sensubot

command module

v0.0.0-...-9a7d9fe Latest Latest Go to latest Published: Jul 14, 2021 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

README ¶

SensuBot

SensuBot was initially design to work with chats (Slack, Telegram) to receive requests from users and send it to Sensu API. It should be stateless and never keep any data. We expand this concept to use multiple integrations and the default integration still be Sensu API.

Simple Diagram:

┌────────────┐              ┌──────────────┐                ┌────────────────┐
│  Chats     ├─────────────►│ SensuBot     ├───────────────►│ Integrations   │
│            │              │              │                │                │
└────────────┘ ◄────────────┴──────────────┘ ◄──────────────┴────────────────┘

Created using asciiflow.

It can list these resources in Sensu: assets, checks, entities, events, namespaces, mutators, filters, handlers, hooks and health.

Environment Variables

Basic setup

SENSUBOT_PORT: default "9090";
SENSUBOT_TIMEOUT: default "15" seconds;
LOG_LEVEL: default "INFO";

Integrations

SENSUBOT_DEFAULT_INTEGRATION_NAME: Default integration to connect. Default "sensu".
SENSUBOT_API_SCHEME: If your Sensu Backend are using https, change here. Default: "https";
SENSUBOT_API_TOKEN: Sensu Backend API token;
SENSUBOT_API_URL: Sensu Backend API URL (like "sensu-api.sensu.svc.cluster.local:8080")
SENSUBOT_ALERTMANAGER_ENDPOINTS: Alert Manager integration

Chat configurations

SENSUBOT_SLASH_COMMAND: default "/sensubot";
SENSUBOT_SLACK_TOKEN: Please create one in api.slack and configure it (starts with "xoxb-")
SENSUBOT_SLACK_SIGNING_SECRET: Please get from api.slack these secret;
SENSUBOT_SLACK_CHANNEL: For slack, sensuBot needs to have on channel to listen (looks like "MM34AASDD");
SENSUBOT_CA_CERTIFICATE: If you are using private certificates in Sensu Backend, please share CA public certificate here (like /etc/sensu/ca.pem)
SENSUBOT_TELEGRAM_TOKEN: Please, configure your token here;
SENSUBOT_TELEGRAM_URL: If you want to change Telegram API URL, set this. Default: "https://api.telegram.org/bot";
SENSUBOT_TELEGRAM_NAME: Telegram bot name. SensuBot use it to remove sensuBot Name from requests when it is used inside a group chat message.
SENSUBOT_GCHAT_PROJECTID: Google Cloud Project ID (numbers)
SENSUBOT_GCHAT_BOT_NAME: Google Chat Bot name
SENSUBOT_GCHAT_SA_PATH: Path for service account json file

Chat security options

SENSUBOT_BLOCKED_VERBS : blocked list of verbs (get, execute, silence, delete, resolve)
SENSUBOT_BLOCKED_RESOURCES : blocked list of resources from sensu api
SENSUBOT_SLACK_ADMIN_ID_LIST : User ID from slack, google chat and telegram) allowed to run anything
SENSUBOT_TELEGRAM_ADMIN_ID_LIST : User ID from telegram allowed to run anything
SENSUBOT_GCHAT_ADMIN_LIST : User ID from google chat allowed to run anything

Get Configurations

Create token api in sensu backend

sensuctl user create sensubot --password "LONGPASSWORD"

sensuctl cluster-role-binding create sensubot-rolebinding --cluster-role=cluster-admin --user=sensubot

sensuctl api-key grant sensubot

Create a App in Slack

Add feature Slash Command with these parameters:

Command: /sensubot
Request URL: https://URL/sensubot/v1/slack
Short Description: Talk with Monitoring System Sensu Go
Usage Hint: [get|execute|silence] RESOURCE NAME NAMESPACE

Add feature "Bots" to this bot.

In Oauth permissions add:

CONVERSATIONS chat:write:bot
FILES files:write:user

Install these Application in a Channel.

Create Bot in Telegram

Search for "botfather";
Use "/newbot" command;
Choose your bot name;
Get Credentials from botFather.

TIP: If you need to share these SensuBot in a Group, ask to make this public in botFather:

Use command "/setprivacy";
Past your bot name;
Choose "DISABLE".

Curl tips

curl https://api.telegram.org/bot${my_bot_token}/getWebhookInfo

curl -X POST https://api.telegram.org/bot${my_bot_token}/setWebhook?url=https://YOUR-URL/sensubot/v1/telegram

Source

Create Bot In Google Chat (Hangouts Chat)

This is a HTTPS Bot
Create Google Chat Bot here
- Avatar URl: https://docs.sensu.io/images/lizy-logo-a.png
- Connection settings: Check Bot URL and in Bot URL add your external endpoint ending in https://your-domain.com/sensubot/v1/gchat
Create and Download service account JSON here

Deploy sensubot in Kubernetes

Create sensuBot secrets

kubectl create secret generic sensubot --from-literal=sensubotApiToken=LONGHASH \
  --from-literal=slackToken=xxx-9X-zxczxczxczxc --from-literal=slackSigningSecret=asdasdasd-asdasdsad-123 \
  -n sensubot --dry-run -o yaml > sensubot-secret.yaml

With CA Certiticate

kubectl create secret generic sensubot --from-literal=sensubotApiToken=LONGHASH \
  --from-literal=slackToken=xxx-9X-zxczxczxczxc --from-literal=slackSigningSecret=asdasdasd-asdasdsad-123 \
  -n sensubot --dry-run -o yaml > sensubot-secret.yaml
 kubectl create secret generic sensu-ca-pem --from-file=sensuca=./ca.pem -n sensubot --dry-run -o yaml > sensu-ca-secret.yaml

Deployment

Before applying k8s-deployment.yaml file using kubectl, change it:

line 28: choose https or http depends how you configure sensu backend api;
line 32: from sensu-api.sensu.svc.cluster.local:8080 to your sensu backend api URL;
line 34: change to your Channel in Slack;
lines 50 and 51: use only if you use create sensu backend certiticates with your own Certificate Authority (CA).
line 91: from sensubot.example.local to your domain.

kubectl create ns sensubot
kubectl apply -f sensubot-secrets.yaml
kubectl apply -f sensu-ca-secret.yaml
kubectl apply -f k8s-deployment.yaml

If your sensu backend api use https, don't forgot to add CA certificate into secrets and change SENSUBOT_API_SCHEME to use https.

Example of commands

in Slack:

/sensubot get checks
/sensubot get health

in Telegram:

@sensu_example_bot get all checks

or directly messages:

get checks

Build

go build

Test and coverage

Run the tests

TESTRUN=true go test ./... -coverprofile=coverage.out

go tool cover -html=coverage.out

Install golangci-lint and run lint:

golangci-lint run

references

Golang Spell

The project was initialized using Golang Spell.

Architectural Model

The Architectural Model adopted to structure the application is based on The Clean Architecture. Further details can be found here: The Clean Architecture and in the Clean Architecture Book.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
appcontext
config
controller
domain
gateway
chat/googlechat
chat/slackclient
chat/telegramclient
customlog
integrations/alertmanagerclient
integrations/opsgenieclient
integrations/sensuclient
test
usecase
utils

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL