Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature request: override secret censoring during marshaling to YAML #1985

Open
DuskEagle opened this issue Aug 1, 2019 · 6 comments
Open

Feature request: override secret censoring during marshaling to YAML #1985

DuskEagle opened this issue Aug 1, 2019 · 6 comments
Labels
component/config kind/friction

Comments

@DuskEagle
Copy link

DuskEagle commented Aug 1, 2019
edited by simonpasquier
Loading

What did you do?

I am looking for a way to programmatically generate Alertmanager configurations. I imported github.com/prometheus/alertmanager/config into my project and used it to generate an Alertmanager config, which I then marshaled into a YAML string and wrote out to a Kubernetes ConfigMap.

What did you expect to see? What did you see instead?

I expected a working Alertmanager config, but all the API keys for my receivers had been marshaled into the string "<secret>". It would be great if there was a way to override this custom marshaling and get a working Alertmanager config with API keys and other secrets uncensored. They would still need to be censored by default, for places like the Alertmanager UI.

Other approaches

If secrets could be passed into the Alertmanager config using file locations, rather than directly as strings, then there would be no need to override the secret marhsaling behaviour. e.g.

slack_configs:
- api_url: /path/to/api_url
@simonpasquier
Copy link
Member

It's not the first time this request is made but until now, the maintainers are reluctant to expose those types externally. See #1804 (comment) for the arguments.

@mxinden mxinden mentioned this issue Aug 20, 2019
Closed
@bobheadxi bobheadxi mentioned this issue Jul 1, 2020
Merged
3 tasks
@bobheadxi
Copy link

@simonpasquier would a package-level flag work? I can send a PR to enable something like:

config.MarshalSecrets = true
yaml.Marshal(c) // stuff gets outputted with secret

@roidelapluie
Copy link
Member

The usecase is really not clear here.

@bobheadxi
Copy link

bobheadxi commented Jul 1, 2020
edited
Loading

@roidelapluie for my specific case, we're trying to update Alertmanager configuration programatically (rather than by hand). The config package structs make this a lot easier, but unfortunately it is impossible to write updated configuration back to disk for Alertmanager to reload and use since secrets get replaced. Adding something like config.MarshalSecrets would allow anyone using the config package directly to write secrets when needed. This is very similar to the use-case described by @DuskEagle

@bobheadxi bobheadxi mentioned this issue Jul 2, 2020
Closed
@simonpasquier
Copy link
Member

To repeat what Stuart said in an earlier discussion:

makes it much easier to accidentally expose secrets, and is a feature that would be better decided upon by the entire org (do we want to expose config types that can be used to generate a valid config?).

This is the most important point: we want consistency across all projects under the Prometheus organization and Alertmanager alone can't go a different path.

grdryn added a commit to grdryn/prometheus-operator that referenced this issue Sep 7, 2020
@grdryn
Use a proper type for unmarshalling config yaml
3db6e84 
It's not possible to use the upstream type from the Alertmanager
project completely, as it will obfuscate any secrets in the yaml that
it creates, which we don't want. See the following issue for more
info: prometheus/alertmanager#1985
grdryn added a commit to grdryn/prometheus-operator that referenced this issue Sep 7, 2020
@grdryn
Use a proper type for unmarshalling config yaml
5060e3f 
It's not possible to use the upstream type from the Alertmanager
project completely, as it will obfuscate any secrets in the yaml that
it creates, which we don't want. See the following issue for more
info: prometheus/alertmanager#1985
grdryn added a commit to grdryn/prometheus-operator that referenced this issue Sep 8, 2020
@grdryn
Use a proper type for unmarshalling config yaml
5aadae5 
It's not possible to use the upstream type from the Alertmanager
project completely, as it will obfuscate any secrets in the yaml that
it creates, which we don't want. See the following issue for more
info: prometheus/alertmanager#1985
grdryn added a commit to grdryn/prometheus-operator that referenced this issue Sep 10, 2020
@grdryn
Use a proper type for unmarshalling config yaml
a788306 
It's not possible to use the upstream type from the Alertmanager
project completely, as it will obfuscate any secrets in the yaml that
it creates, which we don't want. See the following issue for more
info: prometheus/alertmanager#1985
grdryn added a commit to grdryn/prometheus-operator that referenced this issue Sep 11, 2020
@grdryn
Use a proper type for unmarshalling config yaml
a628767 
It's not possible to use the upstream type from the Alertmanager
project completely, as it will obfuscate any secrets in the yaml that
it creates, which we don't want. See the following issue for more
info: prometheus/alertmanager#1985
grdryn added a commit to grdryn/prometheus-operator that referenced this issue Sep 15, 2020
@grdryn
Use a proper type for unmarshalling config yaml
49ac34e 
It's not possible to use the upstream type from the Alertmanager
project completely, as it will obfuscate any secrets in the yaml that
it creates, which we don't want. See the following issue for more
info: prometheus/alertmanager#1985
grdryn added a commit to grdryn/prometheus-operator that referenced this issue Sep 17, 2020
@grdryn
Use a proper type for unmarshalling config yaml
5c101ec 
It's not possible to use the upstream type from the Alertmanager
project completely, as it will obfuscate any secrets in the yaml that
it creates, which we don't want. See the following issue for more
info: prometheus/alertmanager#1985
grdryn added a commit to grdryn/prometheus-operator that referenced this issue Sep 22, 2020
@grdryn
Use a proper type for unmarshalling config yaml
c0e6bcc 
It's not possible to use the upstream type from the Alertmanager
project completely, as it will obfuscate any secrets in the yaml that
it creates, which we don't want. See the following issue for more
info: prometheus/alertmanager#1985
grdryn added a commit to grdryn/prometheus-operator that referenced this issue Sep 25, 2020
@grdryn
Use a proper type for unmarshalling config yaml
4d320d9 
It's not possible to use the upstream type from the Alertmanager
project completely, as it will obfuscate any secrets in the yaml that
it creates, which we don't want. See the following issue for more
info: prometheus/alertmanager#1985
grdryn added a commit to grdryn/prometheus-operator that referenced this issue Oct 2, 2020
@grdryn
Use a proper type for unmarshalling config yaml
ad7426a 
It's not possible to use the upstream type from the Alertmanager
project completely, as it will obfuscate any secrets in the yaml that
it creates, which we don't want. See the following issue for more
info: prometheus/alertmanager#1985
grdryn added a commit to grdryn/prometheus-operator that referenced this issue Oct 5, 2020
@grdryn
Use a proper type for unmarshalling config yaml
402d60e 
It's not possible to use the upstream type from the Alertmanager
project completely, as it will obfuscate any secrets in the yaml that
it creates, which we don't want. See the following issue for more
info: prometheus/alertmanager#1985
grdryn added a commit to grdryn/prometheus-operator that referenced this issue Oct 8, 2020
@grdryn
Use a proper type for unmarshalling config yaml
4c246e4 
It's not possible to use the upstream type from the Alertmanager
project completely, as it will obfuscate any secrets in the yaml that
it creates, which we don't want. See the following issue for more
info: prometheus/alertmanager#1985
@roidelapluie
Copy link
Member

After reconsidering, it seems that it may be reasonable for libraries to choose to participate in this, particularly as webhook URLs are being treated as secrets in next releases.

@wallee94 wallee94 mentioned this issue Dec 6, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
component/config kind/friction
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

config: add MarshalSecrets flag
4 participants
@roidelapluie @simonpasquier @DuskEagle @bobheadxi