Story #17284

[controller] Redact internal RailsAPI URLs from error messages returned to caller

Added by Tom Clegg 3 months ago. Updated 4 days ago.

Status:
New
Priority:
Normal
Assigned To:
Category:
API
Start date:
Due date:
% Done:

0%

Estimated time:
(Total: 0.00 h)
Story points:
-

Description

Currently, controller returns error messages like this:

request failed: http://localhost:8004/arvados/v1/containers/ce8i5-4zz18-t1qaidhvwn7rusu: 404 Not Found: Path not found (req-yewplazjko7817hghxxk)

The "http://localhost:8004" part can be confusing/misleading to someone who was expecting to connect to "https://ce8i5.arvadosapi.com". It also reveals a bit of detail about internal configuration, which might not be desirable (if the RailsAPI internal URL were an internal domain name instead of localhost, for example).

On the other hand, the internal URL (and the fact that the error originated from RailsAPI rather than controller itself) can be useful for troubleshooting.

We might:
  • Change "http://localhost:8004" to "//railsapi.internal" in these error messages
  • Remove the "http://localhost:8004" part entirely
  • Make this behavior configurable

Subtasks

Task #17552: ReviewNewLucas Di Pentima


Related issues

Related to Arvados - Feature #17170: Shell into container proof of conceptResolved01/14/2021

History

#1 Updated by Tom Clegg 3 months ago

  • Related to Feature #17170: Shell into container proof of concept added

#2 Updated by Ward Vandewege 3 months ago

It seems to me that the normal pattern would be appropriate here:

a) not leaking internal information in a user level error message
b) providing more detailed information including the internal URL in the service logs

I don't think we should make this a configurable thing, that's just unneeded complexity.

#3 Updated by Peter Amstutz 5 days ago

  • Target version changed from To Be Groomed to 2021-04-28 bughunt sprint

#4 Updated by Peter Amstutz 4 days ago

  • Assigned To set to Tom Clegg

Also available in: Atom PDF