Signed-off-by: Narek Tatevosyan <nrkk@yandex-team.ru>

Merge branch 'Yandex-S3-new' into HEAD

README.md

@@ -413,6 +413,7 @@ yandex:
   # secretaccesskey: "" # yandex secret access key
   # region : "" # yandex region (default: ru-central-1)
   s3:
+    #endpoint: "" # yandex s3 endpoint (default: ru-central-1)
     # bucket: "falcosidekick" # Yandex S3, bucket name
     # prefix : "" # name of prefix, keys will have format: s3://<bucket>/<prefix>/YYYY-MM-DD/YYYY-MM-DDTHH:mm:ss.s+01:00.json
     # minimumpriority: "" # minimum priority of event for using this output, order is emergency|alert|critical|erro

config.go

@@ -268,9 +268,9 @@ func getConfig() *types.Configuration {
 
 	v.SetDefault("Yandex.AccessKeyID", "")
 	v.SetDefault("Yandex.SecretAccessKey", "")
-	v.SetDefault("Yandex.Endpoint", "https://storage.yandexcloud.net")
-	v.SetDefault("Yandex.Region", "ru-central1")
 	v.SetDefault("Yandex.S3.Bucket", "")
+	v.SetDefault("Yandex.S3.Endpoint", "https://storage.yandexcloud.net")
+	v.SetDefault("Yandex.Region", "ru-central1")
 	v.SetDefault("Yandex.S3.Prefix", "falco")
 	v.SetDefault("Yamdex.S3.MinimumPriority", "")
 

handlers.go

@@ -262,6 +262,6 @@ func forwardEvent(falcopayload types.FalcoPayload) {
 	}
 
 	if config.Yandex.S3.Bucket != "" && (falcopayload.Priority >= types.Priority(config.Yandex.S3.MinimumPriority) || falcopayload.Rule == testRule) {
-		go yandexS3Client.UploadYandexS3(falcopayload)
+		go yandexClient.UploadYandexS3(falcopayload)
 	}
 }

outputs/yandex.go

@@ -5,12 +5,14 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"html/template"
 	"log"
 	"os"
 	"time"
 
 	"github.com/DataDog/datadog-go/statsd"
 	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/credentials"
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/s3"
 
@@ -21,22 +23,43 @@ import (
 func NewYandexClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics, statsdClient, dogstatsdClient *statsd.Client) (*Client, error) {
 
 	if config.Yandex.AccessKeyID != "" && config.Yandex.SecretAccessKey != "" {
-		err1 := os.Setenv("AWS_ACCESS_KEY_ID", config.Yandex.AccessKeyID)
-		err2 := os.Setenv("AWS_SECRET_ACCESS_KEY", config.Yandex.SecretAccessKey)
-		if err1 != nil || err2 != nil {
-			log.Printf("[ERROR] : Yandex - Error setting Yandex env vars")
-			return nil, errors.New("Error setting Yandex env vars")
+		t := template.New("fieldname example")
+		t, _ = t.Parse(`[yandex-account]
+; work profile
+aws_access_key_id = {{.AccessKeyID}}
+aws_secret_access_key = {{.SecretAccessKey}}
+            `)
+		type AwsKeyPair struct {
+			AccessKeyID     string
+			SecretAccessKey string
 		}
+		p := AwsKeyPair{AccessKeyID: config.Yandex.AccessKeyID,
+			SecretAccessKey: config.Yandex.SecretAccessKey,
+		}
+		homeDirName, err := os.UserHomeDir()
+		os.MkdirAll(homeDirName+"/.aws", os.ModePerm)
+		file, err := os.Create(homeDirName + "/.aws/credentials")
+		if err != nil {
+			log.Println("create file: ", err)
+
+		}
+		err = t.Execute(file, p)
+		if err != nil {
+			log.Print("execute: ", err)
+
+		}
+
 	}
+
 	sess, err := session.NewSession(&aws.Config{
-		Region:   aws.String(config.Yandex.Region),
-		Endpoint: aws.String(config.Yandex.Endpoint)})
+		Region:      aws.String(config.Yandex.Region),
+		Endpoint:    aws.String(config.Yandex.S3.Endpoint),
+		Credentials: credentials.NewSharedCredentials("", "yandex-account")})
 	if err != nil {
 		log.Printf("[ERROR] : AWS - %v\n", "Error while creating Yandex Session")
 		return nil, errors.New("Error while creating Yandex Session")
 	}
 
-
 	return &Client{
 		OutputType:      "Yandex",
 		Config:          config,

types/types.go

@@ -390,11 +390,11 @@ type grafanaOutputConfig struct {
 type YandexOutputConfig struct {
 	AccessKeyID     string
 	SecretAccessKey string
-	Endpoint        string
 	Region          string
 	S3              YandexS3Config
 }
 type YandexS3Config struct {
+	Endpoint        string
 	Prefix          string
 	Bucket          string
 	MinimumPriority string