feat(mqtt): Updates values and secrets for MQTT

In prevision of sidekick version bump.
falcosecurity/falcosidekick#338

Signed-off-by: Lyonel Martinez <[email protected]>

falcosidekick/CHANGELOG.md

@@ -12,6 +12,7 @@ as a list of comma separated labels and annotations to add to the AlertManager t
 * Add `smtp.autmechanism` and associated fields to be able to use any SASL mechanism.
 * Add `yandex.datastreams` and associated fields.
 * Add `nodered` and associated fields.
+* Add `mqtt` and associated fields.
 
 
 ## 0.5.7

falcosidekick/templates/secrets.yaml

@@ -43,6 +43,16 @@ data:
   MATTERMOST_MUTUALTLS: "{{ .Values.config.mattermost.mutualtls | printf "%t" | b64enc }}"
   MATTERMOST_CHECKCERT: "{{ .Values.config.mattermost.checkcert | printf "%t" | b64enc }}"
 
+  # MQTT Output
+  MQTT_BROKER: "{{ .Values.config.mqtt.broker | b64enc }}"
+  MQTT_TOPIC: "{{ .Values.config.mqtt.topic | b64enc }}"
+  MQTT_QOS: "{{ .Values.config.mqtt.qos | toString | b64enc }}"
+  MQTT_RETAINED: "{{ .Values.config.mqtt.retained | printf "%t" | b64enc }}"
+  MQTT_USER: "{{ .Values.config.mqtt.user | b64enc }}"
+  MQTT_PASSWORD: "{{ .Values.config.mqtt.password | b64enc }}"
+  MQTT_CHECKCERT: "{{ .Values.config.mqtt.checkcert | printf "%t" | b64enc }}"
+  MQTT_MINIMUMPRIORITY: "{{ .Values.config.mqtt.minimumpriority | b64enc }}"
+
   # Teams Output
   TEAMS_WEBHOOKURL: "{{ .Values.config.teams.webhookurl | b64enc }}"
   TEAMS_OUTPUTFORMAT: "{{ .Values.config.teams.outputformat | b64enc }}"

falcosidekick/values.yaml

@@ -325,12 +325,12 @@ config:
     checkcert: true
 
   nodered:
-    address: "" # Webhook address, if not empty, Webhook output is enabled
-    user: "" # User if Basic Auth is enabled for 'http in' node in Node-RED
-    password: "" # Password if Basic Auth is enabled for 'http in' node in Node-RED
-    customHeaders: "" # Custom headers to add in POST, useful for Authentication | list of comma separated headers to, syntax is "key:value,key:value"
-    minimumpriority: "" # minimum priority of event for using this output, order is emergency|alert|critical|error|warning|notice|informational|debug or "" (default)
-    checkcert: true # check if ssl certificate of the output is valid (default: true)
+    address: ""  # Webhook address, if not empty, Webhook output is enabled
+    user: ""  # User if Basic Auth is enabled for 'http in' node in Node-RED
+    password: ""  # Password if Basic Auth is enabled for 'http in' node in Node-RED
+    customHeaders: ""  # Custom headers to add in POST, useful for Authentication | list of comma separated headers to, syntax is "key:value,key:value"
+    minimumpriority: ""  # minimum priority of event for using this output, order is emergency|alert|critical|error|warning|notice|informational|debug or "" (default)
+    checkcert: true  # check if ssl certificate of the output is valid (default: true)
 
   azure:
     # -- Azure Subscription ID
@@ -575,6 +575,16 @@ config:
     # -- minimum priority of event to use this output, order is `emergency\|alert\|critical\|error\|warning\|notice\|informational\|debug or ""`
     minimumpriority: ""
 
+  mqtt:
+    broker: ""  # Broker address, can start with tcp:// or ssl://, if not empty, MQTT output is enabled
+    topic: "falco/events"  # Topic for messages (default: falco/events)
+    qos: 0  # QOS for messages (default: 0)
+    retained: false  # If true, messages are retained (default: false)
+    user: ""  # User if the authentication is enabled in the broker
+    password: ""  # Password if the authentication is enabled in the broker
+    checkcert: true  # check if ssl certificate of the output is valid (default: true)
+    minimumpriority: ""  # minimum priority of event for using this output, order is emergency|alert|critical|error|warning|notice|informational|debug or "" (default)
+
 
 service:
   # -- Service type