Skip to content

Commit

Permalink
Merged pull request influxdata#1053 from allen13/alerta-tls
Browse files Browse the repository at this point in the history
Move alerta api token to header and add option to skip TLS verification.
  • Loading branch information
nathanielc committed Nov 21, 2016
2 parents 925bc2a + 39b5a8d commit 7b2f676
Show file tree
Hide file tree
Showing 5 changed files with 43 additions and 13 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ stream
- [#327](https://github.com/influxdata/kapacitor/issues/327): You can now window based on count in addition to time.
- [#913](https://github.com/influxdata/kapacitor/issues/913): Add fillPeriod option to Window node, so that the first emit waits till the period has elapsed before emitting.
- [#898](https://github.com/influxdata/kapacitor/issues/898): Now when the Window node every value is zero, the window will be emitted immediately for each new point.
- [#1052](https://github.com/influxdata/kapacitor/issues/1052): Move alerta api token to header and add option to skip TLS verification.

### Bugfixes

Expand Down
10 changes: 8 additions & 2 deletions integrations/streamer_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -6790,9 +6790,12 @@ func TestStream_AlertAlerta(t *testing.T) {
dec.Decode(&pd)

if rc := atomic.LoadInt32(&requestCount); rc == 1 {
if exp := "/alert?api-key=testtoken1234567"; r.URL.String() != exp {
if exp := "/alert"; r.URL.String() != exp {
t.Errorf("unexpected url got %s exp %s", r.URL.String(), exp)
}
if exp := "Bearer testtoken1234567"; r.Header.Get("Authorization") != exp {
t.Errorf("unexpected token in header got %s exp %s", r.Header.Get("Authorization"), exp)
}
if exp := "cpu"; pd.Resource != exp {
t.Errorf("unexpected resource got %s exp %s", pd.Resource, exp)
}
Expand All @@ -6815,9 +6818,12 @@ func TestStream_AlertAlerta(t *testing.T) {
t.Errorf("unexpected origin got %s exp %s", pd.Origin, exp)
}
} else {
if exp := "/alert?api-key=anothertesttoken"; r.URL.String() != exp {
if exp := "/alert"; r.URL.String() != exp {
t.Errorf("unexpected url got %s exp %s", r.URL.String(), exp)
}
if exp := "Bearer anothertesttoken"; r.Header.Get("Authorization") != exp {
t.Errorf("unexpected token in header got %s exp %s", r.Header.Get("Authorization"), exp)
}
if exp := "resource: serverA"; pd.Resource != exp {
t.Errorf("unexpected resource got %s exp %s", pd.Resource, exp)
}
Expand Down
4 changes: 4 additions & 0 deletions server/server_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -5296,6 +5296,7 @@ func TestServer_UpdateConfig(t *testing.T) {
"origin": "",
"token": false,
"url": "http://alerta.example.com",
"insecure-skip-verify": false,
},
Redacted: []string{
"token",
Expand All @@ -5310,6 +5311,7 @@ func TestServer_UpdateConfig(t *testing.T) {
"origin": "",
"token": false,
"url": "http://alerta.example.com",
"insecure-skip-verify": false,
},
Redacted: []string{
"token",
Expand All @@ -5333,6 +5335,7 @@ func TestServer_UpdateConfig(t *testing.T) {
"origin": "kapacitor",
"token": true,
"url": "http://alerta.example.com",
"insecure-skip-verify": false,
},
Redacted: []string{
"token",
Expand All @@ -5347,6 +5350,7 @@ func TestServer_UpdateConfig(t *testing.T) {
"origin": "kapacitor",
"token": true,
"url": "http://alerta.example.com",
"insecure-skip-verify": false,
},
Redacted: []string{
"token",
Expand Down
2 changes: 2 additions & 0 deletions services/alerta/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ type Config struct {
Enabled bool `toml:"enabled" override:"enabled"`
// The Alerta URL.
URL string `toml:"url" override:"url"`
// Whether to skip the tls verification of the alerta host
InsecureSkipVerify bool `toml:"insecure-skip-verify" override:"insecure-skip-verify"`
// The authentication token for this notification, can be overridden per alert.
Token string `toml:"token" override:"token,redact"`
// The environment in which to raise the alert.
Expand Down
39 changes: 28 additions & 11 deletions services/alerta/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@ package alerta

import (
"bytes"
"crypto/tls"
"encoding/json"
"errors"
"fmt"
"io"
"io/ioutil"
"log"
"net/http"
Expand All @@ -16,6 +16,7 @@ import (

type Service struct {
configValue atomic.Value
clientValue atomic.Value
logger *log.Logger
}

Expand All @@ -24,6 +25,11 @@ func NewService(c Config, l *log.Logger) *Service {
logger: l,
}
s.configValue.Store(c)
s.clientValue.Store(&http.Client{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: c.InsecureSkipVerify},
},
})
return s
}

Expand Down Expand Up @@ -95,7 +101,13 @@ func (s *Service) Update(newConfig []interface{}) error {
return fmt.Errorf("expected config object to be of type %T, got %T", c, newConfig[0])
} else {
s.configValue.Store(c)
s.clientValue.Store(&http.Client{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: c.InsecureSkipVerify},
},
})
}

return nil
}

Expand All @@ -104,12 +116,13 @@ func (s *Service) Alert(token, resource, event, environment, severity, group, va
return errors.New("Resource and Event are required to send an alert")
}

url, post, err := s.preparePost(token, resource, event, environment, severity, group, value, message, origin, service, data)
req, err := s.preparePost(token, resource, event, environment, severity, group, value, message, origin, service, data)
if err != nil {
return err
}

resp, err := http.Post(url, "application/json", post)
client := s.clientValue.Load().(*http.Client)
resp, err := client.Do(req)
if err != nil {
return err
}
Expand All @@ -131,11 +144,11 @@ func (s *Service) Alert(token, resource, event, environment, severity, group, va
return nil
}

func (s *Service) preparePost(token, resource, event, environment, severity, group, value, message, origin string, service []string, data interface{}) (string, io.Reader, error) {
func (s *Service) preparePost(token, resource, event, environment, severity, group, value, message, origin string, service []string, data interface{}) (*http.Request, error) {
c := s.config()

if !c.Enabled {
return "", nil, errors.New("service is not enabled")
return nil, errors.New("service is not enabled")
}

if token == "" {
Expand All @@ -152,12 +165,9 @@ func (s *Service) preparePost(token, resource, event, environment, severity, gro

u, err := url.Parse(c.URL)
if err != nil {
return "", nil, err
return nil, err
}
u.Path = path.Join(u.Path, "alert")
v := url.Values{}
v.Set("api-key", token)
u.RawQuery = v.Encode()

postData := make(map[string]interface{})
postData["resource"] = resource
Expand All @@ -177,8 +187,15 @@ func (s *Service) preparePost(token, resource, event, environment, severity, gro
enc := json.NewEncoder(&post)
err = enc.Encode(postData)
if err != nil {
return "", nil, err
return nil, err
}

req, err := http.NewRequest("POST", u.String(), &post)
req.Header.Add("Authorization", "Bearer "+token)
req.Header.Add("Content-Type", "application/json")
if err != nil {
return nil, err
}

return u.String(), &post, nil
return req, nil
}

0 comments on commit 7b2f676

Please sign in to comment.