-off-by: Eric R. Rath <[email protected]> * removed blank line caught by gofumpt Signed-off-by: Eric R. Rath <[email protected]> Signed-off-by: Eric R. Rath <[email protected]> Signed-off-by: Eric R. Rath <[email protected]> Co-authored-by: Simon Pasquier <[email protected]> Signed-off-by: Yijie Qin <[email protected]>
Add config fields (for both global email config and route-specific email
config) that specify path to file containing SMTP password. We don't
want the password in the config file itself, and reading the password
from a k8s-secret-backed file keeps the password itself "encrypted at
rest" in etcd, and cleanly separated from the rest of the AM config.
This is intended to partially address issue #2498
I used the same approach as pull request #2534