-
Notifications
You must be signed in to change notification settings - Fork 505
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add an endpoint that will output Athens configuration #1503
Comments
Hey, can I work on this? |
@fedepaol absolutely! 💚 |
This feature sounds very helpful 💯 However, we should make sure it is protected because the configuration might have sensitive information like credentials to access storage. |
Ah you are right @marwan-at-work . Thoughts? |
I don't think basic auth is worth it personally. I'd rather put the endpoint behind a configuration value that defaults to off. If someone wanted to turn it on, they would need to use their firewall/load balancer/etc... to protect it for now. If the endpoint gets widely used, I'd then advocate for supporting |
Make sense to me. |
If auth is not worth it for now, here are the options I can think of (and were mentioned above): Option 1: I like the idea of obscuring sensitive fields. But we should make sure the implementation is easy to maintain, maybe any sensitive configuration would implement the fmt.Stringer interface. Option 2: a configuration option to either output everything or not output everything. Option 3: expose the endpoint on a different port, this will mean only those who can access the Athens machine/container can ping that endpoint. |
My vote is for (1) and (3). I personally would like to set |
I think if we do That said, we can implement 3 first and then implement 1 as an enhancement after...but maybe users would want to see everything especially the sensitive configuration to debug auth issues. In that case we could have a |
Is your feature request related to a problem? Please describe.
Athens has many configuration values and it's easy to get them mixed up. We are taking several measures to make it easier to make sure you don't configure it with anything obviously bad.
Describe the solution you'd like
Along with other strategies to make this better, it would be helpful to opt-in to an HTTP endpoint that an operator can
curl
and that outputs the current configuration. That would be helpful to help with debugging.Describe alternatives you've considered
We could have Athens log everything on startup.
Additional context
N/A
The text was updated successfully, but these errors were encountered: