messagebird / sachet Goto Github PK
View Code? Open in Web Editor NEWSMS alerts for Prometheus' Alertmanager
Home Page: https://www.messagebird.com
License: BSD 2-Clause "Simplified" License
SMS alerts for Prometheus' Alertmanager
Home Page: https://www.messagebird.com
License: BSD 2-Clause "Simplified" License
I need to add/remove receivers dynamically. I'd like to generate a new config file and tell sachet to reload it.
It would be nice to have the same url as Prometheus and the alert manager which reload their configuration when they receive an HTTP POST request to the /-/reload endpoint.
https://prometheus.io/docs/prometheus/latest/configuration/configuration/
https://prometheus.io/docs/alerting/configuration/
Quite simple really, I'd like to have dockerhub images without building myself. Upstream is always better.
Since we are monitoring internet connectivity as well in prometheus, we need to always be able to send an alert to our on duty sysadmins. For that we were thinking of using a USB 3G modem, which would allow for sending texts from a prepaid SIM. Would it be possible to implement the protocols for a USB 3G modem or support for gosms?
Hi folks,
we have our sms gateway called nowsms, how to integrate it with prometheus using sachet.?
your answers are highly appreciated
thanks
Quick bug report. I should likely fix this myself and send a pull request, but ENOTIME, so I'm quickly making sure this won't get lost.
Looking at messagebird.go
, there is a TODO that there is no support for error checking. It would be nice if this printed the HTTP error message in the logs. Even if we're too lazy to do that, we should make sure that we're not reporting HTTP 200 back to AlertManager, as that makes AlertManager assume that the SMS was sent correctly.
To summarise: we should patch up messagebird.go
to return an error. main.go
should return, say, a HTTP 500 when an error has occurred.
Trying to build an image returns this error:
go: missing Git command. See https://golang.org/s/gogetcmd
package github.com/messagebird/sachet/cmd/...: exec: "git": executable file not found in $PATH
Basically the git package isn't installed, but used as name of the virtual package with --virtual git
.
This patch fixes it:
diff --git a/Dockerfile b/Dockerfile
index 07363a4..8229163 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,9 +1,9 @@
FROM golang:alpine
-RUN apk add --no-cache --virtual git openssl ca-certificates && \
+RUN apk add --no-cache --virtual build git openssl ca-certificates && \
go get github.com/messagebird/sachet/cmd/... && \
rm -rf src pkg && \
- apk del git
+ apk del build
COPY examples/config.yaml /etc/sachet/config.yaml
However, this still builds a 374MB
image, which contains the golang
environment. It's better to use this newer Dockerfile
:
FROM golang:alpine AS build
RUN apk update && \
apk add --no-cache git openssl ca-certificates && \
go get github.com/messagebird/sachet/cmd/...
FROM alpine
COPY --from=build /go/bin/sachet /usr/local/bin
COPY examples/config.yaml /etc/sachet/config.yaml
RUN apk update && \
apk add --no-cache ca-certificates
EXPOSE 9876
ENTRYPOINT ["sachet"]
CMD ["-config", "/etc/sachet/config.yaml"]
which builds a small 21.3MB
image (assuming ca-certificates
package is needed).
I prefer not to have to statically configure recipients for alerts but rather have the alert writer decide how and where to route his alerts to. To this end I configured generic routes in Alertmanager where its recipient(s) is a label attached to said alert. It would be nice if Sachet would also be able to parse these labels into a list of recipients. I dabbled a bit in Go so I've implemented it. These scratching are far from proper code, but it works. I'm not making it a PR because it may be a buggy mess and it's certainly quite ugly. But it works for me.
diff --git a/cmd/sachet/main.go b/cmd/sachet/main.go
index 67d7b2e..c407025 100644
--- a/cmd/sachet/main.go
+++ b/cmd/sachet/main.go
@@ -110,8 +110,16 @@ func main() {
}
}
+ var receivers []string
+
+ if (len(receiverConf.To) == 1 && len(data.GroupLabels[receiverConf.To[0]])>1) {
+ receivers = strings.Split(data.GroupLabels[receiverConf.To[0]],",")
+ } else {
+ receivers = receiverConf.To
+ }
+
message := sachet.Message{
- To: receiverConf.To,
+ To: receivers,
From: receiverConf.From,
Type: receiverConf.Type,
Text: text,
How to use this? Configure your sachet receiver as usual, but instead of an actual recipient (number, account or whatever) put in (only!) the label which the receiver should analyze for receivers. E.g.:
providers:
cm:
producttoken: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
telegram:
token: 'xxxxxxxxxx:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
receivers:
- name: 'sms_to'
provider: 'cm'
to:
- 'sms_to'
from: '...'
text: 'This is your extrahandy SMS provider, receiving an alert from Alertmanager!'
- name: 'telegram_to'
provider: 'telegram'
to:
- 'telegram_to'
text: 'This is your extrahandy Telegram chat bot, receiving an alert from Alertmanager!'
Boot up Sachet (after building, obviously) and send it a JSON like so (note the added GroupLabels with a comma separated string with recipients) will send in this case an SMS, but a Telegram works the same way. That's the only two providers I've tested because that's what I have access to and I don't need any more than this to be honest. Though MS Teams support would be nice.
$ curl -H "Content-type: application/json" -X POST -d '{"receiver": "sms_to", "status": "firing", "alerts": [{"status": "firing", "labels": {"alertname": "test-123"} }], "commonLabels": {"key": "value"},"GroupLabels":{"sms_to":"<somenumber>,<someothernumber>"}}' http://localhost:9876/alert
It would be great if something like this could be added to this project so I don't need to maintain my own fork and builds anymore. Also, input on how to better implement this is also appreciated.
Hello,
it would be nice to provide builds for multiple arch (like ARMv7, for ARM Dev Board) for Sachet.
Providing a checksum of the files would be great too!
I can help with that if you're open to PR (:
Gammu is a library to utilize a local GSM modem to send out SMS.
https://wammu.eu/gammu/
It would be nice to have support for that.
There are Go bindings already available at https://github.com/ziutek/gogammu
Right now all providers' code lives on the "sachet" package. This doesn't scale well.
For example different providers may want to implement a Request method like turbosms did here
But since they are all on the same package there will be name collisions. We can try to prevent providers from doing so and stick to methods on the "provider" structs like we do on the MessageBird's but using language features is easier and better.
https://github.com/messagebird/sachet/blob/master/provider/telegram/telegram.go#L19
Good product, but telegram is broken out-of-the box.
During an issue, I have this error in alertmanager :
level=error ts=2022-03-20T21:06:53.040Z caller=dispatch.go:354 component=dispatcher msg="Notify for alerts failed" num_alerts=1 err="critical_receivers/webhook[0]: notify retry canceled after 2 attempts: Post \"http://127.0.0.1:4567/alert\": context deadline exceeded"
But nothing in sachet logs.
Is there a way to increase log level in sachet to retreive more information next time the issue occures ?
Hello
Just like Prometheus do in their Release, is it possible to build binaries ?
I'm automating my provisioning and configuration using Puppet and having a binary is easier because :
Thank you !
Can you publish a new docker image to address those CVEs?
Vulnerability ID | Title | Package Name | Fixed Version | Severity | URL |
---|---|---|---|---|---|
CVE-2021-30139 | apk-tools | 2.10.6-r0 | HIGH | https://avd.aquasec.com/nvd/cve-2021-30139 | |
CVE-2021-28831 | busybox: invalid free or segmentation fault via malformed gzip data | busybox | 1.31.1-r10 | HIGH | https://avd.aquasec.com/nvd/cve-2021-28831 |
CVE-2020-1967 | openssl: Segmentation fault in SSL_check_chain causes denial of service | libcrypto1.1 | 1.1.1g-r0 | HIGH | https://avd.aquasec.com/nvd/cve-2020-1967 |
CVE-2021-23840 | openssl: integer overflow in CipherUpdate | libcrypto1.1 | 1.1.1j-r0 | HIGH | https://avd.aquasec.com/nvd/cve-2021-23840 |
CVE-2021-3450 | openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT | libcrypto1.1 | 1.1.1k-r0 | HIGH | https://avd.aquasec.com/nvd/cve-2021-3450 |
CVE-2020-1967 | openssl: Segmentation fault in SSL_check_chain causes denial of service | libssl1.1 | 1.1.1g-r0 | HIGH | https://avd.aquasec.com/nvd/cve-2020-1967 |
CVE-2021-23840 | openssl: integer overflow in CipherUpdate | libssl1.1 | 1.1.1j-r0 | HIGH | https://avd.aquasec.com/nvd/cve-2021-23840 |
CVE-2021-3450 | openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT | libssl1.1 | 1.1.1k-r0 | HIGH | https://avd.aquasec.com/nvd/cve-2021-3450 |
CVE-2021-28831 | busybox: invalid free or segmentation fault via malformed gzip data | ssl_client | 1.31.1-r10 | HIGH | https://avd.aquasec.com/nvd/cve-2021-28831 |
In cmd/sachet/main.go
, the deprecated prometheus.Handler()
is used.
See: https://godoc.org/github.com/prometheus/client_golang/prometheus#Handler
The docs suggest using promhttp.Handler
instead, but that seems to behave slightly different from prometheus.Handler
.
Some related discussions in other repos:
HI team I am facing this error
go get github.com/messagebird/sachet/cmd/sachet
# github.com/messagebird/sachet/provider/messagebird
/root/go/src/github.com/messagebird/sachet/provider/messagebird/messagebird.go:51:25: cannot use mb.client (type *"github.com/messagebird/sachet/vendor/github.com/messagebird/go-rest-api".Client) as type *"github.com/messagebird/go-rest-api".Client in argument to sms.Create
/root/go/src/github.com/messagebird/sachet/provider/messagebird/messagebird.go:53:34: cannot use mb.client (type *"github.com/messagebird/sachet/vendor/github.com/messagebird/go-rest-api".Client) as type *"github.com/messagebird/go-rest-api".Client in argument to voicemessage.Create
Maybe use https://github.com/prometheus/promu
Is there any way to inject secrets into the config file without having to write them down directly?
Hi,
Thanks for the merge, will you create a new release soon ?
My Ansible role used to deploy sachet is based on github release, I will find another way to deploy my version of Sachet (with OVH provider) but it would be nice if you make a new release.
Thanks a lot
Yoann
fmt.Print
, fmt.Printf
, fmt.Println
and etc. can clog output. For example: a report of go test
. Also, we can't test it.
If we use it for logging then lets just use logger instead.
If we really want to throw some message to the stdout then we can use io.Writer
func message(w io.Writer) error {
_, err := w.Write([]byte("message"))
return err
}
or just return the message
func message() (string, error) {
return "message", nil
}
and handle somewhere in the main func.
The linter forbidigo can catch such cases. I'd recommend to enable it.
provider/nowsms/nowsms.go:67:2: use of `fmt.Println` forbidden by pattern `^(fmt\.Print(|f|ln)|print|println)$` (forbidigo)
fmt.Println("Message sent: ", message.Text)
^
provider/tencentcloud/tencentcloud.go:79:4: use of `fmt.Printf` forbidden by pattern `^(fmt\.Print(|f|ln)|print|println)$` (forbidigo)
fmt.Printf("An API error has returned: %s", err)
^
provider/tencentcloud/tencentcloud.go:87:3: use of `fmt.Printf` forbidden by pattern `^(fmt\.Print(|f|ln)|print|println)$` (forbidigo)
fmt.Printf("%s", b)
^
provider/kavenegar/kavenegar.go:64:2: use of `fmt.Println` forbidden by pattern `^(fmt\.Print(|f|ln)|print|println)$` (forbidigo)
fmt.Println("Message sent: ", message.Text)
^
provider/ghasedak/ghasedak.go:63:2: use of `fmt.Println` forbidden by pattern `^(fmt\.Print(|f|ln)|print|println)$` (forbidigo)
fmt.Println("Message sent: ", message.Text)
Hi,
First of all, I'm a complete beginner in Go but I try to develop a provider for OVH.
I successfully created a standalone program sending SMS throught OVH API, but I can't make it work with Sachet.
First of all, how do you test and debug sachet ?
I must run '''go run main.go config.go telemetry.go''' from cmd/sachet directory, then test with curl request, if it doesn't work properly, CTRL+C Sachet, make the correction and restart ?
I made an ovh.go file containing my code but I can't make it "visible" by sachet.
I look into this commit to see what files must be changed.
I modified, main.go and config.go, but not go.mod neither go.sum, must I ?
I am at early stage of development so my module/package is not hosted on github, so how can I include/import it ?
I tried, unsuccessfully, to make dot import related to this error :
build command-line-arguments: cannot load provider/ovh: malformed module path "ovh": missing dot in first path element
Maybe, this issue is not the right place to have information, feel free to close it.
Thanks
Yoann
We need to send some alerts using voice messaging
I'm willing to implement this, but wanted to read your comments first.
Hi Guys the current dockerfile is not working.
Needed to add message_thread_id for telegram chats with threads because the chat arrives only into General Thread.
Currently, we use this in combination with MessageBird, but it defaults on the SMS Basic gateway. We'd like to use the Business+ gateway, as the text messages send are business critical (monitoring) and apparantly, the Basic gateway only sent 2 out of 15 messages last night, causing a disruption.
Although the go-rest-api from MessageBird allows setting of the gateway, this is not possible via Sachet. Unless I missed an option?
This version doesn't seem to exist anymore. You may have to set GOPROXY=direct
to reproduce this.
I installed sachet on a k8s cluster, and I keep getting the following error, even if a post request made to the same URL with wget from the very same pod succeeds.
main.go:231: Error: {"Error":true,"Status":400,"Message":"Post \"https://smsapi.free-mobile.fr/sendmsg\": context deadline exceeded (Client.Timeout exceeded while awaiting headers)"}
I'm still on my way to capture a network trace, but it's not so easy for now.
Any advice to solve this problem ?
Seems that there is not support for HTTP_PROXY.
It should be possible to use the NewBotWithClient API instead of only NewBot.
Also the chart and other parts should be updated but it could help those that are behing a proxy.
Hi,
I try to build the docker image (because no pre-build image is avalaible for arm arch) ant it isn't working, here is the traceback:
sebpomme machine:~ [645:1]% docker build -t sache "https://github.com/messagebird/sachet.git#0.2.3"
Sending build context to Docker daemon 3.77MB
Step 1/12 : FROM golang:1.14 AS builder
1.14: Pulling from library/golang
e4c3d3e4f7b0: Already exists
101c41d0463b: Pull complete
8275efcd805f: Pull complete
751620502a7a: Pull complete
aaabf962c4fc: Pull complete
8201797aea2f: Pull complete
3a0b5e7e1f6f: Pull complete
Digest: sha256:cdc098a969e749099ca24578990cf42195aa9cd2f5e04b0e196171bb0dbb885d
Status: Downloaded newer image for golang:1.14
---> d5ddd1861619
Step 2/12 : WORKDIR /build
---> Running in a92566e7ac8a
Removing intermediate container a92566e7ac8a
---> 7ebc2015b279
Step 3/12 : COPY . .
---> e655615669dc
Step 4/12 : RUN GO111MODULE=on CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -mod vendor -o sachet github.com/messagebird/sachet/cmd/sachet
---> Running in ffb91a57691f
go: inconsistent vendoring in /build:
github.com/aliyun/[email protected]: is explicitly required in go.mod, but vendor/modules.txt indicates github.com/aliyun/[email protected]
github.com/carlosdp/[email protected]: is explicitly required in go.mod, but vendor/modules.txt indicates github.com/carlosdp/[email protected]
github.com/golang/[email protected]: is explicitly required in go.mod, but vendor/modules.txt indicates github.com/golang/[email protected]
github.com/jmespath/[email protected]: is explicitly required in go.mod, but vendor/modules.txt indicates github.com/jmespath/[email protected]
github.com/messagebird/[email protected]+incompatible: is explicitly required in go.mod, but vendor/modules.txt indicates github.com/messagebird/[email protected]
github.com/prometheus/[email protected]: is explicitly required in go.mod, but vendor/modules.txt indicates github.com/prometheus/[email protected]
github.com/prometheus/[email protected]: is explicitly required in go.mod, but vendor/modules.txt indicates github.com/prometheus/[email protected]
github.com/prometheus/[email protected]: is explicitly required in go.mod, but vendor/modules.txt indicates github.com/prometheus/[email protected]
gopkg.in/[email protected]: is explicitly required in go.mod, but vendor/modules.txt indicates gopkg.in/[email protected]
gopkg.in/[email protected]: is explicitly required in go.mod, but vendor/modules.txt indicates gopkg.in/[email protected]
gopkg.in/[email protected]: is explicitly required in go.mod, but vendor/modules.txt indicates gopkg.in/[email protected]
run 'go mod vendor' to sync, or use -mod=mod or -mod=readonly to ignore the vendor directory
The command '/bin/sh -c GO111MODULE=on CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -mod vendor -o sachet github.com/messagebird/sachet/cmd/sachet' returned a non-zero code: 1
Can you help me to fix this ?
I have this in the alert rules:
expr: node_disk_device_size_used_perc > 60
for: 1m
labels:
severity: "warning"
annotations:
description: "Disk device {{ $labels.device }} on {{ $labels.instance }} at {{ $value }}% used"
What I get in my text message is:
FIRING
device=/dev/sda1
instance=bababoom
job=bababoomjob
severity=warning
I would like the text to contain the description -- do you know how ot do it?
Hello everyone. I put Sachet on my server, but when i would try to connect with it, I have got some errors :
I follow this tutorial to install it ==>
https://github.com/messagebird/sachet
But i have this error in navigator, timeout i think.
Someone can help me ? Thanks
When sending SMS to Infobip provider only the first number receives it; others don't get anything. This line here shows that only first member is picked and others ignored
sachet/provider/infobip/infobip.go
Line 40 in 6575a24
Infobip API supports sending to multiple destinations. Also, perhaps shift to use newer API (https://www.infobip.com/docs/api#channels/sms/send-sms-message)
Hello,
Can you publish a new docker image to address these CVEs?
Issues found using aquasec/trivy:0.20.2.
Thank you!
For reference it this is a similar request to this issue.
Vulnerability ID | Title | Package Name | Fixed Version | Severity | URL | Target |
---|---|---|---|---|---|---|
CVE-2021-42378 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i() | busybox | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42378 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42379 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file() | busybox | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42379 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42380 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar() | busybox | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42380 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42381 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init() | busybox | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42381 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42382 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s() | busybox | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42382 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42383 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate() | busybox | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42383 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42384 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special() | busybox | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42384 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42385 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate() | busybox | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42385 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42386 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc() | busybox | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42386 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2022-0778 | openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates | libcrypto1.1 | 1.1.1n-r0 | HIGH | https://avd.aquasec.com/nvd/cve-2022-0778 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2022-0778 | openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates | libretls | 3.3.3p1-r3 | HIGH | https://avd.aquasec.com/nvd/cve-2022-0778 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2022-0778 | openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates | libssl1.1 | 1.1.1n-r0 | HIGH | https://avd.aquasec.com/nvd/cve-2022-0778 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42378 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i() | ssl_client | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42378 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42379 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file() | ssl_client | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42379 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42380 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar() | ssl_client | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42380 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42381 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init() | ssl_client | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42381 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42382 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s() | ssl_client | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42382 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42383 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate() | ssl_client | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42383 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42384 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special() | ssl_client | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42384 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42385 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate() | ssl_client | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42385 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2021-42386 | busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc() | ssl_client | 1.33.1-r6 | HIGH | https://avd.aquasec.com/nvd/cve-2021-42386 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
CVE-2018-25032 | zlib: A flaw in zlib-1.2.11 when compressing (not decompressing!) certain inputs. | zlib | 1.2.12-r0 | HIGH | https://avd.aquasec.com/nvd/cve-2018-25032 | rancher/mirrored-messagebird-sachet:0.2.6 (alpine 3.14.2) |
In a case where many alerts are firing you might receive really big SMS. We should have a limit (in the configuration) that limits the size of the SMS sent.
https://github.com/messagebird/sachet/releases/tag/0.2.4
This does not do much to help me as a sysadmin to understand what has changed in the release. You can easily generate a changelog with the "git shortlog" command, if that helps. Thanks!
Right now you get things like
Firing: 3, Resolved: 0
Firing: 2, Resolved: 0
Firing: 2, Resolved: 0
Firing: 3, Resolved: 0
Firing: 0, Resolved: 2
and that doesn't tell much.
It's hard to keep it short because you don't know what labels are important.
All providers live in their own package, but many types also contain the provider name.
The result is code like this:
provider := messagebird.NewMessageBird(messagebird.MessageBirdConfig{
AccessKey: "YOUR_ACCESS_KEY",
// ...
})
I'd like to propose dropping these redundant prefixes in type names, which looks a lot cleaner:
provider := messagebird.New(messagebird.Config{
AccessKey: "YOUR_ACCESS_KEY",
// ...
})
The messagebird
package is only an example - this applies to nearly all other providers.
This is obviously a breaking change, so I'll set the milestone for this to v1.0.0
.
Chcuucu
hi,
Could you advise please if you plan to integrate Jasmin SMS gateway support(https://www.jasminsms.com/) or/and SMPP protocol support
Thanks in advance,
Oleg
Hi Dears,
would you please take a look at PR #89 and commit if possible?
Thanks in advance!
Please add TextMagic as a provider.
TextMagic provide a Go API here: https://github.com/textmagic/textmagic-rest-go-v2
The README provides an example of how to send an SMS message using the Go API. A TextMagic trial account can be created at https://www.textmagic.com/ and comes with 10 free SMS messages for testing.
The API just requires a username and an API key, so that only those two things need to be specified in the yaml configuration.
(Please note that the v2 API should be used instead of the old v1 API which is still available here.)
It should be possible to use the MessageBird provider code (see here) as a starting point and adapt it as required.
If I were to create a PR, would this be something you would consider merging? Many thanks!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.