Story #17284

[controller] Redact internal RailsAPI URLs from error messages returned to caller

Added by Tom Clegg 12 months ago. Updated 8 months ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
API
Target version:
Start date:
04/26/2021
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Story points:
-
Release relationship:
Auto

Description

Currently, controller returns error messages like this:

request failed: http://localhost:8004/arvados/v1/containers/ce8i5-4zz18-t1qaidhvwn7rusu: 404 Not Found: Path not found (req-yewplazjko7817hghxxk)

The "http://localhost:8004" part can be confusing/misleading to someone who was expecting to connect to "https://ce8i5.arvadosapi.com". It also reveals a bit of detail about internal configuration, which might not be desirable (if the RailsAPI internal URL were an internal domain name instead of localhost, for example).

On the other hand, the internal URL (and the fact that the error originated from RailsAPI rather than controller itself) can be useful for troubleshooting.

We might:
  • Change "http://localhost:8004" to "//railsapi.internal" in these error messages
  • Remove the "http://localhost:8004" part entirely
  • Make this behavior configurable

Subtasks

Task #17552: Review 17284-redact-railsapi-hostResolvedTom Clegg


Related issues

Related to Arvados - Feature #17170: Shell into container proof of conceptResolved01/14/2021

Associated revisions

Revision 90639f0e
Added by Tom Clegg 9 months ago

Merge branch '17284-redact-railsapi-host'

fixes #17284

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <>

Revision 7b061dc0
Added by Tom Clegg 9 months ago

Merge branch '17284-redact-railsapi-host'

refs #17284

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <>

History

#1 Updated by Tom Clegg 12 months ago

  • Related to Feature #17170: Shell into container proof of concept added

#2 Updated by Ward Vandewege 12 months ago

It seems to me that the normal pattern would be appropriate here:

a) not leaking internal information in a user level error message
b) providing more detailed information including the internal URL in the service logs

I don't think we should make this a configurable thing, that's just unneeded complexity.

#3 Updated by Peter Amstutz 9 months ago

  • Target version changed from To Be Groomed to 2021-04-28 bughunt sprint

#4 Updated by Peter Amstutz 9 months ago

  • Assigned To set to Tom Clegg

#5 Updated by Tom Clegg 9 months ago

  • Status changed from New to In Progress

#6 Updated by Tom Clegg 9 months ago

17284-redact-railsapi-host @ cd454bdea077864ccb987b4c474b79b6e4d629fc -- https://ci.arvados.org/view/Developer/job/developer-run-tests/2439/

Changes "http://localhost:8004" to "//railsapi.internal" in these error messages.

#7 Updated by Lucas Di Pentima 9 months ago

This LGTM, please merge.

#8 Updated by Tom Clegg 9 months ago

  • Status changed from In Progress to Resolved

#9 Updated by Tom Clegg 9 months ago

  • Target version changed from 2021-04-28 bughunt sprint to 2021-05-12 sprint
  • Status changed from Resolved to In Progress

#10 Updated by Tom Clegg 9 months ago

  • Status changed from In Progress to Resolved

#11 Updated by Peter Amstutz 8 months ago

  • Release set to 38

Also available in: Atom PDF