mirror of
https://github.com/kyverno/policy-reporter.git
synced 2024-12-14 11:57:32 +00:00
Configure SMTP as secret
Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>
This commit is contained in:
parent
3359bb125c
commit
323eb9f4db
7 changed files with 100 additions and 4 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -7,3 +7,4 @@ sqlite-database*.db
|
|||
values.yaml
|
||||
coverage.out
|
||||
heap*
|
||||
/.env*
|
|
@ -1,5 +1,11 @@
|
|||
# Changelog
|
||||
|
||||
# 2.11.3
|
||||
* Policy Reporter
|
||||
* New `emailReports.smtp.secret` configuration to use an existing external secret to configure your SMTP connection
|
||||
* You can set all or a subset of the available keys in your secret: `host`, `port`, `username`, `password`, `from`, `encryption`
|
||||
* Keys available in your secret have a higher priority as your Helm release values.
|
||||
|
||||
# 2.11.2
|
||||
* Policy Reporter
|
||||
* Add new Severity values `info` and `critical`
|
||||
|
|
|
@ -5,8 +5,8 @@ description: |
|
|||
It creates Prometheus Metrics and can send rule validation events to different targets like Loki, Elasticsearch, Slack or Discord
|
||||
|
||||
type: application
|
||||
version: 2.11.2
|
||||
appVersion: 2.8.1
|
||||
version: 2.11.3
|
||||
appVersion: 2.8.2
|
||||
|
||||
icon: https://github.com/kyverno/kyverno/raw/main/img/logo.png
|
||||
home: https://kyverno.github.io/policy-reporter
|
||||
|
|
|
@ -68,6 +68,45 @@ spec:
|
|||
mountPath: /app/config.yaml
|
||||
subPath: config.yaml
|
||||
readOnly: true
|
||||
{{- if .Values.emailReports.smtp.secret }}
|
||||
env:
|
||||
- name: EMAIL_REPORTS_SMTP_HOST
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.emailReports.smtp.secret }}
|
||||
key: host
|
||||
optional: true
|
||||
- name: EMAIL_REPORTS_SMTP_PORT
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.emailReports.smtp.secret }}
|
||||
key: port
|
||||
optional: true
|
||||
- name: EMAIL_REPORTS_SMTP_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.emailReports.smtp.secret }}
|
||||
key: username
|
||||
optional: true
|
||||
- name: EMAIL_REPORTS_SMTP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.emailReports.smtp.secret }}
|
||||
key: password
|
||||
optional: true
|
||||
- name: EMAIL_REPORTS_SMTP_FROM
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.emailReports.smtp.secret }}
|
||||
key: from
|
||||
optional: true
|
||||
- name: EMAIL_REPORTS_SMTP_ENCRYPTION
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.emailReports.smtp.secret }}
|
||||
key: encryption
|
||||
optional: true
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: config-file
|
||||
secret:
|
||||
|
|
|
@ -68,6 +68,45 @@ spec:
|
|||
mountPath: /app/config.yaml
|
||||
subPath: config.yaml
|
||||
readOnly: true
|
||||
{{- if .Values.emailReports.smtp.secret }}
|
||||
env:
|
||||
- name: EMAIL_REPORTS_SMTP_HOST
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.emailReports.smtp.secret }}
|
||||
key: host
|
||||
optional: true
|
||||
- name: EMAIL_REPORTS_SMTP_PORT
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.emailReports.smtp.secret }}
|
||||
key: port
|
||||
optional: true
|
||||
- name: EMAIL_REPORTS_SMTP_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.emailReports.smtp.secret }}
|
||||
key: username
|
||||
optional: true
|
||||
- name: EMAIL_REPORTS_SMTP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.emailReports.smtp.secret }}
|
||||
key: password
|
||||
optional: true
|
||||
- name: EMAIL_REPORTS_SMTP_FROM
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.emailReports.smtp.secret }}
|
||||
key: from
|
||||
optional: true
|
||||
- name: EMAIL_REPORTS_SMTP_ENCRYPTION
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.emailReports.smtp.secret }}
|
||||
key: encryption
|
||||
optional: true
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: config-file
|
||||
secret:
|
||||
|
|
|
@ -2,7 +2,7 @@ image:
|
|||
registry: ghcr.io
|
||||
repository: kyverno/policy-reporter
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 2.8.1
|
||||
tag: 2.8.2
|
||||
|
||||
imagePullSecrets: []
|
||||
|
||||
|
@ -156,6 +156,7 @@ policyPriorities: {}
|
|||
emailReports:
|
||||
clusterName: "" # (optional) - displayed in the email report if configured
|
||||
smtp:
|
||||
secret: "" # (optional) secret name to provide the complete or partial SMTP configuration
|
||||
host: ""
|
||||
port: 465
|
||||
username: ""
|
||||
|
|
|
@ -2,6 +2,7 @@ package config
|
|||
|
||||
import (
|
||||
"log"
|
||||
"strings"
|
||||
|
||||
"github.com/spf13/cobra"
|
||||
"github.com/spf13/viper"
|
||||
|
@ -29,6 +30,7 @@ func Load(cmd *cobra.Command) (*Config, error) {
|
|||
v.SetConfigName("config")
|
||||
}
|
||||
|
||||
v.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
|
||||
v.AutomaticEnv()
|
||||
|
||||
if err := v.ReadInConfig(); err != nil {
|
||||
|
@ -74,6 +76,14 @@ func Load(cmd *cobra.Command) (*Config, error) {
|
|||
log.Printf("[WARNING] failed to bind env POD_NAMESPACE")
|
||||
}
|
||||
|
||||
// bind SMTP config from environment vars, if existing
|
||||
_ = v.BindEnv("emailReports.smtp.username", "EMAIL_REPORTS_SMTP_USERNAME")
|
||||
_ = v.BindEnv("emailReports.smtp.password", "EMAIL_REPORTS_SMTP_PASSWORD")
|
||||
_ = v.BindEnv("emailReports.smtp.encryption", "EMAIL_REPORTS_SMTP_ENCRYPTION")
|
||||
_ = v.BindEnv("emailReports.smtp.host", "EMAIL_REPORTS_SMTP_HOST")
|
||||
_ = v.BindEnv("emailReports.smtp.port", "EMAIL_REPORTS_SMTP_PORT")
|
||||
_ = v.BindEnv("emailReports.smtp.from", "EMAIL_REPORTS_SMTP_FROM")
|
||||
|
||||
c := &Config{}
|
||||
|
||||
err := v.Unmarshal(c)
|
||||
|
|
Loading…
Reference in a new issue