Falco webhook#403
Conversation
|
Hey @hyberdk , thanks for your approval Pipelines failed saying the pre-commit has to be run. I did so and Now pushing this file to the branch so the pipelines are green. |
satterly
left a comment
satterly
left a comment
There was a problem hiding this comment.
Good work on the Falco integration! A few issues to fix:
-
Bug:
list.extend()returns None —tags = additional_tags.extend(payload['tags'])will always settagstoNone. Fix: calladditional_tags.extend(payload['tags'])separately, then assigntags = additional_tags. -
Dead code around DEFAULT_ENVIRONMENT —
environmentis listed as a required field inexpected_fields_in_outputfields, so theDEFAULT_ENVIRONMENTfallback on line 64 can never be reached. Either makeenvironmentoptional or remove the fallback. -
Coarse severity mapping — Falco has 8 priority levels but they're collapsed to just
criticalorwarning. Consider mapping to more Alerta severity levels (e.g.,informational,warning,major,critical). -
Tests only check status codes — No assertions on actual alert content (severity, resource, event, tags). The
datavariable is assigned but never inspected.
3 participants
Description
A new webhook to receive notifications from Falco is created.
Fixes # N/A
Changes
Include a brief summary of changes...
Screenshots
N/A
Checklist
Collaboration
When a user creates a pull request from a fork that they own, the user
generally has the authority to decide if other users can commit to the
pull request's compare branch. If the pull request author wants greater
collaboration, they can grant maintainers of the upstream repository
(that is, anyone with push access to the upstream repository) permission
to commit to the pull request's compare branch
See https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork