jiralert icon indicating copy to clipboard operation
jiralert copied to clipboard

Published 20 hours ago verified publisher icon prometheus-community

Encrypt password while using basic auth

Open Dajma opened this issue 4 years ago • 3 comments

I have Jira server installation which does not support api token and Jiralert does not support oauth, so basic auth is the only option. Is there a way to encrypt the password somehow or provide it via environment variable. BTW, I intend to use the jiralert container.

Dajma avatar Feb 16 '21 21:02 Dajma

Yes! I think I love this idea.

What about envvar substitution inside configuration file. E.g we could use https://github.com/thanos-io/thanos/blob/main/pkg/reloader/reloader.go#L411:6 would that work?

PRs and help wanted 🤗

bwplotka avatar Mar 05 '21 12:03 bwplotka

Env var substitution would be a great addition. That way one could also pass the PAT to the app in a secure way.

Maybe i will find the time to give it a try. Adding:

https://github.com/thanos-io/thanos/blob/296c4ab4baf2c8dd6abdf2649b0660ac77505e63/pkg/reloader/reloader.go#L445-L462

to

https://github.com/prometheus-community/jiralert/blob/a0f0e80e575e71cbf7db565d3296a3a984282dff/pkg/config/config.go#L63

just like

https://github.com/thanos-io/thanos/blob/296c4ab4baf2c8dd6abdf2649b0660ac77505e63/pkg/reloader/reloader.go#L302-L305

plus some tests like

https://github.com/thanos-io/thanos/blob/296c4ab4baf2c8dd6abdf2649b0660ac77505e63/pkg/reloader/reloader_test.go#L89-L102

should be pretty much it right?

Also related: https://github.com/prometheus/alertmanager/pull/2855

splitt3r avatar Jun 09 '22 08:06 splitt3r

Here's a PR with the changes required: https://github.com/prometheus-community/jiralert/pull/125

rati3l avatar Aug 20 '22 23:08 rati3l