Merge branch '21705-go-deps'
[arvados.git] / lib / config / export.go
1 // Copyright (C) The Arvados Authors. All rights reserved.
2 //
3 // SPDX-License-Identifier: AGPL-3.0
4
5 package config
6
7 import (
8         "encoding/json"
9         "errors"
10         "fmt"
11         "io"
12         "strings"
13
14         "git.arvados.org/arvados.git/sdk/go/arvados"
15 )
16
17 // ExportJSON writes a JSON object with the safe (non-secret) portions
18 // of the cluster config to w.
19 func ExportJSON(w io.Writer, cluster *arvados.Cluster) error {
20         buf, err := json.Marshal(cluster)
21         if err != nil {
22                 return err
23         }
24         var m map[string]interface{}
25         err = json.Unmarshal(buf, &m)
26         if err != nil {
27                 return err
28         }
29
30         // ClusterID is not marshalled by default (see `json:"-"`).
31         // Add it back here so it is included in the exported config.
32         m["ClusterID"] = cluster.ClusterID
33         err = redactUnsafe(m, "", "")
34         if err != nil {
35                 return err
36         }
37         return json.NewEncoder(w).Encode(m)
38 }
39
40 // whitelist classifies configs as safe/unsafe to reveal through the API
41 // endpoint. Note that endpoint does not require authentication.
42 //
43 // Every config entry must either be listed explicitly here along with
44 // all of its parent keys (e.g., "API" + "API.RequestTimeout"), or
45 // have an ancestor listed as false (e.g.,
46 // "PostgreSQL.Connection.password" has an ancestor
47 // "PostgreSQL.Connection" with a false value). Otherwise, it is a bug
48 // which should be caught by tests.
49 //
50 // Example: API.RequestTimeout is safe because whitelist["API"] == and
51 // whitelist["API.RequestTimeout"] == true.
52 //
53 // Example: PostgreSQL.Connection.password is not safe because
54 // whitelist["PostgreSQL.Connection"] == false.
55 //
56 // Example: PostgreSQL.BadKey would cause an error because
57 // whitelist["PostgreSQL"] isn't false, and neither
58 // whitelist["PostgreSQL.BadKey"] nor whitelist["PostgreSQL.*"]
59 // exists.
60 var whitelist = map[string]bool{
61         // | sort -t'"' -k2,2
62         "API":                                                 true,
63         "API.AsyncPermissionsUpdateInterval":                  false,
64         "API.DisabledAPIs":                                    false,
65         "API.FreezeProjectRequiresDescription":                true,
66         "API.FreezeProjectRequiresProperties":                 true,
67         "API.FreezeProjectRequiresProperties.*":               true,
68         "API.KeepServiceRequestTimeout":                       false,
69         "API.LockBeforeUpdate":                                false,
70         "API.LogCreateRequestFraction":                        false,
71         "API.MaxConcurrentRailsRequests":                      false,
72         "API.MaxConcurrentRequests":                           false,
73         "API.MaxGatewayTunnels":                               false,
74         "API.MaxIndexDatabaseRead":                            false,
75         "API.MaxItemsPerResponse":                             true,
76         "API.MaxKeepBlobBuffers":                              false,
77         "API.MaxQueuedRequests":                               false,
78         "API.MaxQueueTimeForLockRequests":                     false,
79         "API.MaxRequestAmplification":                         false,
80         "API.MaxRequestSize":                                  true,
81         "API.MaxTokenLifetime":                                false,
82         "API.RequestTimeout":                                  true,
83         "API.SendTimeout":                                     true,
84         "API.UnfreezeProjectRequiresAdmin":                    true,
85         "API.VocabularyPath":                                  false,
86         "API.WebsocketClientEventQueue":                       false,
87         "API.WebsocketServerEventQueue":                       false,
88         "AuditLogs":                                           false,
89         "AuditLogs.MaxAge":                                    false,
90         "AuditLogs.MaxDeleteBatch":                            false,
91         "AuditLogs.UnloggedAttributes":                        false,
92         "ClusterID":                                           true,
93         "Collections":                                         true,
94         "Collections.BalanceCollectionBatch":                  false,
95         "Collections.BalanceCollectionBuffers":                false,
96         "Collections.BalancePeriod":                           false,
97         "Collections.BalancePullLimit":                        false,
98         "Collections.BalanceTimeout":                          false,
99         "Collections.BalanceTrashLimit":                       false,
100         "Collections.BalanceUpdateLimit":                      false,
101         "Collections.BlobDeleteConcurrency":                   false,
102         "Collections.BlobMissingReport":                       false,
103         "Collections.BlobReplicateConcurrency":                false,
104         "Collections.BlobSigning":                             true,
105         "Collections.BlobSigningKey":                          false,
106         "Collections.BlobSigningTTL":                          true,
107         "Collections.BlobTrash":                               false,
108         "Collections.BlobTrashCheckInterval":                  false,
109         "Collections.BlobTrashConcurrency":                    false,
110         "Collections.BlobTrashLifetime":                       false,
111         "Collections.CollectionVersioning":                    true,
112         "Collections.DefaultReplication":                      true,
113         "Collections.DefaultTrashLifetime":                    true,
114         "Collections.ForwardSlashNameSubstitution":            true,
115         "Collections.KeepproxyPermission":                     false,
116         "Collections.ManagedProperties":                       true,
117         "Collections.ManagedProperties.*":                     true,
118         "Collections.ManagedProperties.*.*":                   true,
119         "Collections.PreserveVersionIfIdle":                   true,
120         "Collections.S3FolderObjects":                         true,
121         "Collections.TrashSweepInterval":                      false,
122         "Collections.TrustAllContent":                         true,
123         "Collections.WebDAVCache":                             false,
124         "Collections.WebDAVLogEvents":                         false,
125         "Collections.WebDAVOutputBuffer":                      false,
126         "Collections.WebDAVPermission":                        false,
127         "Containers":                                          true,
128         "Containers.AlwaysUsePreemptibleInstances":            true,
129         "Containers.CloudVMs":                                 false,
130         "Containers.CrunchRunArgumentsList":                   false,
131         "Containers.CrunchRunCommand":                         false,
132         "Containers.DefaultKeepCacheRAM":                      true,
133         "Containers.DispatchPrivateKey":                       false,
134         "Containers.JobsAPI":                                  true,
135         "Containers.JobsAPI.Enable":                           true,
136         "Containers.LocalKeepBlobBuffersPerVCPU":              false,
137         "Containers.LocalKeepLogsToContainerLog":              false,
138         "Containers.Logging":                                  false,
139         "Containers.LogReuseDecisions":                        false,
140         "Containers.LSF":                                      false,
141         "Containers.MaxDispatchAttempts":                      false,
142         "Containers.MaximumPriceFactor":                       true,
143         "Containers.MaxRetryAttempts":                         true,
144         "Containers.MinRetryPeriod":                           true,
145         "Containers.PreemptiblePriceFactor":                   false,
146         "Containers.ReserveExtraRAM":                          true,
147         "Containers.RuntimeEngine":                            true,
148         "Containers.ShellAccess":                              true,
149         "Containers.ShellAccess.Admin":                        true,
150         "Containers.ShellAccess.User":                         true,
151         "Containers.SLURM":                                    false,
152         "Containers.StaleLockTimeout":                         false,
153         "Containers.SupportedDockerImageFormats":              true,
154         "Containers.SupportedDockerImageFormats.*":            true,
155         "InstanceTypes":                                       true,
156         "InstanceTypes.*":                                     true,
157         "InstanceTypes.*.*":                                   true,
158         "InstanceTypes.*.*.*":                                 true,
159         "Login":                                               true,
160         "Login.Google":                                        true,
161         "Login.Google.AlternateEmailAddresses":                false,
162         "Login.Google.AuthenticationRequestParameters":        false,
163         "Login.Google.ClientID":                               false,
164         "Login.Google.ClientSecret":                           false,
165         "Login.Google.Enable":                                 true,
166         "Login.IssueTrustedTokens":                            false,
167         "Login.LDAP":                                          true,
168         "Login.LDAP.AppendDomain":                             false,
169         "Login.LDAP.EmailAttribute":                           false,
170         "Login.LDAP.Enable":                                   true,
171         "Login.LDAP.InsecureTLS":                              false,
172         "Login.LDAP.MinTLSVersion":                            false,
173         "Login.LDAP.SearchAttribute":                          false,
174         "Login.LDAP.SearchBase":                               false,
175         "Login.LDAP.SearchBindPassword":                       false,
176         "Login.LDAP.SearchBindUser":                           false,
177         "Login.LDAP.SearchFilters":                            false,
178         "Login.LDAP.StartTLS":                                 false,
179         "Login.LDAP.StripDomain":                              false,
180         "Login.LDAP.URL":                                      false,
181         "Login.LDAP.UsernameAttribute":                        false,
182         "Login.LoginCluster":                                  true,
183         "Login.OpenIDConnect":                                 true,
184         "Login.OpenIDConnect.AcceptAccessToken":               false,
185         "Login.OpenIDConnect.AcceptAccessTokenScope":          false,
186         "Login.OpenIDConnect.AuthenticationRequestParameters": false,
187         "Login.OpenIDConnect.ClientID":                        false,
188         "Login.OpenIDConnect.ClientSecret":                    false,
189         "Login.OpenIDConnect.EmailClaim":                      false,
190         "Login.OpenIDConnect.EmailVerifiedClaim":              false,
191         "Login.OpenIDConnect.Enable":                          true,
192         "Login.OpenIDConnect.Issuer":                          false,
193         "Login.OpenIDConnect.UsernameClaim":                   false,
194         "Login.PAM":                                           true,
195         "Login.PAM.DefaultEmailDomain":                        false,
196         "Login.PAM.Enable":                                    true,
197         "Login.PAM.Service":                                   false,
198         "Login.RemoteTokenRefresh":                            true,
199         "Login.Test":                                          true,
200         "Login.Test.Enable":                                   true,
201         "Login.Test.Users":                                    false,
202         "Login.TokenLifetime":                                 false,
203         "Login.TrustedClients":                                false,
204         "Login.TrustPrivateNetworks":                          false,
205         "Mail":                                                true,
206         "Mail.EmailFrom":                                      false,
207         "Mail.IssueReporterEmailFrom":                         false,
208         "Mail.IssueReporterEmailTo":                           false,
209         "Mail.MailchimpAPIKey":                                false,
210         "Mail.MailchimpListID":                                false,
211         "Mail.SendUserSetupNotificationEmail":                 false,
212         "Mail.SupportEmailAddress":                            true,
213         "ManagementToken":                                     false,
214         "PostgreSQL":                                          false,
215         "RemoteClusters":                                      true,
216         "RemoteClusters.*":                                    true,
217         "RemoteClusters.*.ActivateUsers":                      true,
218         "RemoteClusters.*.Host":                               true,
219         "RemoteClusters.*.Insecure":                           true,
220         "RemoteClusters.*.Proxy":                              true,
221         "RemoteClusters.*.Scheme":                             true,
222         "Services":                                            true,
223         "Services.*":                                          true,
224         "Services.*.ExternalURL":                              true,
225         "Services.*.InternalURLs":                             false,
226         "StorageClasses":                                      true,
227         "StorageClasses.*":                                    true,
228         "StorageClasses.*.Default":                            true,
229         "StorageClasses.*.Priority":                           true,
230         "SystemLogs":                                          false,
231         "SystemRootToken":                                     false,
232         "TLS":                                                 false,
233         "TLS.Certificate":                                     false,
234         "TLS.Insecure":                                        true,
235         "TLS.Key":                                             false,
236         "Users":                                               true,
237         "Users.ActivatedUsersAreVisibleToOthers":              false,
238         "Users.ActivityLoggingPeriod":                         false,
239         "Users.AdminNotifierEmailFrom":                        false,
240         "Users.AnonymousUserToken":                            true,
241         "Users.AutoAdminFirstUser":                            false,
242         "Users.AutoAdminUserWithEmail":                        false,
243         "Users.AutoSetupNewUsers":                             false,
244         "Users.AutoSetupNewUsersWithVmUUID":                   false,
245         "Users.AutoSetupUsernameBlacklist":                    false,
246         "Users.CanCreateRoleGroups":                           true,
247         "Users.EmailSubjectPrefix":                            false,
248         "Users.NewInactiveUserNotificationRecipients":         false,
249         "Users.NewUserNotificationRecipients":                 false,
250         "Users.NewUsersAreActive":                             false,
251         "Users.PreferDomainForUsername":                       false,
252         "Users.RoleGroupsVisibleToAll":                        false,
253         "Users.SyncIgnoredGroups":                             true,
254         "Users.SyncRequiredGroups":                            true,
255         "Users.SyncUserAccounts":                              true,
256         "Users.SyncUserAPITokens":                             true,
257         "Users.SyncUserGroups":                                true,
258         "Users.SyncUserSSHKeys":                               true,
259         "Users.UserNotifierEmailBcc":                          false,
260         "Users.UserNotifierEmailFrom":                         false,
261         "Users.UserProfileNotificationAddress":                false,
262         "Users.UserSetupMailText":                             false,
263         "Volumes":                                             true,
264         "Volumes.*":                                           true,
265         "Volumes.*.*":                                         false,
266         "Volumes.*.AccessViaHosts":                            true,
267         "Volumes.*.AccessViaHosts.*":                          true,
268         "Volumes.*.AccessViaHosts.*.ReadOnly":                 true,
269         "Volumes.*.ReadOnly":                                  true,
270         "Volumes.*.Replication":                               true,
271         "Volumes.*.StorageClasses":                            true,
272         "Volumes.*.StorageClasses.*":                          true,
273         "Workbench":                                           true,
274         "Workbench.ActivationContactLink":                     false,
275         "Workbench.APIClientConnectTimeout":                   true,
276         "Workbench.APIClientReceiveTimeout":                   true,
277         "Workbench.APIResponseCompression":                    true,
278         "Workbench.ApplicationMimetypesWithViewIcon":          true,
279         "Workbench.ApplicationMimetypesWithViewIcon.*":        true,
280         "Workbench.ArvadosDocsite":                            true,
281         "Workbench.ArvadosPublicDataDocURL":                   true,
282         "Workbench.BannerUUID":                                true,
283         "Workbench.DefaultOpenIdPrefix":                       false,
284         "Workbench.DisableSharingURLsUI":                      true,
285         "Workbench.EnableGettingStartedPopup":                 true,
286         "Workbench.EnablePublicProjectsPage":                  true,
287         "Workbench.FileViewersConfigURL":                      true,
288         "Workbench.IdleTimeout":                               true,
289         "Workbench.InactivePageHTML":                          true,
290         "Workbench.LogViewerMaxBytes":                         true,
291         "Workbench.MultiSiteSearch":                           true,
292         "Workbench.ProfilingEnabled":                          true,
293         "Workbench.Repositories":                              false,
294         "Workbench.RepositoryCache":                           false,
295         "Workbench.RunningJobLogRecordsToFetch":               true,
296         "Workbench.ShowRecentCollectionsOnDashboard":          true,
297         "Workbench.ShowUserAgreementInline":                   true,
298         "Workbench.ShowUserNotifications":                     true,
299         "Workbench.SiteName":                                  true,
300         "Workbench.SSHHelpHostSuffix":                         true,
301         "Workbench.SSHHelpPageHTML":                           true,
302         "Workbench.Theme":                                     true,
303         "Workbench.UserProfileFormFields":                     true,
304         "Workbench.UserProfileFormFields.*":                   true,
305         "Workbench.UserProfileFormFields.*.*":                 true,
306         "Workbench.UserProfileFormFields.*.*.*":               true,
307         "Workbench.UserProfileFormMessage":                    true,
308         "Workbench.WelcomePageHTML":                           true,
309 }
310
311 func redactUnsafe(m map[string]interface{}, mPrefix, lookupPrefix string) error {
312         var errs []string
313         for k, v := range m {
314                 lookupKey := k
315                 safe, ok := whitelist[lookupPrefix+k]
316                 if !ok {
317                         lookupKey = "*"
318                         safe, ok = whitelist[lookupPrefix+"*"]
319                 }
320                 if !ok {
321                         errs = append(errs, fmt.Sprintf("config bug: key %q not in whitelist map", lookupPrefix+k))
322                         continue
323                 }
324                 if !safe {
325                         delete(m, k)
326                         continue
327                 }
328                 if v, ok := v.(map[string]interface{}); ok {
329                         err := redactUnsafe(v, mPrefix+k+".", lookupPrefix+lookupKey+".")
330                         if err != nil {
331                                 errs = append(errs, err.Error())
332                         }
333                 }
334         }
335         if len(errs) > 0 {
336                 return errors.New(strings.Join(errs, "\n"))
337         }
338         return nil
339 }