Open yuvals41 opened 2 days ago
thanks for reporting it @yuvals41
We do have a guide for handing values using secrets. https://docs.robusta.dev/master/setup-robusta/configuration-secrets.html#pulling-values-from-kubernetes-secrets
Does this help?
but not when using the slack integration
sinksConfig:
- slack_sink:
name: main_slack_sink
slack_channel: events
api_key: *******
I don't see an option here to use a secret
https://docs.robusta.dev/master/configuration/sinks/slack.html
We need to improve the docs there.
You can use the same approach on the Sink
parameters.
First, specify the key is taken from an env variable:
sinksConfig:
- slack_sink:
name: main_slack_sink
slack_channel: events
api_key: "{{ env.SLACK_API_KEY }}"
Then, add this env variable from a secret:
runner:
additional_env_vars:
- name: SLACK_API_KEY
valueFrom:
secretKeyRef:
name: my-robusta-secrets
key: slack_api_key
Can you try this?
is the runner and the robusta the same?
thanks for the fast response
yeah, Robusta has 2 pods.
The runner
and forwarder
forwarder
is responsible for watching api server events, and the runner
for doing the enrichments and sending the notifications.
Happy to help
I'm always frustrated when I have to explicitly type the Slack token in the values.yaml file to integrate Slack with Robusta. This practice poses a security risk as it involves hardcoding sensitive information in a configuration file.
Describe the solution you'd like I would like to see an implementation where the Slack token is managed securely without hardcoding it in the values.yaml file. One possible approach could be to utilize Kubernetes secrets or external secrets to handle the Slack token. This would ensure that the sensitive information is stored securely and is not exposed in plain text within the configuration files.
Describe alternatives you've considered An alternative solution could be to provide a mechanism for users to pass the Slack token through environment variables or a dedicated secrets management tool integrated with Robusta.
Additional context Enhancing the security of handling the Slack token will not only mitigate potential security risks but also align with best practices for managing sensitive information. Below is a screenshot of the current configuration requirement:
[Include a screenshot if available]
Thank you for considering this feature request.