Skip to content

feat(modules): add prometheus alertmanager exposure module#256

Open
TBX3D wants to merge 1 commit into
vmfunc:mainfrom
TBX3D:feat/alertmanager-exposure-module
Open

feat(modules): add prometheus alertmanager exposure module#256
TBX3D wants to merge 1 commit into
vmfunc:mainfrom
TBX3D:feat/alertmanager-exposure-module

Conversation

@TBX3D

@TBX3D TBX3D commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

modules/recon/alertmanager-status-exposure.yaml flags an unauthenticated prometheus alertmanager over /api/v2/status, keyed on the versionInfo, config and cluster blocks, then extracts the version; the response carries config.original, the full running config, which leaks receiver credentials such as slack, pagerduty and webhook urls and smtp passwords, and an alertmanager behind an auth proxy answers 401.

build/vet/lint clean, go test ./internal/modules/ green (the module module end to end via ExecuteHTTPModule, real-hit and near-miss cases).

@TBX3D
feat(modules): add prometheus alertmanager exposure module
b7bccaa 
add a recon module for an unauthenticated prometheus alertmanager: the
/api/v2/status endpoint answers without credentials and returns config.original,
the full running configuration, which discloses receiver integrations and any
embedded credentials such as slack, pagerduty and webhook urls and smtp
passwords, along with the build version and cluster peers; an instance behind an
authenticating proxy returns 401 and is not flagged.
@TBX3D TBX3D requested a review from vmfunc as a code owner June 26, 2026 08:26
@codecov-commenter

codecov-commenter commented Jun 26, 2026

Copy link
Copy Markdown

⚠️ Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

✅ All modified and coverable lines are covered by tests.
⚠️ Please upload report for BASE (main@96092da). Learn more about missing BASE report.
❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #256   +/-   ##
=======================================
  Coverage        ?   53.23%           
=======================================
  Files           ?       81           
  Lines           ?     6852           
  Branches        ?        0           
=======================================
  Hits            ?     3648           
  Misses          ?     2938           
  Partials        ?      266

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@github-actions github-actions Bot added modules changes to scan modules tests test changes size/m <200 lines changed labels Jun 26, 2026
@github-actions

github-actions Bot commented Jun 26, 2026

Copy link
Copy Markdown

pr summary

2 files changed (+124 -0)

category files
go source 1
tests 1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vmfunc vmfunc Awaiting requested review from vmfunc vmfunc is a code owner

Assignees

No one assigned

Labels

modules changes to scan modules size/m <200 lines changed tests test changes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@TBX3D @codecov-commenter