⚓️ Add a generic notification Hook with message templates #318
Description
New Hook implementation request
Is your feature request related to a problem? Please describe.
As secureCodeBox user i would like to use a more generic notification Hook with specific and customizable message templates to implement my own notifications, based on MS Teams and Slack.
Describe the solution you'd like
- This issue should combine the issues/prs Implement a Slack Notification Hook #310 and Implementing the MS Teams WebHook #163 in a new hook with the name
notification-hook. - The message templates for MS Teams and Slack must be implemented as independent mustache templates. There is an old implementation of the MS Teams hook which could be an example of this idea 3881d7b
- The message templates should be referenced by name to configure them via HelmChart
- As a user i want to add my own mustache templates via configMap.
- As a user i want to configure multiple outgoing message endpoinds with different message templates
Describe alternatives you've considered
Implementing each messenger in a separate hook. But this would result in a lot of duplicate code.
Example HelmChart Configuration (must have)
notifications:
- webhook:
# notification.url -- The URL of your notification service endpoint (Teams, Slack, RocketChat,...)
url: "http://msteams.example.com"
# notification.template -- The name of the message template that should be used [messageCard | adaptiveCard].
template: general-alert-msteams.mustache
# notification.rules -- A optional rule definition that can be used to describe in wich case a notification must be fired. If not defined / empty each scan result will be notified.
rules: []
- matches:
anyOf:
- severity: "high"
- severity: "medium"
vulnerabilityManagement:
# vulnerabilityManagement.enabled If enabled a direct link to your vulnerability management system will be added at the bottom of each message.
enabled: false
# vulnerabilityManagement.name The name of your vulnerability management system wich you reference to.
name: Kibana Dashboard
# vulnerabilityManagement.url The URL to your vulnerability management system wich will be added at the bottom of each message.
url: "https://your-kibana-service.url/your-dashboard-path"
# vulnerabilityManagement.url A special URL used to deep link into your vulnerability management system. The placeholder {{uid}} will be replaced with the current scanId (uid).
findingsUrl: "https://your-kibana-service.url/your-dashboard-path/filter:{{uid}}"
- webhook:
# notification.url -- The URL of your notification service endpoint (Teams, Slack, RocketChat,...)
url: "http://slack.example.com"
# notification.template -- The name of the message template that should be used [messageCard | adaptiveCard].
template: team-warning-slack.mustache
# notification.rules -- A optional rule definition that can be used to describe in wich case a notification must be fired. If not defined / empty each scan result will be notified.
rules: []
- matches:
anyOf:
- location: "https://myteam.application.dev"
vulnerabilityManagement:
# vulnerabilityManagement.enabled If enabled a direct link to your vulnerability management system will be added at the bottom of each message.
enabled: true
# vulnerabilityManagement.name The name of your vulnerability management system wich you reference to.
name: Defect Dojo
# vulnerabilityManagement.url The URL to your vulnerability management system wich will be added at the bottom of each message.
url: "https://your-kibana-service.url/your-dashboard-path"
# vulnerabilityManagement.url A special URL used to deep link into your vulnerability management system. The placeholder {{uid}} will be replaced with the current scanId (uid).
findingsUrl: "https://your-defectdojo-service.url/my-team-path?finding={{uid}}"
Mail Example HelmChart Configuration (optional)
notifications:
- mail:
# notification.address -- The reciever mail address of this notification
address: "myteam@example.com"
# notification.subject -- The mail subject
subject: "[SCB] You got Mail!"
# notification.template -- The name of the message template that should be used [messageCard | adaptiveCard].
template: general-email.mustache
# notification.rules -- A optional rule definition that can be used to describe in wich case a notification must be fired. If not defined / empty each scan result will be notified.
rules: []
- matches:
anyOf:
- severity: "high"
- severity: "medium"
vulnerabilityManagement:
# vulnerabilityManagement.enabled If enabled a direct link to your vulnerability management system will be added at the bottom of each message.
enabled: false
# vulnerabilityManagement.name The name of your vulnerability management system wich you reference to.
name: Kibana Dashboard
# vulnerabilityManagement.url The URL to your vulnerability management system wich will be added at the bottom of each message.
url: "https://your-kibana-service.url/your-dashboard-path"
# vulnerabilityManagement.url A special URL used to deep link into your vulnerability management system. The placeholder {{uid}} will be replaced with the current scanId (uid).
findingsUrl: "https://your-kibana-service.url/your-dashboard-path/filter:{{uid}}"Additional context
- Template Engine: https://mustache.github.io/
- Implement a Slack Notification Hook #310
- Implementing the MS Teams WebHook #163
- Message Examples: https://github.com/secureCodeBox/secureCodeBox/tree/main/hooks/teams-webhook/__testfiles__
- https://api.slack.com/messaging/webhooks
- https://docs.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/connectors-using
Steps to implement a new Hook
- Create a new folder with the name of the hook here
- Add a README and give a brief overview of the scanner and its configuration options.
- Add (optional) a Dockerfile for the scanner if there is no existing one publicly available on dockerHub
- Use the Hook-SDK to implement a new hook (currently based on NodeJS)
- Add unit tests with at minimum 80% test coverage
- Add some example scan.yaml and finding.yaml files in the example folder
- Implement a new integration test for the hook here