Feature #15082
open
[controller] [all services] Publish entire config including secrets
0%
Description
Similar to /metrics, each service should provide a GET /config.json endpoint that returns the config object currently in use by the service.
/config.json should return 401 if the request's HTTP header ("Authorization: Bearer {token}") is missing or does not match the configured ManagementToken, or the configured ManagementToken is blank.
The response should be serialized to JSON from the in-memory config representation: the purpose is to export the configuration as seen by the program, not to copy the config file on disk. For strongly typed config systems like source:sdk/go/arvados/config.go, this means unknown keys in the site config file (not recognized by this version of this component) will not appear in the response.
The response should include all site secrets (BlobSigningKey, ManagementToken, SystemRootToken, etc.).
Updated by
Updated by Peter Amstutz about 5 years ago
- Status changed from New to Closed
- Target version deleted (
To Be Groomed)
Updated by Peter Amstutz about 5 years ago
- Status changed from Closed to New
- Target version set to To Be Groomed
Updated by Peter Amstutz over 3 years ago
- Target version deleted (
To Be Groomed)
Updated by