X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/94972ae20fa5d9dde7dc814695a970e9d5bad4a7..5763409818cd2ab68c0f59b6a97d0c3df090907f:/lib/config/export.go diff --git a/lib/config/export.go b/lib/config/export.go index b79dec4d9d..323043fbe7 100644 --- a/lib/config/export.go +++ b/lib/config/export.go @@ -11,7 +11,7 @@ import ( "io" "strings" - "git.curoverse.com/arvados.git/sdk/go/arvados" + "git.arvados.org/arvados.git/sdk/go/arvados" ) // ExportJSON writes a JSON object with the safe (non-secret) portions @@ -26,6 +26,10 @@ func ExportJSON(w io.Writer, cluster *arvados.Cluster) error { if err != nil { return err } + + // ClusterID is not marshalled by default (see `json:"-"`). + // Add it back here so it is included in the exported config. + m["ClusterID"] = cluster.ClusterID err = redactUnsafe(m, "", "") if err != nil { return err @@ -55,15 +59,22 @@ func ExportJSON(w io.Writer, cluster *arvados.Cluster) error { // exists. var whitelist = map[string]bool{ // | sort -t'"' -k2,2 + "ClusterID": true, "API": true, "API.AsyncPermissionsUpdateInterval": false, "API.DisabledAPIs": false, + "API.MaxConcurrentRequests": false, "API.MaxIndexDatabaseRead": false, "API.MaxItemsPerResponse": true, + "API.MaxKeepBlobBuffers": false, "API.MaxRequestAmplification": false, "API.MaxRequestSize": true, "API.RailsSessionSecretToken": false, "API.RequestTimeout": true, + "API.WebsocketClientEventQueue": false, + "API.SendTimeout": true, + "API.WebsocketServerEventQueue": false, + "API.KeepServiceRequestTimeout": false, "AuditLogs": false, "AuditLogs.MaxAge": false, "AuditLogs.MaxDeleteBatch": false, @@ -72,43 +83,86 @@ var whitelist = map[string]bool{ "Collections.BlobSigning": true, "Collections.BlobSigningKey": false, "Collections.BlobSigningTTL": true, + "Collections.BlobTrash": false, + "Collections.BlobTrashLifetime": false, + "Collections.BlobTrashConcurrency": false, + "Collections.BlobTrashCheckInterval": false, + "Collections.BlobDeleteConcurrency": false, + "Collections.BlobReplicateConcurrency": false, "Collections.CollectionVersioning": false, "Collections.DefaultReplication": true, "Collections.DefaultTrashLifetime": true, + "Collections.ForwardSlashNameSubstitution": true, "Collections.ManagedProperties": true, "Collections.ManagedProperties.*": true, "Collections.ManagedProperties.*.*": true, "Collections.PreserveVersionIfIdle": true, "Collections.TrashSweepInterval": false, "Collections.TrustAllContent": false, + "Collections.WebDAVCache": false, + "Collections.BalanceCollectionBatch": false, + "Collections.BalancePeriod": false, + "Collections.BlobMissingReport": false, + "Collections.BalanceCollectionBuffers": false, "Containers": true, "Containers.CloudVMs": false, + "Containers.CrunchRunCommand": false, + "Containers.CrunchRunArgumentsList": false, "Containers.DefaultKeepCacheRAM": true, "Containers.DispatchPrivateKey": false, "Containers.JobsAPI": true, - "Containers.JobsAPI.CrunchJobUser": false, - "Containers.JobsAPI.CrunchJobWrapper": false, - "Containers.JobsAPI.CrunchRefreshTrigger": false, - "Containers.JobsAPI.DefaultDockerImage": false, "Containers.JobsAPI.Enable": true, "Containers.JobsAPI.GitInternalDir": false, - "Containers.JobsAPI.ReuseJobIfOutputsDiffer": false, "Containers.Logging": false, "Containers.LogReuseDecisions": false, "Containers.MaxComputeVMs": false, "Containers.MaxDispatchAttempts": false, "Containers.MaxRetryAttempts": true, + "Containers.MinRetryPeriod": true, + "Containers.ReserveExtraRAM": true, "Containers.SLURM": false, "Containers.StaleLockTimeout": false, "Containers.SupportedDockerImageFormats": true, + "Containers.SupportedDockerImageFormats.*": true, "Containers.UsePreemptibleInstances": true, - "EnableBetaController14287": false, + "ForceLegacyAPI14": false, "Git": false, "InstanceTypes": true, "InstanceTypes.*": true, "InstanceTypes.*.*": true, - "Login": false, - "Mail": false, + "Login": true, + "Login.GoogleClientID": false, + "Login.GoogleClientSecret": false, + "Login.GoogleAlternateEmailAddresses": false, + "Login.PAM": true, + "Login.PAMService": false, + "Login.PAMDefaultEmailDomain": false, + "Login.ProviderAppID": false, + "Login.ProviderAppSecret": false, + "Login.LDAP": true, + "Login.LDAP.AppendDomain": false, + "Login.LDAP.EmailAttribute": false, + "Login.LDAP.Enable": true, + "Login.LDAP.InsecureTLS": false, + "Login.LDAP.SearchAttribute": false, + "Login.LDAP.SearchBase": false, + "Login.LDAP.SearchBindUser": false, + "Login.LDAP.SearchBindPassword": false, + "Login.LDAP.SearchFilters": false, + "Login.LDAP.StartTLS": false, + "Login.LDAP.StripDomain": false, + "Login.LDAP.URL": false, + "Login.LDAP.UsernameAttribute": false, + "Login.LoginCluster": true, + "Login.RemoteTokenRefresh": true, + "Mail": true, + "Mail.MailchimpAPIKey": false, + "Mail.MailchimpListID": false, + "Mail.SendUserSetupNotificationEmail": false, + "Mail.IssueReporterEmailFrom": false, + "Mail.IssueReporterEmailTo": false, + "Mail.SupportEmailAddress": true, + "Mail.EmailFrom": false, "ManagementToken": false, "PostgreSQL": false, "RemoteClusters": true, @@ -138,8 +192,19 @@ var whitelist = map[string]bool{ "Users.NewInactiveUserNotificationRecipients": false, "Users.NewUserNotificationRecipients": false, "Users.NewUsersAreActive": false, + "Users.PreferDomainForUsername": false, "Users.UserNotifierEmailFrom": false, "Users.UserProfileNotificationAddress": false, + "Volumes": true, + "Volumes.*": true, + "Volumes.*.*": false, + "Volumes.*.AccessViaHosts": true, + "Volumes.*.AccessViaHosts.*": true, + "Volumes.*.AccessViaHosts.*.ReadOnly": true, + "Volumes.*.ReadOnly": true, + "Volumes.*.Replication": true, + "Volumes.*.StorageClasses": true, + "Volumes.*.StorageClasses.*": false, "Workbench": true, "Workbench.ActivationContactLink": false, "Workbench.APIClientConnectTimeout": true, @@ -171,6 +236,10 @@ var whitelist = map[string]bool{ "Workbench.UserProfileFormFields.*.*.*": true, "Workbench.UserProfileFormMessage": true, "Workbench.VocabularyURL": true, + "Workbench.WelcomePageHTML": true, + "Workbench.InactivePageHTML": true, + "Workbench.SSHHelpPageHTML": true, + "Workbench.SSHHelpHostSuffix": true, } func redactUnsafe(m map[string]interface{}, mPrefix, lookupPrefix string) error {