Commit Graph

353 Commits

Author SHA1 Message Date
Prasad Ghangal
a334c86a11
[Test] Do not log msg in tests (#555)
##### SUMMARY

Do not log msg in tests to fix CVE checks

https://github.com/infracloudio/botkube/runs/4527109648
2021-12-17 11:18:40 +00:00
Andrew Suderman
6d4e099eb7
[Feature] Add the ability to specify a kubeconfig and disable service account token mounting in helm chart (#493)
##### ISSUE TYPE

 - Feature Pull Request

##### SUMMARY
This provides the ability to directly specify a kubeconfig for botkube to use when installing via helm. In addition, it adds a value that will disable service account token mounting. This provides the ability to run botkube against other clusters that it is not currently running in.
2021-12-14 22:25:46 +00:00
Prasad Ghangal
326b138ca9
Upgrade github.com/gogo/protobuf dep (#553)
Signed-off-by: Prasad Ghangal <prasad.ghangal@gmail.com>
2021-12-14 10:20:14 +05:30
Prasad Ghangal
93eeeea79f Release v0.12.4 2021-12-13 09:13:05 +05:30
Prasad Ghangal
cbdf380b16
Upgrade golang.org/x... pkg deps (#552)
Signed-off-by: Prasad Ghangal <prasad.ghangal@gmail.com>
2021-12-11 16:23:33 +05:30
Richard Gerrard
733281a7f4
Update base image to address busybox CVEs (#551)
Please make a release, maintainers!

##### ISSUE TYPE
Mandatory security update

##### SUMMARY
Addresses:


  | CVE-2021-42378 | HIGH | busybox | 1.31.1-r20 | 1.31.1-r21
  | CVE-2021-42379 | HIGH | busybox | 1.31.1-r20 | 1.31.1-r21
  | CVE-2021-42380 | HIGH | busybox | 1.31.1-r20 | 1.31.1-r21
  | CVE-2021-42381 | HIGH | busybox | 1.31.1-r20 | 1.31.1-r21
  | CVE-2021-42382 | HIGH | busybox | 1.31.1-r20 | 1.31.1-r21
  | CVE-2021-42383 | HIGH | busybox | 1.31.1-r20 | 1.31.1-r21
  | CVE-2021-42384 | HIGH | busybox | 1.31.1-r20 | 1.31.1-r21
  | CVE-2021-42385 | HIGH | busybox | 1.31.1-r20 | 1.31.1-r21
  | CVE-2021-42386 | HIGH | busybox | 1.31.1-r20 | 1.31.1-r21
  | CVE-2021-42374 | MEDIUM | busybox | 1.31.1-r20 | 1.31.1-r21
2021-12-03 15:02:34 +00:00
Luca GOUTY
36e9cd7988
feat(helm): allow to set deployment annotations (#537)
##### ISSUE TYPE

 - Feature Pull Request

##### SUMMARY


Allow to set deployment annotations in helm chart.

Fixes #536

##### Remarks

I hesitated to use `extraAnnotations`, but when I look at other official helm charts most of the time they use different values for pods and deployments annotations. 

Imho we should also rename `extraAnnotations` to `podAnnotations` but would be a breaking change so I left it as it was.
2021-11-29 05:47:30 +00:00
Prasad Ghangal
db32201404
Update release script to bump release tags (#544)
##### SUMMARY

- Update release script to bump release tags
- Correct BotKube release versions in all in one deploy yamls
2021-11-17 15:31:36 +00:00
Prasad Ghangal
8f6ba01d89
[CI] Fix github token secret name (#543)
##### ISSUE TYPE
<!--- Pick one below and delete the rest: -->
 - Bug fix Pull Request


##### SUMMARY
Fix github token secret name
2021-11-15 14:13:03 +05:30
Prasad Ghangal
5cc97c3791
Bump msbotbuilder-go dep to v0.2.5 (#533)
Signed-off-by: Prasad Ghangal <prasad.ghangal@gmail.com>

##### ISSUE TYPE
 - Bug fix Pull Request

##### SUMMARY

Upgrade msbotbuilder-go dep to v0.2.5
2021-10-20 05:13:59 +00:00
Nirav Katarmal
bb840c8f6d
Remove hacktoberfest reference from the README (#529)
##### ISSUE TYPE
<!--- Pick one below and delete the rest: -->
 - Docs Pull Request

##### SUMMARY
<!--- Describe the change, including rationale and design decisions -->
Updated the participation to hacktoberfest 2021 in the Readme.
<!---
If you are fixing an existing issue, please include "Fixes #nnn" in your
PR comment; and describe briefly what the change does.
-->

<!--- Please list dependencies added with your change also -->
2021-10-06 15:09:31 +00:00
Prasad Ghangal
f8e6be9463
Fix goreleaser build with latest tags (#531)
Signed-off-by: Prasad Ghangal <prasad.ghangal@gmail.com>

##### ISSUE TYPE
 - Bug fix Pull Request


##### SUMMARY
New goreleaser versions don't allow builds with "latest" tags. This PR pins the goreleaser version in CI to prevent it from failure.
2021-10-06 20:25:55 +05:30
Prasad Ghangal
14aad688af
[CI] Fix go mod errors in golang.org/x pkg (#528)
Signed-off-by: Prasad Ghangal <prasad.ghangal@gmail.com>

##### ISSUE TYPE

 - Bug fix Pull Request


##### SUMMARY

CI is failing due to go mod issues related to golang.org/x pkg. Update the dep to fix the build errors
2021-10-05 12:11:41 +00:00
Hisham Veeran
c28667449f
Update Base Image to alpine 3.14.2 (#524)
This release includes fixes for openssl CVE-2021-3711 and CVE-2021-3712.
https://alpinelinux.org/posts/Alpine-3.14.2-released.html

##### ISSUE TYPE
 - Bug fix Pull Request
 
Fixes #523
2021-09-15 17:25:08 +00:00
Prasad Ghangal
0acc9cad30 Release v0.12.3 2021-09-07 22:09:35 +05:30
Dis
cae6127320
fix: download the correct arch-specific kubectl (#517)
##### ISSUE TYPE
<!--- Pick one below and delete the rest: -->
 - Bug fix Pull Request

##### SUMMARY
<!--- Describe the change, including rationale and design decisions -->
This fetches the current latest stable kubectl directly from the upstream.

An alternate approach would be to copy from `rancher/kubectl` but that requires explicit versioning.

<!---
If you are fixing an existing issue, please include "Fixes #nnn" in your
PR comment; and describe briefly what the change does.
-->

<!--- Please list dependencies added with your change also -->

Fixes #516
2021-09-06 14:27:17 +00:00
Prasad Ghangal
ba05fee2fd
Happy spellcheck CI (#522) 2021-09-06 19:46:28 +05:30
Prasad Ghangal
7a5d47457a
Update helm docs (#514)
Signed-off-by: Prasad Ghangal <prasad.ghangal@gmail.com>
2021-08-21 12:11:05 +05:30
Prasad Ghangal
6a4622645c Release v0.12.2 2021-08-21 11:36:26 +05:30
Prasad Ghangal
9f7ec2347c
[CI] Upload docker manifest (#513)
Signed-off-by: Prasad Ghangal <prasad.ghangal@gmail.com>
2021-08-19 12:54:02 +05:30
Prasad Ghangal
22ef1801f7
[CI] Fix goreleaser install action (#512)
Signed-off-by: Prasad Ghangal <prasad.ghangal@gmail.com>
2021-08-19 12:38:55 +05:30
Prasad Ghangal
a72b581147
[CI] Add missing goreleaser action (#511)
Signed-off-by: Prasad Ghangal <prasad.ghangal@gmail.com>
2021-08-19 12:00:39 +05:30
Prasad Ghangal
ecac16f3f7
Fix make target in CI (#510) 2021-08-19 11:12:16 +05:30
Prasad Ghangal
f349853c51
Publish multi-arch images with goreleaser (#509)
##### ISSUE TYPE
 - Feature Pull Request

##### SUMMARY
- Switch to goreleaser for building and publishing release
- Set BotKube version with build args
- Use docker manifest to build multi-arch image
- Update CI pipeline to build and push image using goreleaser

Fixes #504 

```
$ docker manifest inspect ghcr.io/prasadg193/botkube:latest
{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json",
   "manifests": [
      {
         "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
         "size": 1370,
         "digest": "sha256:64d94709256eb85452afa06aa15574724266fa6b82b70654ff6b03c467d5a5e4",
         "platform": {
            "architecture": "amd64",
            "os": "linux"
         }
      },
      {
         "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
         "size": 1160,
         "digest": "sha256:525d79e629637fd1ae3530223fa380aea26ed299a1fd9ae2787721f4cc33dad5",
         "platform": {
            "architecture": "amd64",
            "os": "linux"
         }
      },
      {
         "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
         "size": 1160,
         "digest": "sha256:ef72bc09078929c8aed1161f86c2c86523f6fac664094a034c737ffd582f3ea7",
         "platform": {
            "architecture": "arm64",
            "os": "linux"
         }
      },
      {
         "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
         "size": 1160,
         "digest": "sha256:990cd2c6b522a3a69ba73ee83ed0ae306102369f02d09891de8fbfd024d37e87",
         "platform": {
            "architecture": "arm",
            "os": "linux",
            "variant": "v7"
         }
      }
   ]
}

```
2021-08-19 10:56:22 +05:30
Thijs de Jong
6ced5ead92
Fix panic when running command without resource (#447)
##### ISSUE TYPE
<!--- Pick one below and delete the rest: -->
 - Bug fix Pull Request

##### SUMMARY
<!--- Describe the change, including rationale and design decisions -->
This fixes a panic when running a command with an allowed verb but without a resource. For example: `@Botkube get`.
<!---
If you are fixing an existing issue, please include "Fixes #nnn" in your
PR comment; and describe briefly what the change does.
-->

<!--- Please list dependencies added with your change also -->
2021-07-21 05:33:03 +00:00
Vaibhav Pathak
ef92bb9c1f
Migrating to github container registry (#498)
##### ISSUE TYPE
 - Feature Pull Request

##### SUMMARY
This pull request is for changing registry from Docker hub to Github container registry. After acceptance of this PR all the new images will be pushed to github container registry as well as helm chart and other deployment chart will point to same github registry. 

Fixes #432
2021-07-21 10:44:22 +05:30
Prasad Ghangal
c0abaf72ca
Switch to helm3 to publish helm chart (#500)
Signed-off-by: Prasad Ghangal <prasad.ghangal@gmail.com>
2021-07-06 17:36:48 +05:30
David Costa
bcda42a77e
Allow skipping certs validation of Elastic (#487)
* Allow skipping certs validation of Elastic

Allow user to skip certificate validation when connecting to the
Elasticsearch cluster (opt-in). It permits to use botkube with clusters
that don't have certificates signed by a CA that is trusted by the
botkube image, it often happens with clusters that are for internal use
only.

See #485

Co-Authored-By: Carmine Di Monaco <carmine.dimonaco@computer.org>

* Update go.sum

* Add the default value of skipTLSVerify in deploy manifests

Co-authored-by: David Costa <david@zarel.net>

* Add skipTLSVerify elasticsearch option to helm chart

Co-authored-by: David Costa <david@zarel.net>

* Bool instead of boolean in helm chart docs for skipTLSVerify elastic

Co-authored-by: David Costa <david@zarel.net>

Co-authored-by: Carmine Di Monaco <carmine.dimonaco@computer.org>
Co-authored-by: Carmine Di Monaco <carmine.dimonaco@gmail.com>
2021-07-02 09:25:06 +05:30
Herman
08f4d1e3f0
Test and document adding updateSetting for complex annotation keys (#491)
##### ISSUE TYPE
<!--- Pick one below and delete the rest: -->
 - Docs Pull Request

##### SUMMARY
We wanted to add `updateSetting` for an annotation from the Kubernetes Apps SIG. This annotation contains dots and slashes. I wasn't sure which field to use, so I've updated the test to make it very clear that it requires the syntax of number 1:
1. `metadata.annotations.app\.kubernetes\.io\/version`
2. `metadata.annotations["app.kubernetes.io/version"]`
<!--- Please list dependencies added with your change also -->

Fixes #XXX
2021-07-02 03:09:00 +00:00
Sanket Sudake
5a30df23a0
Enable code scan with CodeQL for Go source (#497)
##### ISSUE TYPE
 - Feature Pull Request

##### SUMMARY
Change add CodeQL workflow which scans and reports vulnerabilities in Go source code. It would be reported under the Security tab of the repository.
2021-06-25 11:10:57 +05:30
Eldwan Brianne
20f988d2f5
Passing communications config as a k8s secret using existingSecret (#482)
##### ISSUE TYPE
 - Feature Pull Request

##### SUMMARY
I have implemented in the helm chart the possibility to pass the communication config as a k8s secret and configure in the value files via an existingSecret. It can be configured in the values file via these:

```yaml
communications:
    existingSecret: false
    existingSecretName: ""
```

Fixes #319 #211 #226 #233
2021-05-25 13:03:31 +00:00
Goir
3d48fded42
allow configration of Mattermost Username (#455)
##### ISSUE TYPE
 - Bug fix Pull Request

##### SUMMARY
Allow Configuration of Mattermost user and fixes BUG with getUser() if its not the "BotKube" default user.

Fixes #245
2021-05-21 13:57:13 +00:00
Pierluigi Lenoci
5c40418b56
Fixed BOTKUBE_VERSION (#483)
##### ISSUE TYPE
<!--- Pick one below and delete the rest: -->
 - Bug fix Pull Request

##### SUMMARY
<!--- Describe the change, including rationale and design decisions -->

The software notifies on the channel if you are using the updated version of BotKube or not. To do this, use the BOTKUBE_VERSION variable which is set up with the `.Chart.Version` value which does not necessarily correspond to the version of the software running on the cluster. The actual version of the software that runs is the one that comes from `.Values.image.tag`. 

<img width="616" alt="Screenshot 2021-05-11 at 09 51 39" src="https://user-images.githubusercontent.com/36044817/117780091-96588700-b23f-11eb-984c-b6555b1f3629.png">
2021-05-21 13:23:53 +00:00
Prasad Ghangal
2769eb3c0f
Fix CI builds (#489)
##### ISSUE TYPE

 - Bug fix Pull Request


##### SUMMARY

This PR fixes CI builds falling due to missing go.sum entries
2021-05-21 13:03:56 +00:00
Prasad Ghangal
7d17dc0c26 Release v0.12.1 2021-04-25 18:28:47 +05:30
Prasad Ghangal
aeed283a98
Update Go and pkg deps (#475) 2021-04-24 20:06:01 +05:30
Patria Lukman
6d7c338af3
Adding privileged, allowPrivilegedEscalation and readOnlyRootFilesyst… (#473)
Adding privileged, allowPrivilegedEscalation and readOnlyRootFilesystem to container security context, also adjusting deployment.yaml

##### ISSUE TYPE
- Feature Pull Request
 

##### SUMMARY
Need to add more granular control to the container's security context. I'd need to add these extra attributes as well as liveness and readiness probes. Is this is something that can be included in the code? 
thank you !
2021-04-24 08:44:46 +00:00
Prasad Ghangal
9f9d3725e3
Make CI compatible with helm3 (#476)
Signed-off-by: Prasad Ghangal <prasad.ghangal@gmail.com>
2021-04-18 16:42:06 +05:30
Kartik Moolya
38196d911d
adding support for imagePullSecrets and pullpolicy to "IfNotPresent" (#472)
##### ISSUE TYPE
<!--- Pick one below and delete the rest: -->
 - Feature Pull Request

##### SUMMARY
<!--- Describe the change, including rationale and design decisions -->
Added code block in helmcharts to support imagepullsecrets
as a best practise changed the imagePullPolicy to "IfNotPresent"
<!---
If you are fixing an existing issue, please include "Fixes #nnn" in your
PR comment; and describe briefly what the change does.
-->

<!--- Please list dependencies added with your change also -->

Fixes #471
2021-04-15 08:57:41 +00:00
Shahar Danus
aeee6a1ea6
bumping alpine version, improving security (#467)
- Bug fix Pull Request (Security)
 

##### SUMMARY

Changing alpine version for security,
Version 3.10 will be out of scope in a month.
2021-04-05 11:27:08 +00:00
Rodrigo Carvalho
3e1b2454b2
Add support to new ingress apiVersion version. (#464)
This PR holds the step to check if you are running Kubernetes with support to the new ingress apiVersion.

##### ISSUE TYPE
<!--- Pick one below and delete the rest: -->
 - Feature Pull Request
 - Bug fix Pull Request
 - Docs Pull Request

##### SUMMARY
<!--- Describe the change, including rationale and design decisions -->

<!---
If you are fixing an existing issue, please include "Fixes #nnn" in your
PR comment; and describe briefly what the change does.
-->

<!--- Please list dependencies added with your change also -->

Fixes #XXX
2021-04-05 11:03:50 +00:00
Kartik Moolya
993adfef41
Generating credentials using WebhookIdentity on AWS (#463)
##### ISSUE TYPE
<!--- Pick one below and delete the rest: -->
 - Feature Pull Request

##### SUMMARY
<!--- Describe the change, including rationale and design decisions -->
Capability to fetch AWS credentials from the EKS OIDC provider
<!---
If you are fixing an existing issue, please include "Fixes #nnn" in your
PR comment; and describe briefly what the change does.
-->

<!--- Please list dependencies added with your change also -->

Fixes #462
2021-03-17 08:44:50 +00:00
Girish Talekar
23498c01bb
remove unwanted hyperlink text from command (#461)
##### ISSUE TYPE
<!--- Pick one below and delete the rest: -->
 - Bug fix Pull Request

##### SUMMARY
When clustername is passed to botkube from command and if that clustername contains valid domain then slack automatically adds <http:// to the url  
eg.  
if command is `@BotKube get pods --cluster-name xyz.alpha-sense.org`  then in botkube we get cluster name as `<http://xyz.alpha-sense.org|xyz.alpha-sense.org>`

#### Solution:
Added small logic in executor code to remove the unwanted string

Fixes https://github.com/infracloudio/botkube/issues/460
2021-03-10 06:34:45 +00:00
Girish Talekar
00c0c570ea
corrected defaultNamespace population and avoid appending defaultnamespace if already passed (#459)
##### ISSUE TYPE
<!--- Pick one below and delete the rest: -->
 - Bug fix Pull Request

##### SUMMARY
<!--- Describe the change, including rationale and design decisions -->
Resolved issue of DefaultNamespace value is not getting populated in config and appending default namespace if another namespace is already passed
2021-02-24 16:21:41 +00:00
Prasad Ghangal
1a4398ffba Release v0.12.0 2021-01-29 00:47:42 +05:30
Prasad Ghangal
38e726cffa
Update github_changelog_generator to work with v1.15.2 (#453)
Signed-off-by: Prasad Ghangal <prasad.ghangal@gmail.com>

##### ISSUE TYPE
 - Feature Pull Request


##### SUMMARY
Update changelog gen command in release script to work with the latest https://github.com/github-changelog-generator/github-changelog-generator release
2021-01-29 00:25:18 +05:30
Prasad Ghangal
a9eb8de69f
Remove whitespaces in the responses (#452)
##### ISSUE TYPE
<!--- Pick one below and delete the rest: -->
 - Feature Pull Request

##### SUMMARY

Remove whitespaces in the command responses

![image](https://user-images.githubusercontent.com/7098659/106181497-acc46080-61c3-11eb-86f4-6a0233a14b59.png)
2021-01-28 18:36:17 +00:00
Prasad Ghangal
27fc6ed767
Use uniform response format (#451)
Signed-off-by: Prasad Ghangal <prasad.ghangal@gmail.com>

##### ISSUE TYPE
 - Feature Pull Request

##### SUMMARY
Use uniform `codeblock` format for command responses across different integrations 

![image](https://user-images.githubusercontent.com/7098659/105995940-ac4a9d80-60cf-11eb-9f7f-962bcc626968.png)
2021-01-28 05:00:08 +00:00
Prasad Ghangal
5ff16d0b46
Fix namespace checker filter (#449)
Signed-off-by: Prasad Ghangal <prasad.ghangal@gmail.com>

##### ISSUE TYPE

 - Bug fix Pull Request


##### SUMMARY

Fix namespace checker filter issue where events with ignored namespaces were not getting skipped 

Fixes #419
2021-01-20 06:49:48 +00:00
Kuntal Majumder
14c8c9d4d2
Fixed namespace checker to use the correct name (#437)
##### ISSUE TYPE
 - Bug fix Pull Request

##### SUMMARY
Apparently the wrong member was used to check the resource name. I don't
know how resillient this patch is, but it works for most of the part.

<!--- Please list dependencies added with your change also -->

Fixes #419
2021-01-04 10:16:23 +00:00