diff --git a/api/context/context.go b/api/context/context.go index 088bbb592..33b02b749 100644 --- a/api/context/context.go +++ b/api/context/context.go @@ -9,6 +9,7 @@ import ( v1 "github.com/flanksource/canary-checker/api/v1" "github.com/flanksource/commons/logger" + ctemplate "github.com/flanksource/commons/template" "github.com/flanksource/duty" "github.com/flanksource/duty/models" "github.com/flanksource/duty/types" @@ -55,12 +56,90 @@ func (ctx *Context) GetEnvValueFromCache(env types.EnvVar) (string, error) { return duty.GetEnvValueFromCache(ctx.Kubernetes, env, ctx.Namespace) } +func getDomain(username string) string { + parts := strings.Split(username, "@") + if len(parts) == 2 { + return parts[1] + } + return "" +} + +func (ctx *Context) GetConnection(conn v1.Connection) (*models.Connection, error) { + var _conn *models.Connection + var err error + + if _conn, err = ctx.HydrateConnectionByURL(conn.Connection); err != nil { + return nil, err + } + + if _conn == nil { + _conn = &models.Connection{ + URL: conn.URL, + } + } + + if conn.URL != "" { + // override the url specified at the connection level + _conn.URL = conn.URL + } + + if _conn.Username == "" || _conn.Password == "" { + // no username specified at connection level, use the one from inline connection + auth, err := ctx.GetAuthValues(conn.Authentication) + if err != nil { + return nil, err + } + _conn.Username = auth.Username.ValueStatic + _conn.Password = auth.Password.ValueStatic + } + + data := map[string]interface{}{ + "name": ctx.Canary.Name, + "namespace": ctx.Namespace, + "username": _conn.Username, + "password": _conn.Password, + "domain": getDomain(_conn.Username), + } + templater := ctemplate.StructTemplater{ + Values: data, + // access go values in template requires prefix everything with . + // to support $(username) instead of $(.username) we add a function for each var + ValueFunctions: true, + DelimSets: []ctemplate.Delims{ + {Left: "{{", Right: "}}"}, + {Left: "$(", Right: ")"}, + }, + RequiredTag: "template", + } + if err := templater.Walk(_conn); err != nil { + return nil, err + } + + return _conn, nil +} + +func (ctx Context) GetAuthValues(auth v1.Authentication) (v1.Authentication, error) { + // in case nil we are sending empty string values for username and password + if auth.IsEmpty() { + return auth, nil + } + var err error + + if auth.Username.ValueStatic, err = ctx.GetEnvValueFromCache(auth.Username); err != nil { + return auth, err + } + if auth.Password.ValueStatic, err = ctx.GetEnvValueFromCache(auth.Password); err != nil { + return auth, err + } + return auth, nil +} + func (ctx *Context) HydrateConnectionByURL(connectionName string) (*models.Connection, error) { - if !strings.HasPrefix(connectionName, "connection://") { + if connectionName == "" { return nil, nil } - if connectionName == "" { + if !strings.HasPrefix(connectionName, "connection://") { return nil, nil } diff --git a/api/v1/checks.go b/api/v1/checks.go index 83063bc1b..5df6ce171 100644 --- a/api/v1/checks.go +++ b/api/v1/checks.go @@ -53,9 +53,8 @@ func (c Check) GetLabels() map[string]string { type HTTPCheck struct { Description `yaml:",inline" json:",inline"` Templatable `yaml:",inline" json:",inline"` - // Name of the connection that'll be used to derive the endpoint. - ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"` - // HTTP endpoint to check. Mutually exclusive with Namespace + Connection `yaml:",inline" json:",inline"` + // Deprecated: Use url instead Endpoint string `yaml:"endpoint" json:"endpoint,omitempty" template:"true"` // Namespace to crawl for TLS endpoints. Mutually exclusive with Endpoint Namespace string `yaml:"namespace,omitempty" json:"namespace,omitempty" template:"true"` @@ -79,16 +78,10 @@ type HTTPCheck struct { Body string `yaml:"body,omitempty" json:"body,omitempty" template:"true"` // Header fields to be used in the query Headers []types.EnvVar `yaml:"headers,omitempty" json:"headers,omitempty"` - // Credentials for authentication headers - Authentication *Authentication `yaml:"authentication,omitempty" json:"authentication,omitempty"` //Template the request body TemplateBody bool `yaml:"templateBody,omitempty" json:"templateBody,omitempty"` } -func (c HTTPCheck) GetEndpoint() string { - return c.Endpoint -} - func (c HTTPCheck) GetType() string { return "http" } @@ -151,10 +144,10 @@ func (c S3Check) GetType() string { } type CloudWatchCheck struct { - Description `yaml:",inline" json:",inline"` - AWSConnection `yaml:",inline" json:",inline"` - Templatable `yaml:",inline" json:",inline"` - Filter CloudWatchFilter `yaml:"filter,omitempty" json:"filter,omitempty"` + Description `yaml:",inline" json:",inline"` + AWSConnection `yaml:",inline" json:",inline"` + Templatable `yaml:",inline" json:",inline"` + CloudWatchFilter `yaml:",inline" json:",inline"` } type CloudWatchFilter struct { @@ -166,11 +159,11 @@ type CloudWatchFilter struct { func (c CloudWatchCheck) GetEndpoint() string { endpoint := c.Region - if c.Filter.ActionPrefix != nil { - endpoint += "-" + *c.Filter.ActionPrefix + if c.CloudWatchFilter.ActionPrefix != nil { + endpoint += "-" + *c.CloudWatchFilter.ActionPrefix } - if c.Filter.AlarmPrefix != nil { - endpoint += "-" + *c.Filter.AlarmPrefix + if c.CloudWatchFilter.AlarmPrefix != nil { + endpoint += "-" + *c.CloudWatchFilter.AlarmPrefix } return endpoint } @@ -211,8 +204,6 @@ func (c ResticCheck) GetType() string { type JmeterCheck struct { Description `yaml:",inline" json:",inline"` - // Name of the connection that'll be used to derive host and other connection details. - ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"` // Jmx defines the ConfigMap or Secret reference to get the JMX test plan Jmx types.EnvVar `yaml:"jmx" json:"jmx"` // Host is the server against which test plan needs to be executed @@ -235,28 +226,6 @@ func (c JmeterCheck) GetType() string { return "jmeter" } -// HydrateConnection will attempt to populate the host and port from the connection name. -func (c *JmeterCheck) HydrateConnection(ctx checkContext) (bool, error) { - connection, err := ctx.HydrateConnectionByURL(c.ConnectionName) - if err != nil { - return false, err - } - - if connection == nil { - return false, nil - } - - c.Host = connection.URL - - if portRaw, ok := connection.Properties["port"]; ok { - if port, err := strconv.Atoi(portRaw); nil == err { - c.Port = int32(port) - } - } - - return true, nil -} - type DockerPullCheck struct { Description `yaml:",inline" json:",inline"` Image string `yaml:"image" json:"image"` @@ -320,12 +289,10 @@ func (c ContainerdPushCheck) GetType() string { type RedisCheck struct { Description `yaml:",inline" json:",inline"` - // ConnectionName is the name of the connection. - // It is used to populate addr, db and auth. - ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"` - Addr string `yaml:"addr" json:"addr" template:"true"` - Auth *Authentication `yaml:"auth,omitempty" json:"auth,omitempty"` - DB int `yaml:"db" json:"db"` + Connection `yaml:",inline" json:",inline"` + // Deprecated: Use url instead + Addr string `yaml:"addr,omitempty" json:"addr,omitempty" template:"true"` + DB *int `yaml:"db,omitempty" json:"db,omitempty"` } func (c RedisCheck) GetType() string { @@ -430,14 +397,12 @@ type Mongo struct { } type OpenSearchCheck struct { - Description `yaml:",inline" json:",inline"` - Templatable `yaml:",inline" json:",inline"` - ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"` - URL string `yaml:"url,omitempty" json:"url,omitempty"` - Auth Authentication `yaml:"auth" json:"auth"` - Query string `yaml:"query" json:"query"` - Index string `yaml:"index" json:"index"` - Results int64 `yaml:"results,omitempty" json:"results,omitempty"` + Description `yaml:",inline" json:",inline"` + Templatable `yaml:",inline" json:",inline"` + Connection `yaml:",inline" json:",inline"` + Query string `yaml:"query" json:"query"` + Index string `yaml:"index" json:"index"` + Results int64 `yaml:"results,omitempty" json:"results,omitempty"` } func (c OpenSearchCheck) GetType() string { @@ -448,34 +413,6 @@ func (c OpenSearchCheck) GetEndpoint() string { return c.URL } -func (c *OpenSearchCheck) HydrateConnection(ctx checkContext) error { - connection, err := ctx.HydrateConnectionByURL(c.ConnectionName) - if err != nil { - return err - } - - if connection != nil { - c.URL = connection.URL - c.Auth.Username.ValueStatic = connection.Username - c.Auth.Password.ValueStatic = connection.Password - return nil - } - - if val, err := ctx.GetEnvValueFromCache(c.Auth.Username); err != nil { - return fmt.Errorf("failed to get username from cache: %w", err) - } else { - c.Auth.Username.ValueStatic = val - } - - if val, err := ctx.GetEnvValueFromCache(c.Auth.Password); err != nil { - return fmt.Errorf("failed to get username from cache: %w", err) - } else { - c.Auth.Password.ValueStatic = val - } - - return nil -} - /* [include:datasources/elasticsearch_pass.yaml] */ @@ -485,59 +422,26 @@ type Elasticsearch struct { } type ElasticsearchCheck struct { - Description `yaml:",inline" json:",inline"` - Templatable `yaml:",inline" json:",inline"` - ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"` - URL string `yaml:"url" json:"url,omitempty" template:"true"` - Auth *Authentication `yaml:"auth,omitempty" json:"auth,omitempty"` - Query string `yaml:"query" json:"query,omitempty" template:"true"` - Index string `yaml:"index" json:"index,omitempty" template:"true"` - Results int `yaml:"results" json:"results,omitempty" template:"true"` + Description `yaml:",inline" json:",inline"` + Templatable `yaml:",inline" json:",inline"` + Connection `yaml:",inline" json:",inline"` + Query string `yaml:"query" json:"query,omitempty" template:"true"` + Index string `yaml:"index" json:"index,omitempty" template:"true"` + Results int `yaml:"results" json:"results,omitempty" template:"true"` } func (c ElasticsearchCheck) GetType() string { return "elasticsearch" } -func (c ElasticsearchCheck) GetEndpoint() string { - return c.URL -} - -func (c *ElasticsearchCheck) HydrateConnection(ctx checkContext) error { - connection, err := ctx.HydrateConnectionByURL(c.ConnectionName) - if err != nil { - return err - } - - if connection != nil { - c.URL = connection.URL - c.Auth.Username.ValueStatic = connection.Username - c.Auth.Password.ValueStatic = connection.Password - return nil - } - - if val, err := ctx.GetEnvValueFromCache(c.Auth.Username); err != nil { - return fmt.Errorf("failed to get username from cache: %w", err) - } else { - c.Auth.Username.ValueStatic = val - } - - if val, err := ctx.GetEnvValueFromCache(c.Auth.Password); err != nil { - return fmt.Errorf("failed to get password from cache: %w", err) - } else { - c.Auth.Password.ValueStatic = val - } - - return nil -} - type DynatraceCheck struct { - Description `yaml:",inline" json:",inline"` - Templatable `yaml:",inline" json:",inline"` - Host string `yaml:"host" json:"host,omitempty" template:"true"` - Scheme string `yaml:"scheme" json:"scheme,omitempty"` - APIKey types.EnvVar `yaml:"apiKey" json:"apiKey,omitempty"` - Namespace string `yaml:"namespace" json:"namespace,omitempty" template:"true"` + Description `yaml:",inline" json:",inline"` + Templatable `yaml:",inline" json:",inline"` + ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"` + Host string `yaml:"host" json:"host,omitempty" template:"true"` + Scheme string `yaml:"scheme" json:"scheme,omitempty"` + APIKey types.EnvVar `yaml:"apiKey" json:"apiKey,omitempty"` + Namespace string `yaml:"namespace" json:"namespace,omitempty" template:"true"` } func (t DynatraceCheck) GetType() string { @@ -557,24 +461,18 @@ type AlertManager struct { } type AlertManagerCheck struct { - Description `yaml:",inline" json:",inline"` - Templatable `yaml:",inline" json:",inline"` - ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"` - Host string `yaml:"host" json:"host,omitempty" template:"true"` - Auth *Authentication `yaml:"auth,omitempty" json:"auth,omitempty"` - Alerts []string `yaml:"alerts" json:"alerts,omitempty" template:"true"` - Filters map[string]string `yaml:"filters" json:"filters,omitempty" template:"true"` - Ignore []string `yaml:"ignore" json:"ignore,omitempty" template:"true"` + Description `yaml:",inline" json:",inline"` + Templatable `yaml:",inline" json:",inline"` + Connection `yaml:",inline" json:",inline"` + Alerts []string `yaml:"alerts" json:"alerts,omitempty" template:"true"` + Filters map[string]string `yaml:"filters" json:"filters,omitempty" template:"true"` + Ignore []string `yaml:"ignore" json:"ignore,omitempty" template:"true"` } func (c AlertManagerCheck) GetType() string { return "alertmanager" } -func (c AlertManagerCheck) GetEndpoint() string { - return c.Host -} - type PodCheck struct { Description `yaml:",inline" json:",inline"` Namespace string `yaml:"namespace" json:"namespace,omitempty" template:"true"` @@ -609,45 +507,17 @@ func (c PodCheck) GetType() string { } type LDAPCheck struct { - Description `yaml:",inline" json:",inline"` - ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"` - Host string `yaml:"host" json:"host" template:"true"` - Auth *Authentication `yaml:"auth" json:"auth"` - BindDN string `yaml:"bindDN" json:"bindDN"` - UserSearch string `yaml:"userSearch,omitempty" json:"userSearch,omitempty"` - SkipTLSVerify bool `yaml:"skipTLSVerify,omitempty" json:"skipTLSVerify,omitempty"` -} - -func (c LDAPCheck) GetEndpoint() string { - return c.Host + Description `yaml:",inline" json:",inline"` + Connection `yaml:",inline" json:",inline"` + BindDN string `yaml:"bindDN" json:"bindDN"` + UserSearch string `yaml:"userSearch,omitempty" json:"userSearch,omitempty"` + SkipTLSVerify bool `yaml:"skipTLSVerify,omitempty" json:"skipTLSVerify,omitempty"` } func (c LDAPCheck) GetType() string { return "ldap" } -func (c *LDAPCheck) HydrateConnection(ctx checkContext) (bool, error) { - connection, err := ctx.HydrateConnectionByURL(c.ConnectionName) - if err != nil { - return false, err - } - - if connection == nil { - return false, nil - } - - c.Host = connection.URL - c.Auth.Username.ValueStatic = connection.Username - c.Auth.Password.ValueStatic = connection.Password - - c.Auth = &Authentication{ - Username: types.EnvVar{ValueStatic: c.Auth.Username.ValueStatic}, - Password: types.EnvVar{ValueStatic: c.Auth.Password.ValueStatic}, - } - - return true, nil -} - type NamespaceCheck struct { Description `yaml:",inline" json:",inline"` NamespaceNamePrefix string `yaml:"namespaceNamePrefix,omitempty" json:"namespaceNamePrefix,omitempty"` @@ -768,16 +638,10 @@ type SMBConnection struct { // ConnectionName of the connection. It'll be used to populate the connection fields. ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"` //Port on which smb server is running. Defaults to 445 - Port int `yaml:"port,omitempty" json:"port,omitempty"` - Auth *Authentication `yaml:"auth" json:"auth"` + Port int `yaml:"port,omitempty" json:"port,omitempty"` + Authentication `yaml:",inline" json:",inline"` //Domain... Domain string `yaml:"domain,omitempty" json:"domain,omitempty"` - // Workstation... - Workstation string `yaml:"workstation,omitempty" json:"workstation,omitempty"` - //Sharename to mount from the samba server - Sharename string `yaml:"sharename,omitempty" json:"sharename,omitempty"` - //SearchPath sub-path inside the mount location - SearchPath string `yaml:"searchPath,omitempty" json:"searchPath,omitempty" ` } func (c SMBConnection) GetPort() int { @@ -797,27 +661,15 @@ func (c *SMBConnection) HydrateConnection(ctx checkContext) (found bool, err err return false, nil } - c.Auth = &Authentication{ + c.Authentication = Authentication{ Username: types.EnvVar{ValueStatic: connection.Username}, Password: types.EnvVar{ValueStatic: connection.Password}, } - if workstation, ok := connection.Properties["workstation"]; ok { - c.Workstation = workstation - } - if domain, ok := connection.Properties["domain"]; ok { c.Domain = domain } - if sharename, ok := connection.Properties["sharename"]; ok { - c.Sharename = sharename - } - - if searchPath, ok := connection.Properties["searchPath"]; ok { - c.SearchPath = searchPath - } - if portRaw, ok := connection.Properties["port"]; ok { if port, err := strconv.Atoi(portRaw); nil == err { c.Port = port @@ -831,9 +683,9 @@ type SFTPConnection struct { // ConnectionName of the connection. It'll be used to populate the connection fields. ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"` // Port for the SSH server. Defaults to 22 - Port int `yaml:"port,omitempty" json:"port,omitempty"` - Host string `yaml:"host" json:"host"` - Auth *Authentication `yaml:"auth" json:"auth"` + Port int `yaml:"port,omitempty" json:"port,omitempty"` + Host string `yaml:"host" json:"host"` + Authentication `yaml:",inline" json:",inline"` } func (c *SFTPConnection) HydrateConnection(ctx checkContext) (found bool, err error) { @@ -847,7 +699,7 @@ func (c *SFTPConnection) HydrateConnection(ctx checkContext) (found bool, err er } c.Host = connection.URL - c.Auth = &Authentication{ + c.Authentication = Authentication{ Username: types.EnvVar{ValueStatic: connection.Username}, Password: types.EnvVar{ValueStatic: connection.Password}, } @@ -876,11 +728,11 @@ type Prometheus struct { } type PrometheusCheck struct { - Description `yaml:",inline" json:",inline"` - Templatable `yaml:",inline" json:",inline"` - ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"` - // Address of the prometheus server - Host string `yaml:"host" json:"host" template:"true" ` + Description `yaml:",inline" json:",inline"` + Templatable `yaml:",inline" json:",inline"` + // Deprecated: use `url` instead + Host string `yaml:"host,omitempty" json:"host,omitempty"` + Connection `yaml:",inline" json:",inline"` // PromQL query Query string `yaml:"query" json:"query" template:"true"` } @@ -889,28 +741,9 @@ func (c PrometheusCheck) GetType() string { return "prometheus" } -func (c PrometheusCheck) GetEndpoint() string { - return fmt.Sprintf("%v/%v", c.Host, c.Description) -} - -func (c *PrometheusCheck) HydrateConnection(ctx checkContext) (bool, error) { - connection, err := ctx.HydrateConnectionByURL(c.ConnectionName) - if err != nil { - return false, err - } - - if connection == nil { - return false, nil - } - - c.Host = connection.URL - return true, nil -} - type MongoDBCheck struct { Description `yaml:",inline" json:",inline"` - // Monogodb connection string, e.g. mongodb://:27017/?authSource=admin, See https://docs.mongodb.com/manual/reference/connection-string/ - Connection `yaml:",inline" json:",inline"` + Connection `yaml:",inline" json:",inline"` } func (c MongoDBCheck) GetType() string { @@ -1004,7 +837,16 @@ func (t *AWSConnection) Populate(ctx checkContext, k8s kubernetes.Interface, nam t.AccessKey.ValueStatic = connection.Username t.SecretKey.ValueStatic = connection.Password - t.Endpoint = connection.URL + if t.Endpoint == "" { + t.Endpoint = connection.URL + } + + t.SkipTLSVerify = connection.InsecureTLS + if t.Region == "" { + if region, ok := connection.Properties["region"]; ok { + t.Region = region + } + } } if accessKey, err := duty.GetEnvValueFromCache(k8s, t.AccessKey, namespace); err != nil { @@ -1100,7 +942,7 @@ type AwsConfigCheck struct { Description `yaml:",inline" json:",inline"` Templatable `yaml:",inline" json:",inline"` Query string `yaml:"query" json:"query"` - *AWSConnection `yaml:"awsConnection,omitempty" json:"awsConnection,omitempty"` + *AWSConnection `yaml:",inline" json:",inline"` AggregatorName *string `yaml:"aggregatorName,omitempty" json:"aggregatorName,omitempty"` } @@ -1121,7 +963,7 @@ type AwsConfigRuleCheck struct { Rules []string `yaml:"rules,omitempty" json:"rules,omitempty"` // Filters the results by compliance. The allowed values are INSUFFICIENT_DATA, NON_COMPLIANT, NOT_APPLICABLE, COMPLIANT ComplianceTypes []string `yaml:"complianceTypes,omitempty" json:"complianceTypes,omitempty"` - *AWSConnection `yaml:"awsConnection,omitempty" json:"awsConnection,omitempty"` + *AWSConnection `yaml:",inline" json:",inline"` } func (c AwsConfigRuleCheck) GetType() string { diff --git a/api/v1/common.go b/api/v1/common.go index 82e303b36..f37f15876 100644 --- a/api/v1/common.go +++ b/api/v1/common.go @@ -169,8 +169,8 @@ type JSONCheck struct { } type Authentication struct { - Username types.EnvVar `yaml:"username" json:"username"` - Password types.EnvVar `yaml:"password" json:"password"` + Username types.EnvVar `yaml:"username,omitempty" json:"username,omitempty"` + Password types.EnvVar `yaml:"password,omitempty" json:"password,omitempty"` } func (auth Authentication) IsEmpty() bool { @@ -306,21 +306,15 @@ func (d Description) GetLabels() map[string]string { } type Connection struct { - Connection string `yaml:"connection" json:"connection" template:"true"` - Authentication Authentication `yaml:"auth,omitempty" json:"auth,omitempty"` -} - -// +k8s:deepcopy-gen=false -type Connectable interface { - GetConnection() string -} - -func (c Connection) GetConnection() string { - return c.Connection + // Connection name e.g. connection://http/google + Connection string `yaml:"connection,omitempty" json:"connection,omitempty"` + // Connection url, interpolated with username,password + URL string `yaml:"url,omitempty" json:"url,omitempty" template:"true"` + Authentication `yaml:",inline" json:",inline"` } func (c Connection) GetEndpoint() string { - return sanitizeEndpoints(c.Connection) + return sanitizeEndpoints(c.URL) } // Obfuscate passwords of the form ' password=xxxxx ' from connectionString since diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go index 92c41197d..ced6151af 100644 --- a/api/v1/zz_generated.deepcopy.go +++ b/api/v1/zz_generated.deepcopy.go @@ -66,11 +66,7 @@ func (in *AlertManagerCheck) DeepCopyInto(out *AlertManagerCheck) { *out = *in in.Description.DeepCopyInto(&out.Description) out.Templatable = in.Templatable - if in.Auth != nil { - in, out := &in.Auth, &out.Auth - *out = new(Authentication) - (*in).DeepCopyInto(*out) - } + in.Connection.DeepCopyInto(&out.Connection) if in.Alerts != nil { in, out := &in.Alerts, &out.Alerts *out = make([]string, len(*in)) @@ -745,7 +741,7 @@ func (in *CloudWatchCheck) DeepCopyInto(out *CloudWatchCheck) { in.Description.DeepCopyInto(&out.Description) in.AWSConnection.DeepCopyInto(&out.AWSConnection) out.Templatable = in.Templatable - in.Filter.DeepCopyInto(&out.Filter) + in.CloudWatchFilter.DeepCopyInto(&out.CloudWatchFilter) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudWatchCheck. @@ -1528,11 +1524,7 @@ func (in *ElasticsearchCheck) DeepCopyInto(out *ElasticsearchCheck) { *out = *in in.Description.DeepCopyInto(&out.Description) out.Templatable = in.Templatable - if in.Auth != nil { - in, out := &in.Auth, &out.Auth - *out = new(Authentication) - (*in).DeepCopyInto(*out) - } + in.Connection.DeepCopyInto(&out.Connection) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ElasticsearchCheck. @@ -1826,6 +1818,7 @@ func (in *HTTPCheck) DeepCopyInto(out *HTTPCheck) { *out = *in in.Description.DeepCopyInto(&out.Description) out.Templatable = in.Templatable + in.Connection.DeepCopyInto(&out.Connection) if in.ResponseCodes != nil { in, out := &in.ResponseCodes, &out.ResponseCodes *out = make([]int, len(*in)) @@ -1843,11 +1836,6 @@ func (in *HTTPCheck) DeepCopyInto(out *HTTPCheck) { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.Authentication != nil { - in, out := &in.Authentication, &out.Authentication - *out = new(Authentication) - (*in).DeepCopyInto(*out) - } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPCheck. @@ -2090,11 +2078,7 @@ func (in *LDAP) DeepCopy() *LDAP { func (in *LDAPCheck) DeepCopyInto(out *LDAPCheck) { *out = *in in.Description.DeepCopyInto(&out.Description) - if in.Auth != nil { - in, out := &in.Auth, &out.Auth - *out = new(Authentication) - (*in).DeepCopyInto(*out) - } + in.Connection.DeepCopyInto(&out.Connection) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPCheck. @@ -2297,7 +2281,7 @@ func (in *OpenSearchCheck) DeepCopyInto(out *OpenSearchCheck) { *out = *in in.Description.DeepCopyInto(&out.Description) out.Templatable = in.Templatable - in.Auth.DeepCopyInto(&out.Auth) + in.Connection.DeepCopyInto(&out.Connection) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenSearchCheck. @@ -2400,6 +2384,7 @@ func (in *PrometheusCheck) DeepCopyInto(out *PrometheusCheck) { *out = *in in.Description.DeepCopyInto(&out.Description) out.Templatable = in.Templatable + in.Connection.DeepCopyInto(&out.Connection) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusCheck. @@ -2493,10 +2478,11 @@ func (in *Redis) DeepCopy() *Redis { func (in *RedisCheck) DeepCopyInto(out *RedisCheck) { *out = *in in.Description.DeepCopyInto(&out.Description) - if in.Auth != nil { - in, out := &in.Auth, &out.Auth - *out = new(Authentication) - (*in).DeepCopyInto(*out) + in.Connection.DeepCopyInto(&out.Connection) + if in.DB != nil { + in, out := &in.DB, &out.DB + *out = new(int) + **out = **in } } @@ -2642,11 +2628,7 @@ func (in *S3Check) DeepCopy() *S3Check { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SFTPConnection) DeepCopyInto(out *SFTPConnection) { *out = *in - if in.Auth != nil { - in, out := &in.Auth, &out.Auth - *out = new(Authentication) - (*in).DeepCopyInto(*out) - } + in.Authentication.DeepCopyInto(&out.Authentication) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SFTPConnection. @@ -2662,11 +2644,7 @@ func (in *SFTPConnection) DeepCopy() *SFTPConnection { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SMBConnection) DeepCopyInto(out *SMBConnection) { *out = *in - if in.Auth != nil { - in, out := &in.Auth, &out.Auth - *out = new(Authentication) - (*in).DeepCopyInto(*out) - } + in.Authentication.DeepCopyInto(&out.Authentication) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SMBConnection. diff --git a/checks/alertmanager.go b/checks/alertmanager.go index 6ea68c9a3..533aec8b5 100644 --- a/checks/alertmanager.go +++ b/checks/alertmanager.go @@ -33,14 +33,13 @@ func (c *AlertManagerChecker) Check(ctx *context.Context, extConfig external.Che result := pkg.Success(check, ctx.Canary) results = append(results, result) - if connection, err := ctx.HydrateConnectionByURL(check.ConnectionName); err != nil { - return results.Failf("failed to find connection from %q: %v", check.ConnectionName, err) - } else if connection != nil { - check.Host = connection.URL + connection, err := ctx.GetConnection(check.Connection) + if err != nil { + return results.Failf("error getting connection: %v", err) } client := alertmanagerClient.NewHTTPClientWithConfig(nil, &alertmanagerClient.TransportConfig{ - Host: check.GetEndpoint(), + Host: connection.URL, Schemes: []string{"http", "https"}, BasePath: alertmanagerClient.DefaultBasePath, }) diff --git a/checks/cloudwatch.go b/checks/cloudwatch.go index 2b4a85d45..aeb745aae 100644 --- a/checks/cloudwatch.go +++ b/checks/cloudwatch.go @@ -49,10 +49,10 @@ func (c *CloudWatchChecker) Check(ctx *context.Context, extConfig external.Check client := cloudwatch.NewFromConfig(*cfg) maxRecords := int32(100) alarms, err := client.DescribeAlarms(ctx, &cloudwatch.DescribeAlarmsInput{ - AlarmNames: check.Filter.Alarms, - AlarmNamePrefix: check.Filter.AlarmPrefix, - ActionPrefix: check.Filter.ActionPrefix, - StateValue: types.StateValue(check.Filter.State), + AlarmNames: check.CloudWatchFilter.Alarms, + AlarmNamePrefix: check.CloudWatchFilter.AlarmPrefix, + ActionPrefix: check.CloudWatchFilter.ActionPrefix, + StateValue: types.StateValue(check.CloudWatchFilter.State), MaxRecords: &maxRecords, }) if err != nil { diff --git a/checks/common.go b/checks/common.go index c45e3df8e..4d4708bcf 100644 --- a/checks/common.go +++ b/checks/common.go @@ -12,66 +12,9 @@ import ( "github.com/flanksource/canary-checker/pkg" "github.com/flanksource/canary-checker/pkg/utils" "github.com/flanksource/canary-checker/templating" - ctemplate "github.com/flanksource/commons/template" "github.com/robfig/cron/v3" ) -func GetConnection(ctx *context.Context, conn *v1.Connection, namespace string) (string, error) { - // TODO: this function should not be necessary, each check should be templated out individual - // however, the walk method only support high level values, not values from siblings. - - if conn.Authentication.IsEmpty() { - return conn.Connection, nil - } - - auth, err := GetAuthValues(ctx, &conn.Authentication) - if err != nil { - return "", err - } - - clone := conn.DeepCopy() - - data := map[string]interface{}{ - "name": ctx.Canary.Name, - "namespace": namespace, - "username": auth.GetUsername(), - "password": auth.GetPassword(), - "domain": auth.GetDomain(), - } - templater := ctemplate.StructTemplater{ - Values: data, - // access go values in template requires prefix everything with . - // to support $(username) instead of $(.username) we add a function for each var - ValueFunctions: true, - DelimSets: []ctemplate.Delims{ - {Left: "{{", Right: "}}"}, - {Left: "$(", Right: ")"}, - }, - RequiredTag: "template", - } - if err := templater.Walk(clone); err != nil { - return "", err - } - - return clone.Connection, nil -} - -func GetAuthValues(ctx *context.Context, auth *v1.Authentication) (*v1.Authentication, error) { - // in case nil we are sending empty string values for username and password - if auth == nil { - return auth, nil - } - var err error - - if auth.Username.ValueStatic, err = ctx.GetEnvValueFromCache(auth.Username); err != nil { - return nil, err - } - if auth.Password.ValueStatic, err = ctx.GetEnvValueFromCache(auth.Password); err != nil { - return nil, err - } - return auth, nil -} - func age(t time.Time) string { return utils.Age(time.Since(t)) } diff --git a/checks/elasticsearch.go b/checks/elasticsearch.go index 688ebe411..c51840952 100644 --- a/checks/elasticsearch.go +++ b/checks/elasticsearch.go @@ -34,14 +34,15 @@ func (c *ElasticsearchChecker) Check(ctx *context.Context, extConfig external.Ch var results pkg.Results results = append(results, result) - if err := check.HydrateConnection(ctx); err != nil { - return results.Failf("Failed to find connection for elastic search: %v", err) + connection, err := ctx.GetConnection(check.Connection) + if err != nil { + return results.Failf("error getting connection: %v", err) } cfg := elasticsearch.Config{ - Addresses: []string{check.GetEndpoint()}, - Username: check.Auth.GetUsername(), - Password: check.Auth.GetPassword(), + Addresses: []string{connection.URL}, + Username: connection.Username, + Password: connection.Password, } es, err := elasticsearch.NewClient(cfg) @@ -67,7 +68,7 @@ func (c *ElasticsearchChecker) Check(ctx *context.Context, extConfig external.Ch fmt.Errorf("Error parsing the response body: %s", err), ) } else { - return results.ErrorMessage(fmt.Errorf("Error from elasticsearch.[%s]: %v, %v", + return results.ErrorMessage(fmt.Errorf("Error from elasticsearch [%s]: %v, %v", res.Status(), e["error"].(map[string]interface{})["type"], e["error"].(map[string]interface{})["reason"], diff --git a/checks/folder_sftp.go b/checks/folder_sftp.go index 77bdaf8fa..22df10b29 100644 --- a/checks/folder_sftp.go +++ b/checks/folder_sftp.go @@ -20,9 +20,9 @@ func CheckSFTP(ctx *context.Context, check v1.FolderCheck) pkg.Results { return results.Failf("failed to populate SFTP connection: %v", err) } - auth := check.SFTPConnection.Auth + auth := check.SFTPConnection.Authentication if !foundConn { - auth, err = GetAuthValues(ctx, check.SFTPConnection.Auth) + auth, err = ctx.GetAuthValues(check.SFTPConnection.Authentication) if err != nil { return results.ErrorMessage(err) } diff --git a/checks/folder_smb.go b/checks/folder_smb.go index c7d873698..92c23ebca 100644 --- a/checks/folder_smb.go +++ b/checks/folder_smb.go @@ -30,7 +30,7 @@ func (s *SMBSession) Close() error { return nil } -func smbConnect(server string, port int, share string, auth *v1.Authentication) (Filesystem, uint64, uint64, uint64, error) { +func smbConnect(server string, port int, share string, auth v1.Authentication) (Filesystem, uint64, uint64, uint64, error) { var err error var smb *SMBSession server = server + ":" + fmt.Sprintf("%d", port) @@ -83,9 +83,9 @@ func CheckSmb(ctx *context.Context, check v1.FolderCheck) pkg.Results { return results.Failf("failed to populate SMB connection: %v", err) } - auth := check.SMBConnection.Auth + auth := check.SMBConnection.Authentication if !foundConn { - auth, err = GetAuthValues(ctx, check.SMBConnection.Auth) + auth, err = ctx.GetAuthValues(check.SMBConnection.Authentication) if err != nil { return results.ErrorMessage(err) } diff --git a/checks/http.go b/checks/http.go index 23590f5b6..15a5251b6 100644 --- a/checks/http.go +++ b/checks/http.go @@ -8,6 +8,7 @@ import ( "github.com/flanksource/canary-checker/api/context" "github.com/flanksource/commons/text" + "github.com/flanksource/duty/models" "github.com/pkg/errors" "github.com/flanksource/canary-checker/api/external" @@ -60,7 +61,7 @@ func (c *HTTPChecker) Run(ctx *context.Context) pkg.Results { return results } -func (c *HTTPChecker) configure(req *http.HTTPRequest, ctx *context.Context, check v1.HTTPCheck) error { +func (c *HTTPChecker) configure(req *http.HTTPRequest, ctx *context.Context, check v1.HTTPCheck, connection *models.Connection) error { for _, header := range check.Headers { value, err := ctx.GetEnvValueFromCache(header) if err != nil { @@ -69,12 +70,8 @@ func (c *HTTPChecker) configure(req *http.HTTPRequest, ctx *context.Context, che req.Header(header.Name, value) } - auth, err := GetAuthValues(ctx, check.Authentication) - if err != nil { - return err - } - if auth != nil { - req.Auth(auth.Username.ValueStatic, auth.Password.ValueStatic) + if connection.Username != "" || connection.Password != "" { + req.Auth(connection.Username, connection.Password) } req.NTLM(check.NTLM) @@ -103,17 +100,35 @@ func (c *HTTPChecker) Check(ctx *context.Context, extConfig external.Check) pkg. result := pkg.Success(check, ctx.Canary) results = append(results, result) - if connection, err := ctx.HydrateConnectionByURL(check.ConnectionName); err != nil { - return results.Failf("failed to find HTTP connection %q: %v", check.ConnectionName, err) - } else if connection != nil { - check.Endpoint = connection.URL + //nolint:staticcheck + if check.Endpoint != "" && check.URL != "" { + return results.Failf("cannot specify both endpoint and url") } - if _, err := url.Parse(check.Endpoint); err != nil { - return results.ErrorMessage(err) + //nolint:staticcheck + if check.Endpoint != "" && check.URL == "" { + check.URL = check.Endpoint + } + + connection, err := ctx.GetConnection(check.Connection) + if err != nil { + return results.Failf("error getting connection %v", err) + } + + if connection.URL == "" { + return results.Failf("no url or connection specified") + } + + if ntlm, ok := connection.Properties["ntlm"]; ok { + check.NTLM = ntlm == "true" + } else if ntlm, ok := connection.Properties["ntlmv2"]; ok { + check.NTLMv2 = ntlm == "true" + } + + if _, err := url.Parse(connection.URL); err != nil { + return results.Failf("failed to parse url: %v", err) } - endpoint := check.Endpoint body := check.Body if check.TemplateBody { body, err = text.Template(body, ctx.Canary) @@ -122,9 +137,9 @@ func (c *HTTPChecker) Check(ctx *context.Context, extConfig external.Check) pkg. } } - req := http.NewRequest(check.Endpoint).Method(check.GetMethod()) + req := http.NewRequest(connection.URL).Method(check.GetMethod()) - if err := c.configure(req, ctx, check); err != nil { + if err := c.configure(req, ctx, check, connection); err != nil { return results.ErrorMessage(err) } @@ -137,15 +152,15 @@ func (c *HTTPChecker) Check(ctx *context.Context, extConfig external.Check) pkg. Name: "response_code", Type: metrics.CounterType, Labels: map[string]string{ - "code": strconv.Itoa(status), - "endpoint": endpoint, + "code": strconv.Itoa(status), + "url": check.URL, }, }) result.Duration = elapsed.Milliseconds() - responseStatus.WithLabelValues(strconv.Itoa(status), statusCodeToClass(status), endpoint).Inc() + responseStatus.WithLabelValues(strconv.Itoa(status), statusCodeToClass(status), check.URL).Inc() age := resp.GetSSLAge() if age != nil { - sslExpiration.WithLabelValues(endpoint).Set(age.Hours() * 24) + sslExpiration.WithLabelValues(check.URL).Set(age.Hours() * 24) } body, _ = resp.AsString() diff --git a/checks/jmeter.go b/checks/jmeter.go index fdd87bb57..44b4c8531 100644 --- a/checks/jmeter.go +++ b/checks/jmeter.go @@ -55,10 +55,6 @@ func (c *JmeterChecker) Check(ctx *context.Context, extConfig external.Check) pk return results.Failf("unable to write test plan file") } - if _, err := check.HydrateConnection(ctx); err != nil { - return results.Failf("unable to populate JMeter connection: %v", err) - } - var host string var port string if check.Host != "" { diff --git a/checks/ldap.go b/checks/ldap.go index 125e89399..50cdae424 100644 --- a/checks/ldap.go +++ b/checks/ldap.go @@ -38,22 +38,22 @@ func (c *LdapChecker) Check(ctx *context.Context, extConfig external.Check) pkg. var err error results = append(results, result) - if ok, err := check.HydrateConnection(ctx); err != nil { - return results.Failf("failed to hydrate connection: %v", err) - } else if !ok { - check.Auth, err = GetAuthValues(ctx, check.Auth) - if err != nil { - return results.Failf("failed to fetch auth details: %v", err) - } + connection, err := ctx.GetConnection(check.Connection) + if err != nil { + return results.Failf("failed to get connection: %v", err) + } + + if connection.URL == "" { + return results.Failf("Must specify a connection or URL") } - ld, err := ldap.DialURL(check.Host, ldap.DialWithTLSConfig(&tls.Config{InsecureSkipVerify: check.SkipTLSVerify})) + ld, err := ldap.DialURL(connection.URL, ldap.DialWithTLSConfig(&tls.Config{InsecureSkipVerify: check.SkipTLSVerify})) if err != nil { return results.Failf("Failed to connect %v", err) } - if err := ld.Bind(check.Auth.Username.ValueStatic, check.Auth.Password.ValueStatic); err != nil { - return results.Failf("Failed to bind using %s %v", check.Auth.Username.ValueStatic, err) + if err := ld.Bind(connection.Username, connection.Password); err != nil { + return results.Failf("Failed to bind using %s %v", connection.Username, err) } req := &ldap.SearchRequest{ @@ -63,7 +63,7 @@ func (c *LdapChecker) Check(ctx *context.Context, extConfig external.Check) pkg. } res, err := ld.Search(req) if err != nil { - return results.Failf("Failed to search host %v error: %v", check.Host, err) + return results.Failf("Failed to search host %v error: %v", connection.URL, err) } if len(res.Entries) == 0 { diff --git a/checks/mongodb.go b/checks/mongodb.go index 8c20ad68c..9ef51e17c 100644 --- a/checks/mongodb.go +++ b/checks/mongodb.go @@ -36,20 +36,13 @@ func (c *MongoDBChecker) Check(ctx *context.Context, extConfig external.Check) p results = append(results, result) var err error - var dbConnectionString string - if connection, err := ctx.HydrateConnectionByURL(check.Connection.Connection); err != nil { + connection, err := ctx.GetConnection(check.Connection) + if err != nil { return results.Failf("error getting connection: %v", err) - } else if connection != nil { - dbConnectionString = connection.URL - } else { - dbConnectionString, err = GetConnection(ctx, &check.Connection, ctx.Namespace) - if err != nil { - return results.ErrorMessage(err) - } } opts := options.Client(). - ApplyURI(dbConnectionString). + ApplyURI(connection.URL). SetConnectTimeout(3 * time.Second). SetSocketTimeout(3 * time.Second) diff --git a/checks/opensearch.go b/checks/opensearch.go index 0d4b56cdf..b3994c119 100644 --- a/checks/opensearch.go +++ b/checks/opensearch.go @@ -31,14 +31,19 @@ func (t *OpenSearchChecker) check(ctx *context.Context, check v1.OpenSearchCheck var results pkg.Results results = append(results, result) - if err := check.HydrateConnection(ctx); err != nil { - return results.Failf("error hydrating connection: %v", err) + connection, err := ctx.GetConnection(check.Connection) + if err != nil { + return results.Failf("error getting connection: %v", err) + } + + if connection.URL == "" { + return results.Failf("Must specify a URL") } cfg := opensearch.Config{ - Username: check.Auth.Username.ValueStatic, - Password: check.Auth.Password.ValueStatic, - Addresses: []string{check.GetEndpoint()}, + Username: connection.Username, + Password: connection.Password, + Addresses: []string{connection.URL}, } osClient, err := opensearch.NewClient(cfg) diff --git a/checks/prometheus.go b/checks/prometheus.go index b96930014..b14dde923 100644 --- a/checks/prometheus.go +++ b/checks/prometheus.go @@ -33,15 +33,21 @@ func (c *PrometheusChecker) Check(ctx *context.Context, extConfig external.Check var results pkg.Results results = append(results, result) - if _, err := check.HydrateConnection(ctx); err != nil { - return results.Failf("error hydrating connection: %v", err) + //nolint:staticcheck + if check.Host != "" && check.URL == "" { + check.URL = check.Host } - if check.Host == "" { - return results.Failf("Must specify a prometheus host") + connection, err := ctx.GetConnection(check.Connection) + if err != nil { + return results.Failf("error getting connection: %v", err) + } + + if connection.URL == "" { + return results.Failf("Must specify a URL") } - promClient, err := prometheus.NewPrometheusAPI(check.Host) + promClient, err := prometheus.NewPrometheusAPI(connection.URL) if err != nil { return results.ErrorMessage(err) } diff --git a/checks/redis.go b/checks/redis.go index b1b16d369..95f2fba3d 100644 --- a/checks/redis.go +++ b/checks/redis.go @@ -40,36 +40,28 @@ func (c *RedisChecker) Check(ctx *context.Context, extConfig external.Check) pkg results = append(results, result) var redisOpts *redis.Options - if check.ConnectionName != "" { - connection, err := ctx.HydrateConnectionByURL(check.ConnectionName) - if err != nil { - return results.Failf("failed to fetch connection %q: %v", check.ConnectionName, err) - } - redisOpts = &redis.Options{ - Addr: connection.URL, - Username: connection.Username, - Password: connection.Password, - } + //nolint:staticcheck + if check.Addr != "" && check.URL == "" { + check.URL = check.Addr + } - if db, ok := connection.Properties["db"]; ok { - if dbInt, err := strconv.Atoi(db); nil == err { - redisOpts.DB = dbInt - } - } - } else { - auth, err := GetAuthValues(ctx, check.Auth) - if err != nil { - return results.Failf("failed to fetch auth details: %v", err) - } + connection, err := ctx.GetConnection(check.Connection) + if err != nil { + return results.Failf("error getting connection: %v", err) + } - redisOpts = &redis.Options{ - Addr: check.Addr, - DB: check.DB, - } - if auth != nil { - redisOpts.Username = auth.GetUsername() - redisOpts.Password = auth.GetPassword() + redisOpts = &redis.Options{ + Addr: connection.URL, + Username: connection.Username, + Password: connection.Password, + } + + if check.DB != nil { + redisOpts.DB = *check.DB + } else if db, ok := connection.Properties["db"]; ok { + if dbInt, err := strconv.Atoi(db); nil == err { + redisOpts.DB = dbInt } } diff --git a/checks/restic.go b/checks/restic.go index fe4d77984..d7fd2883a 100644 --- a/checks/restic.go +++ b/checks/restic.go @@ -75,7 +75,7 @@ func (c *ResticChecker) Check(ctx *context.Context, extConfig external.Check) pk } if check.AWSConnectionName != "" { - connection, err := ctx.HydrateConnectionByURL(check.ConnectionName) + connection, err := ctx.HydrateConnectionByURL(check.AWSConnectionName) if err != nil { return results.Failf("error getting aws connection: %v", err) } diff --git a/checks/runchecks.go b/checks/runchecks.go index d5146979c..1e2280c3b 100644 --- a/checks/runchecks.go +++ b/checks/runchecks.go @@ -115,7 +115,7 @@ func processTemplates(ctx *context.Context, r *pkg.CheckResult) *pkg.CheckResult if message != "false" { r.Failf("expecting either 'true' or 'false' but got '%v'", message) } else { - r.Failf("Test expression failed. Expecting true from: %v", tpl.Expression) + r.Failf("") } } } diff --git a/checks/sql.go b/checks/sql.go index 3dc0a3412..9ae59b73f 100644 --- a/checks/sql.go +++ b/checks/sql.go @@ -3,6 +3,7 @@ package checks import ( "database/sql" "fmt" + "strings" "github.com/flanksource/canary-checker/api/context" "github.com/flanksource/canary-checker/api/external" @@ -84,23 +85,17 @@ func CheckSQL(ctx *context.Context, checker SQLChecker) pkg.Results { // nolint: var results pkg.Results results = append(results, result) - var dbConnectionString string - if connection, err := ctx.HydrateConnectionByURL(check.Connection.Connection); err != nil { - return results.Failf("error getting connection: %v", err) - } else if connection != nil { - dbConnectionString = connection.URL - } else { - dbConnectionString, err = GetConnection(ctx, &check.Connection, ctx.Namespace) - if err != nil { - return results.ErrorMessage(err) - } + if check.Connection.Connection != "" && !strings.HasPrefix(check.Connection.Connection, "connection://") { + check.URL = check.Connection.Connection + check.Connection.Connection = "" } - if ctx.IsTrace() { - ctx.Tracef("connecting to %s", dbConnectionString) + connection, err := ctx.GetConnection(check.Connection) + if err != nil { + return results.Failf("error getting connection: %v", err) } - details, err := querySQL(checker.GetDriver(), dbConnectionString, check.GetQuery()) + details, err := querySQL(checker.GetDriver(), connection.URL, check.GetQuery()) if err != nil { return results.ErrorMessage(err) } diff --git a/config/deploy/crd.yaml b/config/deploy/crd.yaml index 3c97dc1ba..d1298ca64 100644 --- a/config/deploy/crd.yaml +++ b/config/deploy/crd.yaml @@ -64,69 +64,8 @@ spec: items: type: string type: array - auth: - properties: - password: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - required: - - password - - username - type: object connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -146,8 +85,6 @@ spec: additionalProperties: type: string type: object - host: - type: string icon: description: Icon for overwriting default icon on the dashboard type: string @@ -163,6 +100,34 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object test: properties: expr: @@ -185,6 +150,37 @@ spec: template: type: string type: object + url: + description: Connection url, interpolated with username,password + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object required: - name type: object @@ -192,83 +188,39 @@ spec: awsConfig: items: properties: - aggregatorName: - type: string - awsConnection: + accessKey: properties: - accessKey: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - connection: - description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey. - type: string - endpoint: - type: string - objectPath: - description: glob path to restrict matches to a subset + name: type: string - region: + value: type: string - secretKey: + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key type: object type: object - skipTLSVerify: - description: Skip TLS verify when connecting to aws - type: boolean - usePathStyle: - description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY' - type: boolean type: object + aggregatorName: + type: string + connection: + description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey. + type: string description: description: Description for the check type: string @@ -283,6 +235,8 @@ spec: template: type: string type: object + endpoint: + type: string icon: description: Icon for overwriting default icon on the dashboard type: string @@ -294,8 +248,44 @@ spec: name: description: Name of the check type: string + objectPath: + description: glob path to restrict matches to a subset + type: string query: type: string + region: + type: string + secretKey: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object + skipTLSVerify: + description: Skip TLS verify when connecting to aws + type: boolean test: properties: expr: @@ -318,6 +308,9 @@ spec: template: type: string type: object + usePathStyle: + description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY' + type: boolean required: - name - query @@ -326,86 +319,42 @@ spec: awsConfigRule: items: properties: - awsConnection: + accessKey: properties: - accessKey: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - connection: - description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey. - type: string - endpoint: - type: string - objectPath: - description: glob path to restrict matches to a subset + name: type: string - region: + value: type: string - secretKey: + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key type: object type: object - skipTLSVerify: - description: Skip TLS verify when connecting to aws - type: boolean - usePathStyle: - description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY' - type: boolean type: object complianceTypes: description: Filters the results by compliance. The allowed values are INSUFFICIENT_DATA, NON_COMPLIANT, NOT_APPLICABLE, COMPLIANT items: type: string type: array + connection: + description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey. + type: string description: description: Description for the check type: string @@ -420,6 +369,8 @@ spec: template: type: string type: object + endpoint: + type: string icon: description: Icon for overwriting default icon on the dashboard type: string @@ -436,11 +387,47 @@ spec: name: description: Name of the check type: string + objectPath: + description: glob path to restrict matches to a subset + type: string + region: + type: string rules: description: Specify one or more Config rule names to filter the results by rule. items: type: string type: array + secretKey: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object + skipTLSVerify: + description: Skip TLS verify when connecting to aws + type: boolean test: properties: expr: @@ -463,6 +450,9 @@ spec: template: type: string type: object + usePathStyle: + description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY' + type: boolean required: - name type: object @@ -606,6 +596,14 @@ spec: type: object type: object type: object + actionPrefix: + type: string + alarmPrefix: + type: string + alarms: + items: + type: string + type: array connection: description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey. type: string @@ -625,19 +623,6 @@ spec: type: object endpoint: type: string - filter: - properties: - actionPrefix: - type: string - alarmPrefix: - type: string - alarms: - items: - type: string - type: array - state: - type: string - type: object icon: description: Icon for overwriting default icon on the dashboard type: string @@ -685,6 +670,8 @@ spec: skipTLSVerify: description: Skip TLS verify when connecting to aws type: boolean + state: + type: string test: properties: expr: @@ -832,9 +819,6 @@ spec: type: object type: object type: object - required: - - password - - username type: object description: description: Description for the check @@ -1092,9 +1076,6 @@ spec: type: object type: object type: object - required: - - password - - username type: object description: description: Description for the check @@ -1183,9 +1164,6 @@ spec: type: object type: object type: object - required: - - password - - username type: object description: description: Description for the check @@ -1239,6 +1217,8 @@ spec: type: object type: object type: object + connection: + type: string description: description: Description for the check type: string @@ -1414,69 +1394,8 @@ spec: elasticsearch: items: properties: - auth: - properties: - password: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - required: - - password - - username - type: object connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -1505,6 +1424,34 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object query: type: string results: @@ -1532,29 +1479,58 @@ spec: type: string type: object url: + description: Connection url, interpolated with username,password type: string - required: - - name - type: object - type: array - env: - additionalProperties: - description: VarSource represents a source for a value - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. + username: properties: - key: - description: The key to select. - type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - required: - - key + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object + required: + - name + type: object + type: array + env: + additionalProperties: + description: VarSource represents a source for a value + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key must be defined + type: boolean + required: + - key type: object x-kubernetes-map-type: atomic fieldRef: @@ -1826,186 +1802,162 @@ spec: type: string sftpConnection: properties: - auth: + connection: + description: ConnectionName of the connection. It'll be used to populate the connection fields. + type: string + host: + type: string + password: properties: - password: + name: + type: string + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: + secretKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key type: object type: object - required: - - password - - username type: object - connection: - description: ConnectionName of the connection. It'll be used to populate the connection fields. - type: string - host: - type: string port: description: Port for the SSH server. Defaults to 22 type: integer - required: - - auth - - host - type: object - smbConnection: - properties: - auth: + username: properties: - password: + name: + type: string + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: + secretKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key type: object type: object - required: - - password - - username type: object + required: + - host + type: object + smbConnection: + properties: connection: description: ConnectionName of the connection. It'll be used to populate the connection fields. type: string domain: description: Domain... type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object port: description: Port on which smb server is running. Defaults to 445 type: integer - searchPath: - description: SearchPath sub-path inside the mount location - type: string - sharename: - description: Sharename to mount from the samba server - type: string - workstation: - description: Workstation... - type: string - required: - - auth - type: object - test: - properties: - expr: - type: string - javascript: - type: string - jsonPath: - type: string - template: - type: string - type: object - totalSize: - description: TotalSize present on the filesystem - type: string - transform: - properties: - expr: - type: string - javascript: - type: string - jsonPath: + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object + type: object + test: + properties: + expr: + type: string + javascript: + type: string + jsonPath: + type: string + template: + type: string + type: object + totalSize: + description: TotalSize present on the filesystem + type: string + transform: + properties: + expr: + type: string + javascript: + type: string + jsonPath: type: string template: type: string @@ -2164,9 +2116,6 @@ spec: type: object type: object type: object - required: - - password - - username type: object cafile: type: string @@ -2195,74 +2144,11 @@ spec: http: items: properties: - authentication: - description: Credentials for authentication headers - properties: - password: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - required: - - password - - username - type: object body: description: Request Body Contents type: string connection: - description: Name of the connection that'll be used to derive the endpoint. + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -2279,7 +2165,7 @@ spec: type: string type: object endpoint: - description: HTTP endpoint to check. Mutually exclusive with Namespace + description: 'Deprecated: Use url instead' type: string headers: description: Header fields to be used in the query @@ -2338,6 +2224,34 @@ spec: ntlmv2: description: NTLM when set to true will do authentication using NTLM v2 protocol type: boolean + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object responseCodes: description: Expected response codes for the HTTP Request. items: @@ -2385,6 +2299,37 @@ spec: template: type: string type: object + url: + description: Connection url, interpolated with username,password + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object required: - name type: object @@ -2429,9 +2374,6 @@ spec: jmeter: items: properties: - connection: - description: Name of the connection that'll be used to derive host and other connection details. - type: string description: description: Description for the check type: string @@ -2649,77 +2591,14 @@ spec: ldap: items: properties: - auth: - properties: - password: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - required: - - password - - username - type: object bindDN: type: string connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check type: string - host: - type: string icon: description: Icon for overwriting default icon on the dashboard type: string @@ -2731,83 +2610,79 @@ spec: name: description: Name of the check type: string - skipTLSVerify: - type: boolean - userSearch: - type: string - required: - - auth - - bindDN - - host - - name - type: object - type: array - mongodb: - items: - properties: - auth: + password: properties: - password: + name: + type: string + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key type: object type: object - username: + type: object + skipTLSVerify: + type: boolean + url: + description: Connection url, interpolated with username,password + type: string + userSearch: + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key type: object type: object - required: - - password - - username type: object + required: + - bindDN + - name + type: object + type: array + mongodb: + items: + properties: connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -2823,77 +2698,74 @@ spec: name: description: Name of the check type: string - required: - - connection - - name - type: object - type: array - mssql: - items: - properties: - auth: + password: properties: - password: + name: + type: string + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key type: object type: object - username: + type: object + url: + description: Connection url, interpolated with username,password + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key type: object type: object - required: - - password - - username type: object + required: + - name + type: object + type: array + mssql: + items: + properties: connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -2920,6 +2792,34 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object query: type: string results: @@ -2947,77 +2847,46 @@ spec: template: type: string type: object - required: - - connection - - name - type: object - type: array - mysql: - items: - properties: - auth: + url: + description: Connection url, interpolated with username,password + type: string + username: properties: - password: + name: + type: string + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: + secretKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key type: object type: object - required: - - password - - username type: object + required: + - name + type: object + type: array + mysql: + items: + properties: connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -3044,6 +2913,34 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object query: type: string results: @@ -3071,8 +2968,38 @@ spec: template: type: string type: object + url: + description: Connection url, interpolated with username,password + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object required: - - connection - name type: object type: array @@ -3152,69 +3079,8 @@ spec: opensearch: items: properties: - auth: - properties: - password: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - required: - - password - - username - type: object connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -3243,6 +3109,34 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object query: type: string results: @@ -3271,9 +3165,37 @@ spec: type: string type: object url: + description: Connection url, interpolated with username,password type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object required: - - auth - index - name - query @@ -3327,91 +3249,30 @@ spec: type: string namespace: type: string - path: - type: string - port: - format: int64 - type: integer - priorityClass: - type: string - readyTimeout: - format: int64 - type: integer - scheduleTimeout: - format: int64 - type: integer - spec: - type: string - required: - - name - type: object - type: array - postgres: - items: - properties: - auth: - properties: - password: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - required: - - password - - username - type: object + path: + type: string + port: + format: int64 + type: integer + priorityClass: + type: string + readyTimeout: + format: int64 + type: integer + scheduleTimeout: + format: int64 + type: integer + spec: + type: string + required: + - name + type: object + type: array + postgres: + items: + properties: connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -3438,6 +3299,34 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object query: type: string results: @@ -3465,8 +3354,38 @@ spec: template: type: string type: object + url: + description: Connection url, interpolated with username,password + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object required: - - connection - name type: object type: array @@ -3474,6 +3393,7 @@ spec: items: properties: connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -3490,7 +3410,7 @@ spec: type: string type: object host: - description: Address of the prometheus server + description: 'Deprecated: use `url` instead' type: string icon: description: Icon for overwriting default icon on the dashboard @@ -3503,6 +3423,34 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object query: description: PromQL query type: string @@ -3528,8 +3476,38 @@ spec: template: type: string type: object + url: + description: Connection url, interpolated with username,password + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object required: - - host - name - query type: object @@ -3538,71 +3516,10 @@ spec: items: properties: addr: + description: 'Deprecated: Use url instead' type: string - auth: - properties: - password: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - required: - - password - - username - type: object connection: - description: ConnectionName is the name of the connection. It is used to populate addr, db and auth. + description: Connection name e.g. connection://http/google type: string db: type: integer @@ -3620,9 +3537,66 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object + url: + description: Connection url, interpolated with username,password + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object required: - - addr - - db - name type: object type: array diff --git a/config/deploy/manifests.yaml b/config/deploy/manifests.yaml index cbb6b5316..67ee9e654 100644 --- a/config/deploy/manifests.yaml +++ b/config/deploy/manifests.yaml @@ -64,69 +64,8 @@ spec: items: type: string type: array - auth: - properties: - password: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - required: - - password - - username - type: object connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -146,8 +85,6 @@ spec: additionalProperties: type: string type: object - host: - type: string icon: description: Icon for overwriting default icon on the dashboard type: string @@ -163,6 +100,34 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object test: properties: expr: @@ -185,6 +150,37 @@ spec: template: type: string type: object + url: + description: Connection url, interpolated with username,password + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object required: - name type: object @@ -192,83 +188,39 @@ spec: awsConfig: items: properties: - aggregatorName: - type: string - awsConnection: + accessKey: properties: - accessKey: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - connection: - description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey. - type: string - endpoint: - type: string - objectPath: - description: glob path to restrict matches to a subset + name: type: string - region: + value: type: string - secretKey: + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key type: object type: object - skipTLSVerify: - description: Skip TLS verify when connecting to aws - type: boolean - usePathStyle: - description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY' - type: boolean type: object + aggregatorName: + type: string + connection: + description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey. + type: string description: description: Description for the check type: string @@ -283,6 +235,8 @@ spec: template: type: string type: object + endpoint: + type: string icon: description: Icon for overwriting default icon on the dashboard type: string @@ -294,8 +248,44 @@ spec: name: description: Name of the check type: string + objectPath: + description: glob path to restrict matches to a subset + type: string query: type: string + region: + type: string + secretKey: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object + skipTLSVerify: + description: Skip TLS verify when connecting to aws + type: boolean test: properties: expr: @@ -318,6 +308,9 @@ spec: template: type: string type: object + usePathStyle: + description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY' + type: boolean required: - name - query @@ -326,86 +319,42 @@ spec: awsConfigRule: items: properties: - awsConnection: + accessKey: properties: - accessKey: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - connection: - description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey. - type: string - endpoint: - type: string - objectPath: - description: glob path to restrict matches to a subset + name: type: string - region: + value: type: string - secretKey: + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key type: object type: object - skipTLSVerify: - description: Skip TLS verify when connecting to aws - type: boolean - usePathStyle: - description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY' - type: boolean type: object complianceTypes: description: Filters the results by compliance. The allowed values are INSUFFICIENT_DATA, NON_COMPLIANT, NOT_APPLICABLE, COMPLIANT items: type: string type: array + connection: + description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey. + type: string description: description: Description for the check type: string @@ -420,6 +369,8 @@ spec: template: type: string type: object + endpoint: + type: string icon: description: Icon for overwriting default icon on the dashboard type: string @@ -436,11 +387,47 @@ spec: name: description: Name of the check type: string + objectPath: + description: glob path to restrict matches to a subset + type: string + region: + type: string rules: description: Specify one or more Config rule names to filter the results by rule. items: type: string type: array + secretKey: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object + skipTLSVerify: + description: Skip TLS verify when connecting to aws + type: boolean test: properties: expr: @@ -463,6 +450,9 @@ spec: template: type: string type: object + usePathStyle: + description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY' + type: boolean required: - name type: object @@ -606,6 +596,14 @@ spec: type: object type: object type: object + actionPrefix: + type: string + alarmPrefix: + type: string + alarms: + items: + type: string + type: array connection: description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey. type: string @@ -625,19 +623,6 @@ spec: type: object endpoint: type: string - filter: - properties: - actionPrefix: - type: string - alarmPrefix: - type: string - alarms: - items: - type: string - type: array - state: - type: string - type: object icon: description: Icon for overwriting default icon on the dashboard type: string @@ -685,6 +670,8 @@ spec: skipTLSVerify: description: Skip TLS verify when connecting to aws type: boolean + state: + type: string test: properties: expr: @@ -832,9 +819,6 @@ spec: type: object type: object type: object - required: - - password - - username type: object description: description: Description for the check @@ -1092,9 +1076,6 @@ spec: type: object type: object type: object - required: - - password - - username type: object description: description: Description for the check @@ -1183,9 +1164,6 @@ spec: type: object type: object type: object - required: - - password - - username type: object description: description: Description for the check @@ -1239,6 +1217,8 @@ spec: type: object type: object type: object + connection: + type: string description: description: Description for the check type: string @@ -1414,69 +1394,8 @@ spec: elasticsearch: items: properties: - auth: - properties: - password: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - required: - - password - - username - type: object connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -1505,6 +1424,34 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object query: type: string results: @@ -1532,29 +1479,58 @@ spec: type: string type: object url: + description: Connection url, interpolated with username,password type: string - required: - - name - type: object - type: array - env: - additionalProperties: - description: VarSource represents a source for a value - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. + username: properties: - key: - description: The key to select. - type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - required: - - key + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object + required: + - name + type: object + type: array + env: + additionalProperties: + description: VarSource represents a source for a value + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key must be defined + type: boolean + required: + - key type: object x-kubernetes-map-type: atomic fieldRef: @@ -1826,186 +1802,162 @@ spec: type: string sftpConnection: properties: - auth: + connection: + description: ConnectionName of the connection. It'll be used to populate the connection fields. + type: string + host: + type: string + password: properties: - password: + name: + type: string + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: + secretKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key type: object type: object - required: - - password - - username type: object - connection: - description: ConnectionName of the connection. It'll be used to populate the connection fields. - type: string - host: - type: string port: description: Port for the SSH server. Defaults to 22 type: integer - required: - - auth - - host - type: object - smbConnection: - properties: - auth: + username: properties: - password: + name: + type: string + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: + secretKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key type: object type: object - required: - - password - - username type: object + required: + - host + type: object + smbConnection: + properties: connection: description: ConnectionName of the connection. It'll be used to populate the connection fields. type: string domain: description: Domain... type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object port: description: Port on which smb server is running. Defaults to 445 type: integer - searchPath: - description: SearchPath sub-path inside the mount location - type: string - sharename: - description: Sharename to mount from the samba server - type: string - workstation: - description: Workstation... - type: string - required: - - auth - type: object - test: - properties: - expr: - type: string - javascript: - type: string - jsonPath: - type: string - template: - type: string - type: object - totalSize: - description: TotalSize present on the filesystem - type: string - transform: - properties: - expr: - type: string - javascript: - type: string - jsonPath: + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object + type: object + test: + properties: + expr: + type: string + javascript: + type: string + jsonPath: + type: string + template: + type: string + type: object + totalSize: + description: TotalSize present on the filesystem + type: string + transform: + properties: + expr: + type: string + javascript: + type: string + jsonPath: type: string template: type: string @@ -2164,9 +2116,6 @@ spec: type: object type: object type: object - required: - - password - - username type: object cafile: type: string @@ -2195,74 +2144,11 @@ spec: http: items: properties: - authentication: - description: Credentials for authentication headers - properties: - password: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - required: - - password - - username - type: object body: description: Request Body Contents type: string connection: - description: Name of the connection that'll be used to derive the endpoint. + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -2279,7 +2165,7 @@ spec: type: string type: object endpoint: - description: HTTP endpoint to check. Mutually exclusive with Namespace + description: 'Deprecated: Use url instead' type: string headers: description: Header fields to be used in the query @@ -2338,6 +2224,34 @@ spec: ntlmv2: description: NTLM when set to true will do authentication using NTLM v2 protocol type: boolean + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object responseCodes: description: Expected response codes for the HTTP Request. items: @@ -2385,6 +2299,37 @@ spec: template: type: string type: object + url: + description: Connection url, interpolated with username,password + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object required: - name type: object @@ -2429,9 +2374,6 @@ spec: jmeter: items: properties: - connection: - description: Name of the connection that'll be used to derive host and other connection details. - type: string description: description: Description for the check type: string @@ -2649,77 +2591,14 @@ spec: ldap: items: properties: - auth: - properties: - password: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - required: - - password - - username - type: object bindDN: type: string connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check type: string - host: - type: string icon: description: Icon for overwriting default icon on the dashboard type: string @@ -2731,83 +2610,79 @@ spec: name: description: Name of the check type: string - skipTLSVerify: - type: boolean - userSearch: - type: string - required: - - auth - - bindDN - - host - - name - type: object - type: array - mongodb: - items: - properties: - auth: + password: properties: - password: + name: + type: string + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key type: object type: object - username: + type: object + skipTLSVerify: + type: boolean + url: + description: Connection url, interpolated with username,password + type: string + userSearch: + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key type: object type: object - required: - - password - - username type: object + required: + - bindDN + - name + type: object + type: array + mongodb: + items: + properties: connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -2823,77 +2698,74 @@ spec: name: description: Name of the check type: string - required: - - connection - - name - type: object - type: array - mssql: - items: - properties: - auth: + password: properties: - password: + name: + type: string + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key type: object type: object - username: + type: object + url: + description: Connection url, interpolated with username,password + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key type: object type: object - required: - - password - - username type: object + required: + - name + type: object + type: array + mssql: + items: + properties: connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -2920,6 +2792,34 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object query: type: string results: @@ -2947,77 +2847,46 @@ spec: template: type: string type: object - required: - - connection - - name - type: object - type: array - mysql: - items: - properties: - auth: + url: + description: Connection url, interpolated with username,password + type: string + username: properties: - password: + name: + type: string + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: + secretKeyRef: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object + key: + type: string + name: + type: string + required: + - key type: object type: object - required: - - password - - username type: object + required: + - name + type: object + type: array + mysql: + items: + properties: connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -3044,6 +2913,34 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object query: type: string results: @@ -3071,8 +2968,38 @@ spec: template: type: string type: object + url: + description: Connection url, interpolated with username,password + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object required: - - connection - name type: object type: array @@ -3152,69 +3079,8 @@ spec: opensearch: items: properties: - auth: - properties: - password: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - required: - - password - - username - type: object connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -3243,6 +3109,34 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object query: type: string results: @@ -3271,9 +3165,37 @@ spec: type: string type: object url: + description: Connection url, interpolated with username,password type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object required: - - auth - index - name - query @@ -3327,91 +3249,30 @@ spec: type: string namespace: type: string - path: - type: string - port: - format: int64 - type: integer - priorityClass: - type: string - readyTimeout: - format: int64 - type: integer - scheduleTimeout: - format: int64 - type: integer - spec: - type: string - required: - - name - type: object - type: array - postgres: - items: - properties: - auth: - properties: - password: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - required: - - password - - username - type: object + path: + type: string + port: + format: int64 + type: integer + priorityClass: + type: string + readyTimeout: + format: int64 + type: integer + scheduleTimeout: + format: int64 + type: integer + spec: + type: string + required: + - name + type: object + type: array + postgres: + items: + properties: connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -3438,6 +3299,34 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object query: type: string results: @@ -3465,8 +3354,38 @@ spec: template: type: string type: object + url: + description: Connection url, interpolated with username,password + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object required: - - connection - name type: object type: array @@ -3474,6 +3393,7 @@ spec: items: properties: connection: + description: Connection name e.g. connection://http/google type: string description: description: Description for the check @@ -3490,7 +3410,7 @@ spec: type: string type: object host: - description: Address of the prometheus server + description: 'Deprecated: use `url` instead' type: string icon: description: Icon for overwriting default icon on the dashboard @@ -3503,6 +3423,34 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object query: description: PromQL query type: string @@ -3528,8 +3476,38 @@ spec: template: type: string type: object + url: + description: Connection url, interpolated with username,password + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object required: - - host - name - query type: object @@ -3538,71 +3516,10 @@ spec: items: properties: addr: + description: 'Deprecated: Use url instead' type: string - auth: - properties: - password: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - username: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - required: - - key - type: object - type: object - type: object - required: - - password - - username - type: object connection: - description: ConnectionName is the name of the connection. It is used to populate addr, db and auth. + description: Connection name e.g. connection://http/google type: string db: type: integer @@ -3620,9 +3537,66 @@ spec: name: description: Name of the check type: string + password: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object + url: + description: Connection url, interpolated with username,password + type: string + username: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + type: object + type: object + type: object required: - - addr - - db - name type: object type: array diff --git a/config/schemas/canary.schema.json b/config/schemas/canary.schema.json index 2bdf053df..225d7af56 100644 --- a/config/schemas/canary.schema.json +++ b/config/schemas/canary.schema.json @@ -59,11 +59,14 @@ "connection": { "type": "string" }, - "host": { + "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "alerts": { "items": { @@ -102,11 +105,7 @@ } }, "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] + "type": "object" }, "AwsConfigCheck": { "properties": { @@ -134,8 +133,29 @@ "query": { "type": "string" }, - "awsConnection": { - "$ref": "#/$defs/AWSConnection" + "connection": { + "type": "string" + }, + "accessKey": { + "$ref": "#/$defs/EnvVar" + }, + "secretKey": { + "$ref": "#/$defs/EnvVar" + }, + "region": { + "type": "string" + }, + "endpoint": { + "type": "string" + }, + "skipTLSVerify": { + "type": "boolean" + }, + "objectPath": { + "type": "string" + }, + "usePathStyle": { + "type": "boolean" }, "aggregatorName": { "type": "string" @@ -189,8 +209,29 @@ }, "type": "array" }, - "awsConnection": { - "$ref": "#/$defs/AWSConnection" + "connection": { + "type": "string" + }, + "accessKey": { + "$ref": "#/$defs/EnvVar" + }, + "secretKey": { + "$ref": "#/$defs/EnvVar" + }, + "region": { + "type": "string" + }, + "endpoint": { + "type": "string" + }, + "skipTLSVerify": { + "type": "boolean" + }, + "objectPath": { + "type": "string" + }, + "usePathStyle": { + "type": "boolean" } }, "additionalProperties": false, @@ -663,18 +704,6 @@ "transform": { "$ref": "#/$defs/Template" }, - "filter": { - "$ref": "#/$defs/CloudWatchFilter" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "name" - ] - }, - "CloudWatchFilter": { - "properties": { "actionPrefix": { "type": "string" }, @@ -692,7 +721,10 @@ } }, "additionalProperties": false, - "type": "object" + "type": "object", + "required": [ + "name" + ] }, "ConfigDBCheck": { "properties": { @@ -980,6 +1012,9 @@ "transform": { "$ref": "#/$defs/Template" }, + "connection": { + "type": "string" + }, "host": { "type": "string" }, @@ -1097,8 +1132,11 @@ "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -1376,6 +1414,15 @@ "connection": { "type": "string" }, + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" + }, "endpoint": { "type": "string" }, @@ -1418,9 +1465,6 @@ }, "type": "array" }, - "authentication": { - "$ref": "#/$defs/Authentication" - }, "templateBody": { "type": "boolean" } @@ -1527,9 +1571,6 @@ "labels": { "$ref": "#/$defs/Labels" }, - "connection": { - "type": "string" - }, "jmx": { "$ref": "#/$defs/EnvVar" }, @@ -1667,11 +1708,14 @@ "connection": { "type": "string" }, - "host": { + "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "bindDN": { "type": "string" @@ -1687,8 +1731,6 @@ "type": "object", "required": [ "name", - "host", - "auth", "bindDN" ] }, @@ -1753,15 +1795,20 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" } }, "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "MssqlCheck": { @@ -1790,8 +1837,14 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -1803,8 +1856,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "MysqlCheck": { @@ -1833,8 +1885,14 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -1846,8 +1904,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "NamespaceCheck": { @@ -2053,8 +2110,11 @@ "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -2070,7 +2130,6 @@ "type": "object", "required": [ "name", - "auth", "query", "index" ] @@ -2206,8 +2265,14 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -2219,8 +2284,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "PrometheusCheck": { @@ -2246,12 +2310,21 @@ "transform": { "$ref": "#/$defs/Template" }, + "host": { + "type": "string" + }, "connection": { "type": "string" }, - "host": { + "url": { "type": "string" }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" + }, "query": { "type": "string" } @@ -2260,7 +2333,6 @@ "type": "object", "required": [ "name", - "host", "query" ] }, @@ -2281,11 +2353,17 @@ "connection": { "type": "string" }, - "addr": { + "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" + }, + "addr": { + "type": "string" }, "db": { "type": "integer" @@ -2294,9 +2372,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "addr", - "db" + "name" ] }, "ResourceSelector": { @@ -2424,15 +2500,17 @@ "host": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" } }, "additionalProperties": false, "type": "object", "required": [ - "host", - "auth" + "host" ] }, "SMBConnection": { @@ -2443,27 +2521,18 @@ "port": { "type": "integer" }, - "auth": { - "$ref": "#/$defs/Authentication" - }, - "domain": { - "type": "string" - }, - "workstation": { - "type": "string" + "username": { + "$ref": "#/$defs/EnvVar" }, - "sharename": { - "type": "string" + "password": { + "$ref": "#/$defs/EnvVar" }, - "searchPath": { + "domain": { "type": "string" } }, "additionalProperties": false, - "type": "object", - "required": [ - "auth" - ] + "type": "object" }, "SecretKeySelector": { "properties": { diff --git a/config/schemas/component.schema.json b/config/schemas/component.schema.json index 7bc0361e9..ae87b1661 100644 --- a/config/schemas/component.schema.json +++ b/config/schemas/component.schema.json @@ -59,11 +59,14 @@ "connection": { "type": "string" }, - "host": { + "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "alerts": { "items": { @@ -102,11 +105,7 @@ } }, "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] + "type": "object" }, "AwsConfigCheck": { "properties": { @@ -134,8 +133,29 @@ "query": { "type": "string" }, - "awsConnection": { - "$ref": "#/$defs/AWSConnection" + "connection": { + "type": "string" + }, + "accessKey": { + "$ref": "#/$defs/EnvVar" + }, + "secretKey": { + "$ref": "#/$defs/EnvVar" + }, + "region": { + "type": "string" + }, + "endpoint": { + "type": "string" + }, + "skipTLSVerify": { + "type": "boolean" + }, + "objectPath": { + "type": "string" + }, + "usePathStyle": { + "type": "boolean" }, "aggregatorName": { "type": "string" @@ -189,8 +209,29 @@ }, "type": "array" }, - "awsConnection": { - "$ref": "#/$defs/AWSConnection" + "connection": { + "type": "string" + }, + "accessKey": { + "$ref": "#/$defs/EnvVar" + }, + "secretKey": { + "$ref": "#/$defs/EnvVar" + }, + "region": { + "type": "string" + }, + "endpoint": { + "type": "string" + }, + "skipTLSVerify": { + "type": "boolean" + }, + "objectPath": { + "type": "string" + }, + "usePathStyle": { + "type": "boolean" } }, "additionalProperties": false, @@ -569,18 +610,6 @@ "transform": { "$ref": "#/$defs/Template" }, - "filter": { - "$ref": "#/$defs/CloudWatchFilter" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "name" - ] - }, - "CloudWatchFilter": { - "properties": { "actionPrefix": { "type": "string" }, @@ -598,7 +627,10 @@ } }, "additionalProperties": false, - "type": "object" + "type": "object", + "required": [ + "name" + ] }, "Component": { "properties": { @@ -1159,6 +1191,9 @@ "transform": { "$ref": "#/$defs/Template" }, + "connection": { + "type": "string" + }, "host": { "type": "string" }, @@ -1276,8 +1311,11 @@ "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -1588,6 +1626,15 @@ "connection": { "type": "string" }, + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" + }, "endpoint": { "type": "string" }, @@ -1630,9 +1677,6 @@ }, "type": "array" }, - "authentication": { - "$ref": "#/$defs/Authentication" - }, "templateBody": { "type": "boolean" } @@ -1739,9 +1783,6 @@ "labels": { "$ref": "#/$defs/Labels" }, - "connection": { - "type": "string" - }, "jmx": { "$ref": "#/$defs/EnvVar" }, @@ -1879,11 +1920,14 @@ "connection": { "type": "string" }, - "host": { + "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "bindDN": { "type": "string" @@ -1899,8 +1943,6 @@ "type": "object", "required": [ "name", - "host", - "auth", "bindDN" ] }, @@ -2015,15 +2057,20 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" } }, "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "MssqlCheck": { @@ -2052,8 +2099,14 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -2065,8 +2118,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "MysqlCheck": { @@ -2095,8 +2147,14 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -2108,8 +2166,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "NamespaceCheck": { @@ -2315,8 +2372,11 @@ "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -2332,7 +2392,6 @@ "type": "object", "required": [ "name", - "auth", "query", "index" ] @@ -2468,8 +2527,14 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -2481,8 +2546,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "PrometheusCheck": { @@ -2508,12 +2572,21 @@ "transform": { "$ref": "#/$defs/Template" }, + "host": { + "type": "string" + }, "connection": { "type": "string" }, - "host": { + "url": { "type": "string" }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" + }, "query": { "type": "string" } @@ -2522,7 +2595,6 @@ "type": "object", "required": [ "name", - "host", "query" ] }, @@ -2615,11 +2687,17 @@ "connection": { "type": "string" }, - "addr": { + "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" + }, + "addr": { + "type": "string" }, "db": { "type": "integer" @@ -2628,9 +2706,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "addr", - "db" + "name" ] }, "RelationshipSpec": { @@ -2776,15 +2852,17 @@ "host": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" } }, "additionalProperties": false, "type": "object", "required": [ - "host", - "auth" + "host" ] }, "SMBConnection": { @@ -2795,27 +2873,18 @@ "port": { "type": "integer" }, - "auth": { - "$ref": "#/$defs/Authentication" - }, - "domain": { - "type": "string" - }, - "workstation": { - "type": "string" + "username": { + "$ref": "#/$defs/EnvVar" }, - "sharename": { - "type": "string" + "password": { + "$ref": "#/$defs/EnvVar" }, - "searchPath": { + "domain": { "type": "string" } }, "additionalProperties": false, - "type": "object", - "required": [ - "auth" - ] + "type": "object" }, "SecretKeySelector": { "properties": { diff --git a/config/schemas/health_alertmanager.schema.json b/config/schemas/health_alertmanager.schema.json index e8b21a521..93a6c0009 100644 --- a/config/schemas/health_alertmanager.schema.json +++ b/config/schemas/health_alertmanager.schema.json @@ -29,11 +29,14 @@ "connection": { "type": "string" }, - "host": { + "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "alerts": { "items": { @@ -62,22 +65,6 @@ "name" ] }, - "Authentication": { - "properties": { - "username": { - "$ref": "#/$defs/EnvVar" - }, - "password": { - "$ref": "#/$defs/EnvVar" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] - }, "ConfigMapKeySelector": { "properties": { "name": { diff --git a/config/schemas/health_awsconfig.schema.json b/config/schemas/health_awsconfig.schema.json index 3fc17bcba..b14fd834c 100644 --- a/config/schemas/health_awsconfig.schema.json +++ b/config/schemas/health_awsconfig.schema.json @@ -3,36 +3,6 @@ "$id": "https://github.com/flanksource/canary-checker/api/v1/aws-config-check", "$ref": "#/$defs/AwsConfigCheck", "$defs": { - "AWSConnection": { - "properties": { - "connection": { - "type": "string" - }, - "accessKey": { - "$ref": "#/$defs/EnvVar" - }, - "secretKey": { - "$ref": "#/$defs/EnvVar" - }, - "region": { - "type": "string" - }, - "endpoint": { - "type": "string" - }, - "skipTLSVerify": { - "type": "boolean" - }, - "objectPath": { - "type": "string" - }, - "usePathStyle": { - "type": "boolean" - } - }, - "additionalProperties": false, - "type": "object" - }, "AwsConfigCheck": { "properties": { "description": { @@ -59,8 +29,29 @@ "query": { "type": "string" }, - "awsConnection": { - "$ref": "#/$defs/AWSConnection" + "connection": { + "type": "string" + }, + "accessKey": { + "$ref": "#/$defs/EnvVar" + }, + "secretKey": { + "$ref": "#/$defs/EnvVar" + }, + "region": { + "type": "string" + }, + "endpoint": { + "type": "string" + }, + "skipTLSVerify": { + "type": "boolean" + }, + "objectPath": { + "type": "string" + }, + "usePathStyle": { + "type": "boolean" }, "aggregatorName": { "type": "string" diff --git a/config/schemas/health_awsconfigrule.schema.json b/config/schemas/health_awsconfigrule.schema.json index e3c0ba95e..245ec69bc 100644 --- a/config/schemas/health_awsconfigrule.schema.json +++ b/config/schemas/health_awsconfigrule.schema.json @@ -3,36 +3,6 @@ "$id": "https://github.com/flanksource/canary-checker/api/v1/aws-config-rule-check", "$ref": "#/$defs/AwsConfigRuleCheck", "$defs": { - "AWSConnection": { - "properties": { - "connection": { - "type": "string" - }, - "accessKey": { - "$ref": "#/$defs/EnvVar" - }, - "secretKey": { - "$ref": "#/$defs/EnvVar" - }, - "region": { - "type": "string" - }, - "endpoint": { - "type": "string" - }, - "skipTLSVerify": { - "type": "boolean" - }, - "objectPath": { - "type": "string" - }, - "usePathStyle": { - "type": "boolean" - } - }, - "additionalProperties": false, - "type": "object" - }, "AwsConfigRuleCheck": { "properties": { "description": { @@ -74,8 +44,29 @@ }, "type": "array" }, - "awsConnection": { - "$ref": "#/$defs/AWSConnection" + "connection": { + "type": "string" + }, + "accessKey": { + "$ref": "#/$defs/EnvVar" + }, + "secretKey": { + "$ref": "#/$defs/EnvVar" + }, + "region": { + "type": "string" + }, + "endpoint": { + "type": "string" + }, + "skipTLSVerify": { + "type": "boolean" + }, + "objectPath": { + "type": "string" + }, + "usePathStyle": { + "type": "boolean" } }, "additionalProperties": false, diff --git a/config/schemas/health_cloudwatch.schema.json b/config/schemas/health_cloudwatch.schema.json index e93212c60..dac455c88 100644 --- a/config/schemas/health_cloudwatch.schema.json +++ b/config/schemas/health_cloudwatch.schema.json @@ -50,18 +50,6 @@ "transform": { "$ref": "#/$defs/Template" }, - "filter": { - "$ref": "#/$defs/CloudWatchFilter" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "name" - ] - }, - "CloudWatchFilter": { - "properties": { "actionPrefix": { "type": "string" }, @@ -79,7 +67,10 @@ } }, "additionalProperties": false, - "type": "object" + "type": "object", + "required": [ + "name" + ] }, "ConfigMapKeySelector": { "properties": { diff --git a/config/schemas/health_containerdPull.schema.json b/config/schemas/health_containerdPull.schema.json index d770e9562..073ebc88e 100644 --- a/config/schemas/health_containerdPull.schema.json +++ b/config/schemas/health_containerdPull.schema.json @@ -13,11 +13,7 @@ } }, "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] + "type": "object" }, "ConfigMapKeySelector": { "properties": { diff --git a/config/schemas/health_dockerPull.schema.json b/config/schemas/health_dockerPull.schema.json index 2991e10a1..5bf82ae0f 100644 --- a/config/schemas/health_dockerPull.schema.json +++ b/config/schemas/health_dockerPull.schema.json @@ -13,11 +13,7 @@ } }, "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] + "type": "object" }, "ConfigMapKeySelector": { "properties": { diff --git a/config/schemas/health_dockerPush.schema.json b/config/schemas/health_dockerPush.schema.json index 37eee6a5c..598c86e57 100644 --- a/config/schemas/health_dockerPush.schema.json +++ b/config/schemas/health_dockerPush.schema.json @@ -13,11 +13,7 @@ } }, "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] + "type": "object" }, "ConfigMapKeySelector": { "properties": { diff --git a/config/schemas/health_dynatrace.schema.json b/config/schemas/health_dynatrace.schema.json index 07c64266b..8ca1b569f 100644 --- a/config/schemas/health_dynatrace.schema.json +++ b/config/schemas/health_dynatrace.schema.json @@ -41,6 +41,9 @@ "transform": { "$ref": "#/$defs/Template" }, + "connection": { + "type": "string" + }, "host": { "type": "string" }, diff --git a/config/schemas/health_elasticsearch.schema.json b/config/schemas/health_elasticsearch.schema.json index 7fbf163a7..16a9311df 100644 --- a/config/schemas/health_elasticsearch.schema.json +++ b/config/schemas/health_elasticsearch.schema.json @@ -3,22 +3,6 @@ "$id": "https://github.com/flanksource/canary-checker/api/v1/elasticsearch-check", "$ref": "#/$defs/ElasticsearchCheck", "$defs": { - "Authentication": { - "properties": { - "username": { - "$ref": "#/$defs/EnvVar" - }, - "password": { - "$ref": "#/$defs/EnvVar" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] - }, "ConfigMapKeySelector": { "properties": { "name": { @@ -63,8 +47,11 @@ "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" diff --git a/config/schemas/health_folder.schema.json b/config/schemas/health_folder.schema.json index 080b7efe7..6f6ec1b01 100644 --- a/config/schemas/health_folder.schema.json +++ b/config/schemas/health_folder.schema.json @@ -33,22 +33,6 @@ "additionalProperties": false, "type": "object" }, - "Authentication": { - "properties": { - "username": { - "$ref": "#/$defs/EnvVar" - }, - "password": { - "$ref": "#/$defs/EnvVar" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] - }, "ConfigMapKeySelector": { "properties": { "name": { @@ -219,15 +203,17 @@ "host": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" } }, "additionalProperties": false, "type": "object", "required": [ - "host", - "auth" + "host" ] }, "SMBConnection": { @@ -238,27 +224,18 @@ "port": { "type": "integer" }, - "auth": { - "$ref": "#/$defs/Authentication" - }, - "domain": { - "type": "string" - }, - "workstation": { - "type": "string" + "username": { + "$ref": "#/$defs/EnvVar" }, - "sharename": { - "type": "string" + "password": { + "$ref": "#/$defs/EnvVar" }, - "searchPath": { + "domain": { "type": "string" } }, "additionalProperties": false, - "type": "object", - "required": [ - "auth" - ] + "type": "object" }, "SecretKeySelector": { "properties": { diff --git a/config/schemas/health_helm.schema.json b/config/schemas/health_helm.schema.json index 38c27395b..e7bb864df 100644 --- a/config/schemas/health_helm.schema.json +++ b/config/schemas/health_helm.schema.json @@ -13,11 +13,7 @@ } }, "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] + "type": "object" }, "ConfigMapKeySelector": { "properties": { diff --git a/config/schemas/health_http.schema.json b/config/schemas/health_http.schema.json index 86f00743b..2a703be73 100644 --- a/config/schemas/health_http.schema.json +++ b/config/schemas/health_http.schema.json @@ -3,22 +3,6 @@ "$id": "https://github.com/flanksource/canary-checker/api/v1/http-check", "$ref": "#/$defs/HTTPCheck", "$defs": { - "Authentication": { - "properties": { - "username": { - "$ref": "#/$defs/EnvVar" - }, - "password": { - "$ref": "#/$defs/EnvVar" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] - }, "ConfigMapKeySelector": { "properties": { "name": { @@ -87,6 +71,15 @@ "connection": { "type": "string" }, + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" + }, "endpoint": { "type": "string" }, @@ -129,9 +122,6 @@ }, "type": "array" }, - "authentication": { - "$ref": "#/$defs/Authentication" - }, "templateBody": { "type": "boolean" } diff --git a/config/schemas/health_jmeter.schema.json b/config/schemas/health_jmeter.schema.json index a05060192..dfbcb3c42 100644 --- a/config/schemas/health_jmeter.schema.json +++ b/config/schemas/health_jmeter.schema.json @@ -59,9 +59,6 @@ "labels": { "$ref": "#/$defs/Labels" }, - "connection": { - "type": "string" - }, "jmx": { "$ref": "#/$defs/EnvVar" }, diff --git a/config/schemas/health_ldap.schema.json b/config/schemas/health_ldap.schema.json index ecd98cdb4..715f818d1 100644 --- a/config/schemas/health_ldap.schema.json +++ b/config/schemas/health_ldap.schema.json @@ -3,22 +3,6 @@ "$id": "https://github.com/flanksource/canary-checker/api/v1/ldap-check", "$ref": "#/$defs/LDAPCheck", "$defs": { - "Authentication": { - "properties": { - "username": { - "$ref": "#/$defs/EnvVar" - }, - "password": { - "$ref": "#/$defs/EnvVar" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] - }, "ConfigMapKeySelector": { "properties": { "name": { @@ -78,11 +62,14 @@ "connection": { "type": "string" }, - "host": { + "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "bindDN": { "type": "string" @@ -98,8 +85,6 @@ "type": "object", "required": [ "name", - "host", - "auth", "bindDN" ] }, diff --git a/config/schemas/health_mongodb.schema.json b/config/schemas/health_mongodb.schema.json index edc955f9d..965c98918 100644 --- a/config/schemas/health_mongodb.schema.json +++ b/config/schemas/health_mongodb.schema.json @@ -3,22 +3,6 @@ "$id": "https://github.com/flanksource/canary-checker/api/v1/mongo-db-check", "$ref": "#/$defs/MongoDBCheck", "$defs": { - "Authentication": { - "properties": { - "username": { - "$ref": "#/$defs/EnvVar" - }, - "password": { - "$ref": "#/$defs/EnvVar" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] - }, "ConfigMapKeySelector": { "properties": { "name": { @@ -86,15 +70,20 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" } }, "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "SecretKeySelector": { diff --git a/config/schemas/health_mssql.schema.json b/config/schemas/health_mssql.schema.json index 6bbe145e9..6c8d42c87 100644 --- a/config/schemas/health_mssql.schema.json +++ b/config/schemas/health_mssql.schema.json @@ -3,22 +3,6 @@ "$id": "https://github.com/flanksource/canary-checker/api/v1/mssql-check", "$ref": "#/$defs/MssqlCheck", "$defs": { - "Authentication": { - "properties": { - "username": { - "$ref": "#/$defs/EnvVar" - }, - "password": { - "$ref": "#/$defs/EnvVar" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] - }, "ConfigMapKeySelector": { "properties": { "name": { @@ -95,8 +79,14 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -108,8 +98,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "SecretKeySelector": { diff --git a/config/schemas/health_mysql.schema.json b/config/schemas/health_mysql.schema.json index 412c22a59..987204f58 100644 --- a/config/schemas/health_mysql.schema.json +++ b/config/schemas/health_mysql.schema.json @@ -3,22 +3,6 @@ "$id": "https://github.com/flanksource/canary-checker/api/v1/mysql-check", "$ref": "#/$defs/MysqlCheck", "$defs": { - "Authentication": { - "properties": { - "username": { - "$ref": "#/$defs/EnvVar" - }, - "password": { - "$ref": "#/$defs/EnvVar" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] - }, "ConfigMapKeySelector": { "properties": { "name": { @@ -95,8 +79,14 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -108,8 +98,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "SecretKeySelector": { diff --git a/config/schemas/health_opensearch.schema.json b/config/schemas/health_opensearch.schema.json index 62cf19442..b7aa49707 100644 --- a/config/schemas/health_opensearch.schema.json +++ b/config/schemas/health_opensearch.schema.json @@ -3,22 +3,6 @@ "$id": "https://github.com/flanksource/canary-checker/api/v1/open-search-check", "$ref": "#/$defs/OpenSearchCheck", "$defs": { - "Authentication": { - "properties": { - "username": { - "$ref": "#/$defs/EnvVar" - }, - "password": { - "$ref": "#/$defs/EnvVar" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] - }, "ConfigMapKeySelector": { "properties": { "name": { @@ -98,8 +82,11 @@ "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -115,7 +102,6 @@ "type": "object", "required": [ "name", - "auth", "query", "index" ] diff --git a/config/schemas/health_postgres.schema.json b/config/schemas/health_postgres.schema.json index 196dce3b5..82bf8296a 100644 --- a/config/schemas/health_postgres.schema.json +++ b/config/schemas/health_postgres.schema.json @@ -3,22 +3,6 @@ "$id": "https://github.com/flanksource/canary-checker/api/v1/postgres-check", "$ref": "#/$defs/PostgresCheck", "$defs": { - "Authentication": { - "properties": { - "username": { - "$ref": "#/$defs/EnvVar" - }, - "password": { - "$ref": "#/$defs/EnvVar" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] - }, "ConfigMapKeySelector": { "properties": { "name": { @@ -95,8 +79,14 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -108,8 +98,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "SecretKeySelector": { diff --git a/config/schemas/health_prometheus.schema.json b/config/schemas/health_prometheus.schema.json index 9e7a1de14..b4dcab392 100644 --- a/config/schemas/health_prometheus.schema.json +++ b/config/schemas/health_prometheus.schema.json @@ -3,6 +3,48 @@ "$id": "https://github.com/flanksource/canary-checker/api/v1/prometheus-check", "$ref": "#/$defs/PrometheusCheck", "$defs": { + "ConfigMapKeySelector": { + "properties": { + "name": { + "type": "string" + }, + "key": { + "type": "string" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "key" + ] + }, + "EnvVar": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + }, + "valueFrom": { + "$ref": "#/$defs/EnvVarSource" + } + }, + "additionalProperties": false, + "type": "object" + }, + "EnvVarSource": { + "properties": { + "configMapKeyRef": { + "$ref": "#/$defs/ConfigMapKeySelector" + }, + "secretKeyRef": { + "$ref": "#/$defs/SecretKeySelector" + } + }, + "additionalProperties": false, + "type": "object" + }, "Labels": { "patternProperties": { ".*": { @@ -34,12 +76,21 @@ "transform": { "$ref": "#/$defs/Template" }, + "host": { + "type": "string" + }, "connection": { "type": "string" }, - "host": { + "url": { "type": "string" }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" + }, "query": { "type": "string" } @@ -48,10 +99,24 @@ "type": "object", "required": [ "name", - "host", "query" ] }, + "SecretKeySelector": { + "properties": { + "name": { + "type": "string" + }, + "key": { + "type": "string" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "key" + ] + }, "Template": { "properties": { "template": { diff --git a/config/schemas/health_redis.schema.json b/config/schemas/health_redis.schema.json index adc3a6bd6..153d4cc4b 100644 --- a/config/schemas/health_redis.schema.json +++ b/config/schemas/health_redis.schema.json @@ -3,22 +3,6 @@ "$id": "https://github.com/flanksource/canary-checker/api/v1/redis-check", "$ref": "#/$defs/RedisCheck", "$defs": { - "Authentication": { - "properties": { - "username": { - "$ref": "#/$defs/EnvVar" - }, - "password": { - "$ref": "#/$defs/EnvVar" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] - }, "ConfigMapKeySelector": { "properties": { "name": { @@ -86,11 +70,17 @@ "connection": { "type": "string" }, - "addr": { + "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" + }, + "addr": { + "type": "string" }, "db": { "type": "integer" @@ -99,9 +89,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "addr", - "db" + "name" ] }, "SecretKeySelector": { diff --git a/config/schemas/topology.schema.json b/config/schemas/topology.schema.json index 628b6f8c5..c33ab0b94 100644 --- a/config/schemas/topology.schema.json +++ b/config/schemas/topology.schema.json @@ -59,11 +59,14 @@ "connection": { "type": "string" }, - "host": { + "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "alerts": { "items": { @@ -102,11 +105,7 @@ } }, "additionalProperties": false, - "type": "object", - "required": [ - "username", - "password" - ] + "type": "object" }, "AwsConfigCheck": { "properties": { @@ -134,8 +133,29 @@ "query": { "type": "string" }, - "awsConnection": { - "$ref": "#/$defs/AWSConnection" + "connection": { + "type": "string" + }, + "accessKey": { + "$ref": "#/$defs/EnvVar" + }, + "secretKey": { + "$ref": "#/$defs/EnvVar" + }, + "region": { + "type": "string" + }, + "endpoint": { + "type": "string" + }, + "skipTLSVerify": { + "type": "boolean" + }, + "objectPath": { + "type": "string" + }, + "usePathStyle": { + "type": "boolean" }, "aggregatorName": { "type": "string" @@ -189,8 +209,29 @@ }, "type": "array" }, - "awsConnection": { - "$ref": "#/$defs/AWSConnection" + "connection": { + "type": "string" + }, + "accessKey": { + "$ref": "#/$defs/EnvVar" + }, + "secretKey": { + "$ref": "#/$defs/EnvVar" + }, + "region": { + "type": "string" + }, + "endpoint": { + "type": "string" + }, + "skipTLSVerify": { + "type": "boolean" + }, + "objectPath": { + "type": "string" + }, + "usePathStyle": { + "type": "boolean" } }, "additionalProperties": false, @@ -569,18 +610,6 @@ "transform": { "$ref": "#/$defs/Template" }, - "filter": { - "$ref": "#/$defs/CloudWatchFilter" - } - }, - "additionalProperties": false, - "type": "object", - "required": [ - "name" - ] - }, - "CloudWatchFilter": { - "properties": { "actionPrefix": { "type": "string" }, @@ -598,7 +627,10 @@ } }, "additionalProperties": false, - "type": "object" + "type": "object", + "required": [ + "name" + ] }, "ComponentCheck": { "properties": { @@ -1129,6 +1161,9 @@ "transform": { "$ref": "#/$defs/Template" }, + "connection": { + "type": "string" + }, "host": { "type": "string" }, @@ -1246,8 +1281,11 @@ "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -1558,6 +1596,15 @@ "connection": { "type": "string" }, + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" + }, "endpoint": { "type": "string" }, @@ -1600,9 +1647,6 @@ }, "type": "array" }, - "authentication": { - "$ref": "#/$defs/Authentication" - }, "templateBody": { "type": "boolean" } @@ -1709,9 +1753,6 @@ "labels": { "$ref": "#/$defs/Labels" }, - "connection": { - "type": "string" - }, "jmx": { "$ref": "#/$defs/EnvVar" }, @@ -1849,11 +1890,14 @@ "connection": { "type": "string" }, - "host": { + "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "bindDN": { "type": "string" @@ -1869,8 +1913,6 @@ "type": "object", "required": [ "name", - "host", - "auth", "bindDN" ] }, @@ -1985,15 +2027,20 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" } }, "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "MssqlCheck": { @@ -2022,8 +2069,14 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -2035,8 +2088,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "MysqlCheck": { @@ -2065,8 +2117,14 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -2078,8 +2136,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "NamespaceCheck": { @@ -2285,8 +2342,11 @@ "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -2302,7 +2362,6 @@ "type": "object", "required": [ "name", - "auth", "query", "index" ] @@ -2438,8 +2497,14 @@ "connection": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "url": { + "type": "string" + }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" }, "query": { "type": "string" @@ -2451,8 +2516,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "connection" + "name" ] }, "PrometheusCheck": { @@ -2478,12 +2542,21 @@ "transform": { "$ref": "#/$defs/Template" }, + "host": { + "type": "string" + }, "connection": { "type": "string" }, - "host": { + "url": { "type": "string" }, + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" + }, "query": { "type": "string" } @@ -2492,7 +2565,6 @@ "type": "object", "required": [ "name", - "host", "query" ] }, @@ -2585,11 +2657,17 @@ "connection": { "type": "string" }, - "addr": { + "url": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" + }, + "addr": { + "type": "string" }, "db": { "type": "integer" @@ -2598,9 +2676,7 @@ "additionalProperties": false, "type": "object", "required": [ - "name", - "addr", - "db" + "name" ] }, "RelationshipSpec": { @@ -2746,15 +2822,17 @@ "host": { "type": "string" }, - "auth": { - "$ref": "#/$defs/Authentication" + "username": { + "$ref": "#/$defs/EnvVar" + }, + "password": { + "$ref": "#/$defs/EnvVar" } }, "additionalProperties": false, "type": "object", "required": [ - "host", - "auth" + "host" ] }, "SMBConnection": { @@ -2765,27 +2843,18 @@ "port": { "type": "integer" }, - "auth": { - "$ref": "#/$defs/Authentication" - }, - "domain": { - "type": "string" - }, - "workstation": { - "type": "string" + "username": { + "$ref": "#/$defs/EnvVar" }, - "sharename": { - "type": "string" + "password": { + "$ref": "#/$defs/EnvVar" }, - "searchPath": { + "domain": { "type": "string" } }, "additionalProperties": false, - "type": "object", - "required": [ - "auth" - ] + "type": "object" }, "SecretKeySelector": { "properties": { diff --git a/fixtures/aws/ec2_pass.yaml b/fixtures/aws/ec2_pass.yaml index b70ea01ea..618dfe225 100644 --- a/fixtures/aws/ec2_pass.yaml +++ b/fixtures/aws/ec2_pass.yaml @@ -7,7 +7,7 @@ spec: spec: ec2: - description: test instance - accessKeyID: + accessKey: valueFrom: secretKeyRef: name: aws-credentials diff --git a/fixtures/azure/devops.yaml b/fixtures/azure/devops.yaml index 3c1f0062b..db6095f49 100644 --- a/fixtures/azure/devops.yaml +++ b/fixtures/azure/devops.yaml @@ -7,7 +7,8 @@ spec: azureDevops: - project: Demo1 pipeline: ^windows- - personalAccessToken: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx + personalAccessToken: + value: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx organization: flanksource variable: env: prod diff --git a/fixtures/datasources/SFTP/sftp_pass.yaml b/fixtures/datasources/SFTP/sftp_pass.yaml index 7f956fc4a..79d7c459f 100644 --- a/fixtures/datasources/SFTP/sftp_pass.yaml +++ b/fixtures/datasources/SFTP/sftp_pass.yaml @@ -9,9 +9,8 @@ spec: name: sample sftp check sftpConnection: host: 192.168.1.5 - auth: - username: - value: - password: - value: - maxCount: 10 \ No newline at end of file + username: + value: + password: + value: + maxCount: 10 diff --git a/fixtures/datasources/elasticsearch_fail.yaml b/fixtures/datasources/elasticsearch_fail.yaml index e2fac9271..db0ed8422 100644 --- a/fixtures/datasources/elasticsearch_fail.yaml +++ b/fixtures/datasources/elasticsearch_fail.yaml @@ -18,14 +18,13 @@ spec: } results: 1 name: elasticsearch-fail - auth: - username: - valueFrom: - secretKeyRef: - name: search - key: ELASTIC_SEARCH_USERNAME - password: - valueFrom: - secretKeyRef: - name: search - key: ELASTIC_SEARCH_PASSWORD + username: + valueFrom: + secretKeyRef: + name: search + key: ELASTIC_SEARCH_USERNAME + password: + valueFrom: + secretKeyRef: + name: search + key: ELASTIC_SEARCH_PASSWORD diff --git a/fixtures/datasources/elasticsearch_pass.yaml b/fixtures/datasources/elasticsearch_pass.yaml index 7cee8c31f..5981488c8 100644 --- a/fixtures/datasources/elasticsearch_pass.yaml +++ b/fixtures/datasources/elasticsearch_pass.yaml @@ -18,14 +18,13 @@ spec: } results: 1 name: elasticsearch_pass - auth: - username: - valueFrom: - secretKeyRef: - name: search - key: ELASTIC_SEARCH_USERNAME - password: - valueFrom: - secretKeyRef: - name: search - key: ELASTIC_SEARCH_PASSWORD \ No newline at end of file + username: + valueFrom: + secretKeyRef: + name: search + key: ELASTIC_SEARCH_USERNAME + password: + valueFrom: + secretKeyRef: + name: search + key: ELASTIC_SEARCH_PASSWORD diff --git a/fixtures/datasources/ldap_pass.yaml b/fixtures/datasources/ldap_pass.yaml index 4804ef707..199a2e282 100644 --- a/fixtures/datasources/ldap_pass.yaml +++ b/fixtures/datasources/ldap_pass.yaml @@ -5,21 +5,19 @@ metadata: spec: interval: 30 ldap: - - host: ldap://apacheds.ldap.svc.cluster.local:10389 + - url: ldap://apacheds.ldap.svc.cluster.local:10389 name: ldap user login - auth: - username: - value: uid=admin,ou=system - password: - value: secret + username: + value: uid=admin,ou=system + password: + value: secret bindDN: ou=users,dc=example,dc=com userSearch: "(&(objectClass=organizationalPerson))" - - host: ldap://apacheds.ldap.svc.cluster.local:10389 + - url: ldap://apacheds.ldap.svc.cluster.local:10389 name: ldap group login - auth: - username: - value: uid=admin,ou=system - password: - value: secret + username: + value: uid=admin,ou=system + password: + value: secret bindDN: ou=groups,dc=example,dc=com userSearch: "(&(objectClass=groupOfNames))" diff --git a/fixtures/datasources/mongo_fail.yaml b/fixtures/datasources/mongo_fail.yaml index e1ba27aca..69492e5c2 100644 --- a/fixtures/datasources/mongo_fail.yaml +++ b/fixtures/datasources/mongo_fail.yaml @@ -7,11 +7,10 @@ metadata: spec: interval: 30 mongodb: - - connection: mongodb://mongo2.default.svc.cluster.local:27017/?authSource=admin + - url: mongodb://mongo2.default.svc.cluster.local:27017/?authSource=admin name: mongo wrong password description: test mongo instance - auth: - username: - value: mongoadmin - password: - value: wronghere2 + username: + value: mongoadmin + password: + value: wronghere2 diff --git a/fixtures/datasources/mongo_pass.yaml b/fixtures/datasources/mongo_pass.yaml index 5c037a646..46e4dabd6 100644 --- a/fixtures/datasources/mongo_pass.yaml +++ b/fixtures/datasources/mongo_pass.yaml @@ -5,14 +5,9 @@ metadata: spec: interval: 30 mongodb: - - connection: mongodb://$(username):$(password)@mongo.default.svc.cluster.local:27017/?authSource=admin + - url: mongodb://$(username):$(password)@mongo.default.svc.cluster.local:27017/?authSource=admin name: mongo ping check - description: mongo ping - auth: - username: - value: mongoadmin - password: - value: secret - dns: - - query: mongo.default.svc.cluster.local - name: mongo dns check + username: + value: mongoadmin + password: + value: secret diff --git a/fixtures/datasources/mssql_fail.yaml b/fixtures/datasources/mssql_fail.yaml index 2027f9565..fb784396e 100644 --- a/fixtures/datasources/mssql_fail.yaml +++ b/fixtures/datasources/mssql_fail.yaml @@ -7,7 +7,7 @@ metadata: spec: interval: 30 mssql: - - connection: "server=mssql.platformsystem;user id=sa;password=S0m3p@sswd;port=32010;database=master" #wrong server name for failure + - url: "server=mssql.platformsystem;user id=sa;password=S0m3p@sswd;port=32010;database=master" #wrong server name for failure name: mssql servername query: "SELECT 1" results: 1 diff --git a/fixtures/datasources/mssql_pass.yaml b/fixtures/datasources/mssql_pass.yaml index d318f833b..032a1e867 100644 --- a/fixtures/datasources/mssql_pass.yaml +++ b/fixtures/datasources/mssql_pass.yaml @@ -5,12 +5,11 @@ metadata: spec: interval: 30 mssql: - - connection: "server=mssql.default.svc.cluster.local;user id=$(username);password=$(password);port=1433;database=master" + - url: "server=mssql.default.svc.cluster.local;user id=$(username);password=$(password);port=1433;database=master" name: mssql pass - auth: - username: - value: sa - password: - value: S0m3p@sswd + username: + value: sa + password: + value: S0m3p@sswd query: "SELECT 1" results: 1 diff --git a/fixtures/datasources/mysql_fail.yaml b/fixtures/datasources/mysql_fail.yaml index 4b1f947e0..e11bcf9a6 100644 --- a/fixtures/datasources/mysql_fail.yaml +++ b/fixtures/datasources/mysql_fail.yaml @@ -5,12 +5,11 @@ metadata: spec: interval: 30 mysql: - - connection: "$(username):$(password)@tcp(mysql.default.svc.cluster.local:3306)/mysqldb" + - url: "$(username):$(password)@tcp(mysql.default.svc.cluster.local:3306)/mysqldb" name: mysql wrong password - auth: - username: - value: mysqladmin - password: - value: wrongpassword + username: + value: mysqladmin + password: + value: wrongpassword query: "SELECT 1" results: 1 diff --git a/fixtures/datasources/mysql_pass.yaml b/fixtures/datasources/mysql_pass.yaml index ba8d9a5cb..4d785721e 100644 --- a/fixtures/datasources/mysql_pass.yaml +++ b/fixtures/datasources/mysql_pass.yaml @@ -5,12 +5,11 @@ metadata: spec: interval: 30 mysql: - - connection: "$(username):$(password)@tcp(mysql.default.svc.cluster.local:3306)/mysqldb" + - url: "$(username):$(password)@tcp(mysql.default.svc.cluster.local:3306)/mysqldb" name: mysql ping check - auth: - username: - value: mysqladmin - password: - value: admin123 + username: + value: mysqladmin + password: + value: admin123 query: "SELECT 1" results: 1 diff --git a/fixtures/datasources/opensearch_fail.yaml b/fixtures/datasources/opensearch_fail.yaml index 58269133f..8b3659bf6 100644 --- a/fixtures/datasources/opensearch_fail.yaml +++ b/fixtures/datasources/opensearch_fail.yaml @@ -21,14 +21,13 @@ spec: } } results: 100 - auth: - username: - valueFrom: - secretKeyRef: - name: search - key: OPENSEARCH_USERNAME - password: - valueFrom: - secretKeyRef: - name: search - key: OPENSEARCH_PASSWORD + username: + valueFrom: + secretKeyRef: + name: search + key: OPENSEARCH_USERNAME + password: + valueFrom: + secretKeyRef: + name: search + key: OPENSEARCH_PASSWORD diff --git a/fixtures/datasources/opensearch_pass.yaml b/fixtures/datasources/opensearch_pass.yaml index cd88474bd..14b1dbe51 100644 --- a/fixtures/datasources/opensearch_pass.yaml +++ b/fixtures/datasources/opensearch_pass.yaml @@ -20,14 +20,13 @@ spec: } } results: 1 - auth: - username: - valueFrom: - secretKeyRef: - name: search - key: OPENSEARCH_USERNAME - password: - valueFrom: - secretKeyRef: - name: search - key: OPENSEARCH_PASSWORD + username: + valueFrom: + secretKeyRef: + name: search + key: OPENSEARCH_USERNAME + password: + valueFrom: + secretKeyRef: + name: search + key: OPENSEARCH_PASSWORD diff --git a/fixtures/datasources/postgres_fail.yaml b/fixtures/datasources/postgres_fail.yaml index 1eb171236..07bedc172 100644 --- a/fixtures/datasources/postgres_fail.yaml +++ b/fixtures/datasources/postgres_fail.yaml @@ -8,12 +8,11 @@ metadata: spec: interval: 30 postgres: - - connection: "user=$(username) dbname=pqgotest sslmode=verify-full" + - url: "user=$(username) dbname=pqgotest sslmode=verify-full" name: postgres blank password - auth: - username: - value: pqgotest - password: - value: "" + username: + value: pqgotest + password: + value: "" query: "SELECT 1" results: 1 diff --git a/fixtures/datasources/postgres_pass.yaml b/fixtures/datasources/postgres_pass.yaml index b3a4909b3..1663cbed7 100644 --- a/fixtures/datasources/postgres_pass.yaml +++ b/fixtures/datasources/postgres_pass.yaml @@ -5,13 +5,12 @@ metadata: spec: interval: 30 postgres: - - connection: "postgres://$(username):$(password)@postgres.default.svc.cluster.local:5432/postgres?sslmode=disable" + - url: "postgres://$(username):$(password)@postgres.default.svc.cluster.local:5432/postgres?sslmode=disable" name: postgres schemas check - auth: - username: - value: postgresadmin - password: - value: admin123 + username: + value: postgresadmin + password: + value: admin123 query: SELECT current_schemas(true) display: template: | diff --git a/fixtures/datasources/prometheus.yaml b/fixtures/datasources/prometheus.yaml index f87ed8974..85ca519e0 100644 --- a/fixtures/datasources/prometheus.yaml +++ b/fixtures/datasources/prometheus.yaml @@ -5,10 +5,8 @@ metadata: spec: interval: 30 prometheus: - - host: https://prometheus.demo.aws.flanksource.com/ + - url: https://prometheus.demo.aws.flanksource.com/ name: prometheus-check query: kubernetes_build_info{job!~"kube-dns|coredns"} display: - template: "{{ (index .results 0).git_version }}" - test: - template: "true" + expr: results[0].git_version diff --git a/fixtures/k8s/http_auth_configmap.yaml b/fixtures/k8s/http_auth_configmap.yaml index 6080740b9..803ec0cc2 100644 --- a/fixtures/k8s/http_auth_configmap.yaml +++ b/fixtures/k8s/http_auth_configmap.yaml @@ -6,14 +6,13 @@ spec: http: - endpoint: https://httpbin.demo.aws.flanksource.com/basic-auth/hello/world responseCodes: [200] - authentication: - username: - valueFrom: - configMapKeyRef: - name: basic-auth - key: user - password: - valueFrom: - configMapKeyRef: - name: basic-auth - key: pass + username: + valueFrom: + configMapKeyRef: + name: basic-auth + key: user + password: + valueFrom: + configMapKeyRef: + name: basic-auth + key: pass diff --git a/fixtures/k8s/http_auth_secret.yaml b/fixtures/k8s/http_auth_secret.yaml index 431c960c2..20290d7d4 100644 --- a/fixtures/k8s/http_auth_secret.yaml +++ b/fixtures/k8s/http_auth_secret.yaml @@ -8,14 +8,13 @@ spec: http: - endpoint: https://httpbin.demo.aws.flanksource.com/basic-auth/hello/world responseCodes: [200] - authentication: - username: - valueFrom: - secretKeyRef: - name: basic-auth - key: user - password: - valueFrom: - secretKeyRef: - name: basic-auth - key: pass + username: + valueFrom: + secretKeyRef: + name: basic-auth + key: user + password: + valueFrom: + secretKeyRef: + name: basic-auth + key: pass diff --git a/fixtures/minimal/http_auth.yaml b/fixtures/minimal/http_auth.yaml index 562aca01e..d557779f1 100644 --- a/fixtures/minimal/http_auth.yaml +++ b/fixtures/minimal/http_auth.yaml @@ -8,8 +8,7 @@ spec: responseCodes: [401] - endpoint: https://httpbin.demo.aws.flanksource.com/basic-auth/hello/world responseCodes: [200] - authentication: - username: - value: hello - password: - value: world + username: + value: hello + password: + value: world diff --git a/fixtures/minimal/http_pass_results_mode_pass.yaml b/fixtures/minimal/http_pass_results_mode_pass.yaml index eb68efac3..95335ff03 100644 --- a/fixtures/minimal/http_pass_results_mode_pass.yaml +++ b/fixtures/minimal/http_pass_results_mode_pass.yaml @@ -6,14 +6,14 @@ spec: resultMode: "junit" interval: 30 http: - - endpoint: https://httpbin.demo.aws.flanksource.com/status/200 + - url: https://httpbin.demo.aws.flanksource.com/status/200 name: http pass response 200 status code thresholdMillis: 30000 responseCodes: [201, 301, 200] responseContent: "" maxSSLExpiry: 7 description: "HTTP dummy test 2" - - endpoint: https://httpbin.demo.aws.flanksource.com/status/201 + - url: https://httpbin.demo.aws.flanksource.com/status/201 name: http pass response 201 status code thresholdMillis: 30000 responseCodes: [201] diff --git a/fixtures/minimal/http_pass_single.yaml b/fixtures/minimal/http_pass_single.yaml index 0781868a2..a3619f58c 100644 --- a/fixtures/minimal/http_pass_single.yaml +++ b/fixtures/minimal/http_pass_single.yaml @@ -8,10 +8,17 @@ spec: interval: 30 http: - endpoint: https://httpbin.demo.aws.flanksource.com/status/200 - name: sample-check - thresholdMillis: 3000 + name: http-deprecated-endpoint + - name: http-minimal-check + url: https://httpbin.demo.aws.flanksource.com/status/200 + - name: http-param-tests + url: https://httpbin.demo.aws.flanksource.com/status/200 responseCodes: [201, 200, 301] responseContent: "" maxSSLExpiry: 7 + - name: http-expr-tests + url: https://httpbin.demo.aws.flanksource.com/status/200 test: - expr: "code == 200" + expr: "code in [200,201,301] and sslAge > Duration('7d')" + display: + template: "code={{.code}}, age={{.sslAge}}" diff --git a/fixtures/quarantine/smb_pass.yaml b/fixtures/quarantine/smb_pass.yaml index 6733a4e3c..612dde49b 100644 --- a/fixtures/quarantine/smb_pass.yaml +++ b/fixtures/quarantine/smb_pass.yaml @@ -8,17 +8,16 @@ spec: # Check for any backup not older than 7 days and min size 25 bytes - path: \\windows-server\sharename\folder smbConnection: - auth: - username: - valueFrom: - secretKeyRef: - name: smb-credentials - key: USERNAME - password: - valueFrom: - secretKeyRef: - name: ssmb-credentials - key: PASSWORD + username: + valueFrom: + secretKeyRef: + name: smb-credentials + key: USERNAME + password: + valueFrom: + secretKeyRef: + name: ssmb-credentials + key: PASSWORD filter: regex: "(.*)backup.zip$" maxAge: 7d