feat(notification-http): add dynamic URL query params support

[TO19]

Hello,

In the http notification plugin I needed query params to be dynamic for an API that only uses query parameters.

So I implemented it this way :
If the rendered format output is a JSON object containing a url_query_params field, those key-value pairs are URL-encoded and appended to the configured URL. An optional request_body field controls the HTTP body; if omitted, the body is sent empty.

If the format output is not JSON or lacks url_query_params, existing behavior is unchanged

A cleaner implementation could use a dedicated config key like query_params, but since templating happens in the broker, that would require deeper changes.

How to test :

• Run bats tests
• Build the notification-http binary and replace it on a running crowdsec setup

Example of a format in the configuration notifications/http.yaml

format: |
  {"url_query_params": {"message": "{{range $i, $v := .}}{{if $i}},{{end}}{{$v.Source.Value}} banned for {{$v.Scenario}}{{end}}"}}

It will produce https://www.example.com/?message=19.19.19.19+banned+for+scenario

Tested on version: v1.7.6-debian-pragmatic-amd64-eacc8192

[github-actions]

@TO19: There are no 'kind' label on this PR. You need a 'kind' label to generate the release automatically.

• /kind feature
• /kind enhancement
• /kind refactoring
• /kind fix
• /kind chore
• /kind dependencies

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[github-actions]

@TO19: There are no area labels on this PR. You can add as many areas as you see fit.

• /area agent
• /area local-api
• /area cscli
• /area appsec
• /area security
• /area configuration

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[TO19]

/kind feature

[TO19]

/area configuration

[blotus]

Hello,

Sorry for not looking at this sooner.

While the code looks fine, I really don't like this approach: we are mixing data and configuration.

What's your actual use case ? A webhook that only support fetching data from the query string ?

Also, note that notification plugins are standalone: you can easily build your own that includes whatever functionality you want. You can find the documentation here.

[TO19]

Hello,

Totally agree it's mixing stuff but adding a clean key would require too much change.

Yes exactly I need to talk to an api that only accept query params.

I end up with an automated script to build my own.