Project

General

Profile

Actions

Feature #15082

open

[controller] [all services] Publish entire config including secrets

Added by Tom Clegg over 5 years ago. Updated 8 months ago.

Status:
New
Priority:
Normal
Assigned To:
-
Category:
Deployment
Target version:
Story points:
-
Release:
Release relationship:
Auto

Description

Similar to /metrics, each service should provide a GET /config.json endpoint that returns the config object currently in use by the service.

/config.json should return 401 if the request's HTTP header ("Authorization: Bearer {token}") is missing or does not match the configured ManagementToken, or the configured ManagementToken is blank.

The response should be serialized to JSON from the in-memory config representation: the purpose is to export the configuration as seen by the program, not to copy the config file on disk. For strongly typed config systems like source:sdk/go/arvados/config.go, this means unknown keys in the site config file (not recognized by this version of this component) will not appear in the response.

The response should include all site secrets (BlobSigningKey, ManagementToken, SystemRootToken, etc.).

Actions #1

Updated by Tom Clegg over 5 years ago

  • Target version set to To Be Groomed
Actions #2

Updated by Peter Amstutz almost 5 years ago

  • Target version deleted (To Be Groomed)
  • Status changed from New to Closed
Actions #3

Updated by Peter Amstutz almost 5 years ago

  • Target version set to To Be Groomed
  • Status changed from Closed to New
Actions #4

Updated by Peter Amstutz over 3 years ago

  • Target version deleted (To Be Groomed)
Actions #5

Updated by Peter Amstutz over 1 year ago

  • Release set to 60
Actions #6

Updated by Peter Amstutz 8 months ago

  • Target version set to Future
Actions

Also available in: Atom PDF