diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index e35f351c46..c27e55e3b8 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -31,4 +31,5 @@ Committing with `git commit -s` will add the sign-off at the end of the commit m - Johannes Zahn - Jop Zitman - Florian Buchmeier -- Max Maass \ No newline at end of file +- Max Maass +- Chuck McAuley diff --git a/hooks/notification/.helm-docs.gotmpl b/hooks/notification/.helm-docs.gotmpl index 4deb078d06..ee67b4c936 100644 --- a/hooks/notification/.helm-docs.gotmpl +++ b/hooks/notification/.helm-docs.gotmpl @@ -107,7 +107,7 @@ This means that you can define key-value pairs as well as providing envs via sec The rules can be defined in the values of the Chart. The syntax and semantic for these rules are quite similar to CascadingRules (See: [secureCodeBox | CascadingRules](/docs/api/crds/cascading-rule)) To define Rules you will have to provide the `rules` field with one or more `matches` elements. -Each `machtes` defines one Rule. +Each `matches` defines one Rule. For example: ```yaml @@ -128,7 +128,7 @@ Within the `matches` you will have to provide `anyOf` `anyOf` contains one or more conditions to be met by the finding to match the rule. Notice that only one of these elements needs to match the finding for the rule to match. -#### Configuration of a Slack Notification +#### Configuration of a Slack Notification (WebHook) To configure a Slack notification set the `type` to `slack` and the `endPoint` to point to your env containing your Webhook URL to slack. You can use one of the following default templates: @@ -136,6 +136,44 @@ You can use one of the following default templates: - `slack-messageCard`: Sends a message with a summary listing the number of findings per category and severity. - `slack-individual-findings-with-defectdojo`: Sends a message with a list of all findings with a link to the finding in DefectDojo. Will only work correctly if the DefectDojo hook is installed in the same namespace. +##### Example Config + +The below example shows how to create a helm values chart and load secrets for access. +You must have `endPoint` point to a [defined environment variable](https://github.com/secureCodeBox/secureCodeBox/blob/main/hooks/notification/hook/hook.ts#L20), not a string. + +``` +# cat myvalues.yaml + +notificationChannels: + - name: nmapopenports + type: slack + template: slack-messageCard + skipNotificationOnZeroFinding: true + rules: + - matches: + anyOf: + - category: "Open Port" + endPoint: POINTER_TO_ENV +env: + - name: POINTER_TO_ENV + valueFrom: + secretKeyRef: + name: myslacksecret + key: SLACK_WEB_HOOK + +# cat values_slack_secrets.yaml +apiVersion: v1 +kind: Secret +metadata: + name: myslacksecret +type: Opaque +data: + SLACK_WEB_HOOK: NOIDONTHINKSOBASE64STUFF + +kubectl apply -f values_slack_secrets.yaml +helm upgrade --install nwh secureCodeBox/notification-hook --values myvalues.yaml +``` + #### Configuration of a Slack App Notification The `slack-app` notifier is an _alternate_ way to send notifications to slack using the slack api directly rather then using webhooks. @@ -228,7 +266,7 @@ env: value: secureCodeBox ``` -### Configuration Of A MS Teams Notification +#### Configuration Of A MS Teams Notification To configure a MS Teams notification you need to set the type to `ms-teams`. In `endPoint` you need to specify the MS Teams webhook.