X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/dee23e534ab1c84fbe2e34730c0327989cc263ac..9f32ba406d862fa0ad79ac7c23c6b0aced1bdf13:/lib/config/export.go diff --git a/lib/config/export.go b/lib/config/export.go index e7cf094eb0..e1f5ff9ee1 100644 --- a/lib/config/export.go +++ b/lib/config/export.go @@ -37,8 +37,8 @@ func ExportJSON(w io.Writer, cluster *arvados.Cluster) error { return json.NewEncoder(w).Encode(m) } -// whitelist classifies configs as safe/unsafe to reveal to -// unauthenticated clients. +// whitelist classifies configs as safe/unsafe to reveal through the API +// endpoint. Note that endpoint does not require authentication. // // Every config entry must either be listed explicitly here along with // all of its parent keys (e.g., "API" + "API.RequestTimeout"), or @@ -66,10 +66,15 @@ var whitelist = map[string]bool{ "API.FreezeProjectRequiresProperties": true, "API.FreezeProjectRequiresProperties.*": true, "API.KeepServiceRequestTimeout": false, + "API.LockBeforeUpdate": false, + "API.LogCreateRequestFraction": false, + "API.MaxConcurrentRailsRequests": false, "API.MaxConcurrentRequests": false, "API.MaxIndexDatabaseRead": false, "API.MaxItemsPerResponse": true, "API.MaxKeepBlobBuffers": false, + "API.MaxQueuedRequests": false, + "API.MaxQueueTimeForLockRequests": false, "API.MaxRequestAmplification": false, "API.MaxRequestSize": true, "API.MaxTokenLifetime": false, @@ -130,7 +135,6 @@ var whitelist = map[string]bool{ "Containers.Logging": false, "Containers.LogReuseDecisions": false, "Containers.LSF": false, - "Containers.MaxComputeVMs": false, "Containers.MaxDispatchAttempts": false, "Containers.MaxRetryAttempts": true, "Containers.MinRetryPeriod": true, @@ -162,6 +166,7 @@ var whitelist = map[string]bool{ "Login.LDAP.EmailAttribute": false, "Login.LDAP.Enable": true, "Login.LDAP.InsecureTLS": false, + "Login.LDAP.MinTLSVersion": false, "Login.LDAP.SearchAttribute": false, "Login.LDAP.SearchBase": false, "Login.LDAP.SearchBindPassword": false, @@ -193,6 +198,7 @@ var whitelist = map[string]bool{ "Login.Test.Users": false, "Login.TokenLifetime": false, "Login.TrustedClients": false, + "Login.TrustPrivateNetworks": false, "Mail": true, "Mail.EmailFrom": false, "Mail.IssueReporterEmailFrom": false, @@ -235,12 +241,19 @@ var whitelist = map[string]bool{ "Users.AutoSetupNewUsersWithRepository": false, "Users.AutoSetupNewUsersWithVmUUID": false, "Users.AutoSetupUsernameBlacklist": false, + "Users.CanCreateRoleGroups": true, "Users.EmailSubjectPrefix": false, "Users.NewInactiveUserNotificationRecipients": false, "Users.NewUserNotificationRecipients": false, "Users.NewUsersAreActive": false, "Users.PreferDomainForUsername": false, "Users.RoleGroupsVisibleToAll": false, + "Users.SyncIgnoredGroups": true, + "Users.SyncRequiredGroups": true, + "Users.SyncUserAccounts": true, + "Users.SyncUserAPITokens": true, + "Users.SyncUserGroups": true, + "Users.SyncUserSSHKeys": true, "Users.UserNotifierEmailBcc": false, "Users.UserNotifierEmailFrom": false, "Users.UserProfileNotificationAddress": false, @@ -264,6 +277,7 @@ var whitelist = map[string]bool{ "Workbench.ApplicationMimetypesWithViewIcon.*": true, "Workbench.ArvadosDocsite": true, "Workbench.ArvadosPublicDataDocURL": true, + "Workbench.BannerUUID": true, "Workbench.DefaultOpenIdPrefix": false, "Workbench.DisableSharingURLsUI": true, "Workbench.EnableGettingStartedPopup": true, @@ -291,7 +305,6 @@ var whitelist = map[string]bool{ "Workbench.UserProfileFormFields.*.*.*": true, "Workbench.UserProfileFormMessage": true, "Workbench.WelcomePageHTML": true, - "Workbench.BannerURL": true, } func redactUnsafe(m map[string]interface{}, mPrefix, lookupPrefix string) error {