Generic WebHook
What is "Generic WebHook" Hook about?
Installing the Generic WebHook hook will add a ReadOnly Hook to your namespace which is capable of sending scan results containing findings to a given webhook url.
Deployment
The generic-webhook chart can be deployed via helm:
# Install HelmChart (use -n to configure another namespace)
helm upgrade --install generic-webhook secureCodeBox/generic-webhook
Requirements
Kubernetes: >=v1.11.0-0
Additional Chart Configurations
✍ This documentation is currently work-in-progress.
Values
| Key | Type | Default | Description |
|---|---|---|---|
| hook.affinity | object | {} | Optional affinity settings that control how the hook job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) |
| hook.authentication | object | {"apikey":{"headerName":"X-Example-Header","headerValue":"example","userSecret":"generic-webhook-credentials"},"basic":{"passwordKey":"password","userSecret":"generic-webhook-credentials","usernameKey":"username"}} | Optional basic authentication credentials or apikey |
| hook.authentication.apikey.headerName | string | "X-Example-Header" | Customize header name as per your needs ex: X-Api-Key |
| hook.authentication.apikey.userSecret | string | "generic-webhook-credentials" | Link a pre-existing generic secret with usernameKey and passwordKey key / value pairs |
| hook.authentication.basic.passwordKey | string | "password" | Name of the password key in the userSecret secret. Use this if you already have a secret with different key / value pairs |
| hook.authentication.basic.userSecret | string | "generic-webhook-credentials" | Link a pre-existing generic secret with usernameKey and passwordKey key / value pairs |
| hook.authentication.basic.usernameKey | string | "username" | Name of the username key in the userSecret secret. Use this if you already have a secret with different key / value pairs |
| hook.image.repository | string | "docker.io/securecodebox/hook-generic-webhook" | Hook image repository |
| hook.image.tag | string | defaults to the charts version | The image Tag defaults to the charts version if not defined. |
| hook.labels | object | {} | Add Kubernetes Labels to the hook definition |
| hook.priority | int | 0 | Hook priority. Higher priority Hooks are guaranteed to execute before low priority Hooks. |
| hook.resources | object | { requests: { cpu: "200m", memory: "100Mi" }, limits: { cpu: "400m", memory: "200Mi" } } | Optional resources lets you control resource limits and requests for the hook container. See https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| hook.tolerations | list | [] | Optional tolerations settings that control how the hook job is scheduled (see: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) |
| hook.ttlSecondsAfterFinished | string | nil | Seconds after which the kubernetes job for the hook will be deleted. Requires the Kubernetes TTLAfterFinished controller: https://kubernetes.io/docs/concepts/workloads/controllers/ttlafterfinished/ |
| imagePullSecrets | list | [] | Define imagePullSecrets when a private registry is used (see: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) |
| webhookUrl | string | "http://example.com" | The URL of your WebHook endpoint |
License
Code of secureCodeBox is licensed under the Apache License 2.0.