Annotate

mod_pubsub_alertmanager/mod_pubsub_alertmanager.lua @ 5404:1087f697c3f3

mod_http_oauth2: Strip unknown extra fields from client registration We shouldn't sign things we don't understand! RFC 7591 section-2 states: > The authorization server MUST ignore any client metadata sent by the > client that it does not understand (for instance, by silently removing > unknown metadata from the client's registration record during > processing). Prevents grandfathering in of unvalidated data that might become used later, especially since the 'additionalProperties' schema keyword was removed in 698fef74ce53
author Kim Alvefur <zash@zash.se>
date Tue, 02 May 2023 16:23:40 +0200
parent 4627:adda872fa9e1
child 5485:67190744b1eb
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1619
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 local st = require "util.stanza";
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 local json = require "util.json";
4625
f7e26c43a9bc mod_pubsub_alertmanager: Add TODOs
Kim Alvefur <zash@zash.se>
parents: 4621
diff changeset
3 local filters = { --[[ TODO what's useful? ]] };
4619
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
4 local render = require "util.interpolation".new("%b{}", tostring, filters);
1619
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 local uuid_generate = require "util.uuid".generate;
4618
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
6
4625
f7e26c43a9bc mod_pubsub_alertmanager: Add TODOs
Kim Alvefur <zash@zash.se>
parents: 4621
diff changeset
7 -- TODO alertmanager supports inclusion of HTTP auth and OAuth, worth looking
f7e26c43a9bc mod_pubsub_alertmanager: Add TODOs
Kim Alvefur <zash@zash.se>
parents: 4621
diff changeset
8 -- into for using instead of request IP
f7e26c43a9bc mod_pubsub_alertmanager: Add TODOs
Kim Alvefur <zash@zash.se>
parents: 4621
diff changeset
9
4618
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
10 module:depends("http");
1619
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 local pubsub_service = module:depends("pubsub").service;
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
14 local error_mapping = {
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
15 ["forbidden"] = 403;
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
16 ["item-not-found"] = 404;
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
17 ["internal-server-error"] = 500;
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
18 ["conflict"] = 409;
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
19 };
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
20
3017
8e48c0b233e0 mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents: 3016
diff changeset
21 local function publish_payload(node, actor, item_id, payload)
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
22 local post_item = st.stanza("item", { xmlns = "http://jabber.org/protocol/pubsub", id = item_id, })
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
23 :add_child(payload);
3017
8e48c0b233e0 mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents: 3016
diff changeset
24 local ok, err = pubsub_service:publish(node, actor, item_id, post_item);
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
25 module:log("debug", ":publish(%q, true, %q, %s) -> %q", node, item_id, payload:top_tag(), err or "");
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
26 if not ok then
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
27 return error_mapping[err] or 500;
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
28 end
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
29 return 202;
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
30 end
1619
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
31
4621
ebc2c099a11b mod_pubsub_alertmanager: Allow templating the pubsub node to publish to
Kim Alvefur <zash@zash.se>
parents: 4620
diff changeset
32 local node_template = module:get_option_string("alertmanager_node_template", "{path?alerts}");
ebc2c099a11b mod_pubsub_alertmanager: Allow templating the pubsub node to publish to
Kim Alvefur <zash@zash.se>
parents: 4620
diff changeset
33
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
34 function handle_POST(event, path)
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
35 local request = event.request;
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
36
4618
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
37 local payload = json.decode(event.request.body);
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
38 if type(payload) ~= "table" then return 400; end
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
39 if payload.version ~= "4" then return 501; end
3501
1df139b157fb mod_pubsub_post: Add support for WebSub authentication
Kim Alvefur <zash@zash.se>
parents: 3255
diff changeset
40
4618
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
41 for _, alert in ipairs(payload.alerts) do
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
42 local item = st.stanza("alerts", {xmlns = "urn:uuid:e3bec775-c607-4e9b-9a3f-94de1316d861:v4", status=alert.status});
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
43 for k, v in pairs(alert.annotations) do
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
44 item:text_tag("annotation", v, { name=k });
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
45 end
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
46 for k, v in pairs(alert.labels) do
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
47 item:text_tag("label", v, { name=k });
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
48 end
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
49 item:tag("starts", { at = alert.startsAt}):up();
4626
285efde5e8a5 mod_pubsub_alertmanager: Exclude "ends at" timestamp for unresolved alerts
Kim Alvefur <zash@zash.se>
parents: 4625
diff changeset
50 if alert.endsAt and alert.status == "resolved" then
4618
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
51 item:tag("ends", { at = alert.endsAt }):up();
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
52 end
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
53 if alert.generatorURL then
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
54 item:tag("link", { href=alert.generatorURL }):up();
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
55 end
3255
64d1dfbd1740 mod_pubsub_post: Ensure actor is non-nil (catch inability to determine IP or simliar)
Kim Alvefur <zash@zash.se>
parents: 3254
diff changeset
56
4621
ebc2c099a11b mod_pubsub_alertmanager: Allow templating the pubsub node to publish to
Kim Alvefur <zash@zash.se>
parents: 4620
diff changeset
57 local node = render(node_template, {alert = alert, path = path, payload = payload, request = request});
ebc2c099a11b mod_pubsub_alertmanager: Allow templating the pubsub node to publish to
Kim Alvefur <zash@zash.se>
parents: 4620
diff changeset
58 local ret = publish_payload(node, request.ip, uuid_generate(), item);
4618
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
59 if ret ~= 202 then
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
60 return ret
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
61 end
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
62 end
4618
48132b6e1b16 mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents: 4552
diff changeset
63 return 202;
1619
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
64 end
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
65
4620
9b253cce7d88 mod_pubsub_alertmanager: Allow configuring template for <body> rendering
Kim Alvefur <zash@zash.se>
parents: 4619
diff changeset
66 local template = module:get_option_string("alertmanager_body_template", [[
4619
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
67 *ALARM!*
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
68 Status: {status}
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
69 Starts at: {startsAt}{endsAt&
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
70 Ends at: {endsAt}}
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
71 Labels: {labels%
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
72 {idx}: {item}}
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
73 Annotations: {annotations%
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
74 {idx}: {item}}
4620
9b253cce7d88 mod_pubsub_alertmanager: Allow configuring template for <body> rendering
Kim Alvefur <zash@zash.se>
parents: 4619
diff changeset
75 ]]);
4619
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
76
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
77 module:hook("pubsub-summary/urn:uuid:e3bec775-c607-4e9b-9a3f-94de1316d861:v4", function(event)
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
78 local payload = event.payload;
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
79
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
80 local data = {
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
81 status = payload.attr.status,
4627
adda872fa9e1 mod_pubsub_alertmanager: Include status booleans in template input
Kim Alvefur <zash@zash.se>
parents: 4626
diff changeset
82 firing = "firing" == payload.attr.status,
adda872fa9e1 mod_pubsub_alertmanager: Include status booleans in template input
Kim Alvefur <zash@zash.se>
parents: 4626
diff changeset
83 resolved = "resolved" == payload.attr.status,
4619
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
84 annotations = {},
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
85 labels = {},
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
86 endsAt = payload:find("ends/@at"),
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
87 startsAt = payload:find("starts/@at"),
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
88 };
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
89 for label in payload:childtags("label") do
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
90 data.labels[tostring(label.attr.name)] = label:get_text();
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
91 end
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
92 for annotation in payload:childtags("annotation") do
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
93 data.annotations[tostring(annotation.attr.name)] = annotation:get_text();
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
94 end
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
95
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
96 return render(template, data);
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
97 end);
b11001bd915d mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents: 4618
diff changeset
98
1619
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
99 module:provides("http", {
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
100 route = {
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
101 ["POST /*"] = handle_POST;
4621
ebc2c099a11b mod_pubsub_alertmanager: Allow templating the pubsub node to publish to
Kim Alvefur <zash@zash.se>
parents: 4620
diff changeset
102 ["POST"] = handle_POST;
1619
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
103 };
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
104 });