support loading webhook URL from a file

[sr]

Both DeadMansSnitch and Healthchecks.io treat the URL as a secret, so I am guessing this is a common enough use case.

/cc #2498

[simonpasquier]

lgtm. @gotjosh are you fine with this change? It's a bit puzzling that the url field isn't a secret type but changing it would be inconvenient for many users and the url_file field fills a gap for some webhooks.

[gotjosh]

How bad would it be if we changed URL to Secret? I definitely think this should be a secret.

[sr]

AFAICT the only place where it's marshalled back is in the status page. So changing WebhookConfig.URL to be a SecretURL would cause it be shown as the string <secret>, vs then the actual URL now.

Side note, if it were to be changed to a secret, notify.RedactURL(err) would also be needed here:

alertmanager/notify/webhook/webhook.go

Line 106 in f59460b

return true, err

[sr]

@gotjosh @simonpasquier Should I make the SecretURL change here or in a separate PR?

[gotjosh]

Can you please put together a separate PR? Thanks @sr.

[sr]

Sweet, thanks for merging #3228.

I've merged in main and added a few more tests, including a couple test cases I should have added in #3200.

make test is passing locally. The failure on CI looks like a flake:
https://app.circleci.com/pipelines/github/prometheus/alertmanager/3322/workflows/6647f932-9964-42fc-9291-f0e1f560254c/jobs/14718

[sr]

@simonpasquier Build is now green. Good to merge?

[simonpasquier]

thanks!

[aned]

Is it possible to have one secrets file with multiple receiver_name: api_url, so the alertmanager can parse it based on the receiver_name instead of having many files?