-
Notifications
You must be signed in to change notification settings - Fork 476
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
environment variable parsing in http plugin #2923
Comments
@fgeck: Thanks for opening an issue, it is currently awaiting triage. In the meantime, you can:
DetailsI am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository. |
@fgeck: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.
DetailsI am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository. |
+1 would like the same thing. |
I tried and it works if you use ${VAR} cf https://docs.crowdsec.net/docs/configuration/crowdsec_configuration/#environment-variables |
Just to confirm the |
Can you paste your configuration so I can compare it to mine? |
tldr; currently variables will work with configurations that are not the Test showing the current
Please note the
As you can see the Note Using Add some debug information so we can make an informed choice on how to proceed: It seems we already strictexpand the configuration when the configuration is sent to plugin via crowdsec/pkg/csplugin/broker.go Line 268 in 4748720
this means variables used outside the An easy fix, would be to expand the yaml at load time instead of only sending the expanded data to the plugin so the broker has the information it needs within the Example fix
and then removing the strict expand above since we already expanded above. Security notice: there is a case where we could say "well this may impact security" but we already been expanding the information before it sent to the plugin anyways so this change will only allow the broker to know about the Edit: Add some testing I did with changes. As you can see now the variable is modified within the
Important A thing to note that |
Okay following talking to the team it seems you can achieve this on the current crowdsec version i just had skill issues 😆 Add some more information
Here is the config template:
|
Thank you for the clarification! I adjusted my configuration:
I tested the changes:
Thank you for investigating this! All that remains is to update the documentation to identify the use of variables between the Go Templating and the notification template. |
I have extended the If anyone has any comments to make on the clearness of what I wrote then please let me know on the PR itself linked above. |
I store my crowdsec configuration in a github respository.
For notifications I use http plugin to push data to my telegram bot, but the issue relates to any http plugin which pushes data using credentials to authenticate.
In the format section I can already use sprig
env
function to substitue env vars (see below).To not be forced to store my credentials in the
notifications/http.yaml
file I would like to use environment variables in the http plugin which will be resolved.Example:
Why is this needed?
The text was updated successfully, but these errors were encountered: