From: Brett Smith <brett.smith@curii.com>
Date: Thu, 22 Jun 2023 14:52:05 +0000 (-0400)
Subject: 20663: Clarify comment about what "safe" config means
X-Git-Tag: 2.7.0~70^2~5
X-Git-Url: https://git.arvados.org/arvados.git/commitdiff_plain/b0cbacbab436749a2a94e5bb7a8b9400641bed35?hp=354335e323305190b957c59c4be26c1231c2d115

20663: Clarify comment about what "safe" config means

I might've liked to reveal configuration to authenticated clients, but
not unauthenticated ones. Unfortunately the code doesn't currently
support that.

Arvados-DCO-1.1-Signed-off-by: Brett Smith <brett.smith@curii.com>
---

diff --git a/lib/config/export.go b/lib/config/export.go
index f46f5b6f84..31ccc994b9 100644
--- a/lib/config/export.go
+++ b/lib/config/export.go
@@ -37,8 +37,8 @@ func ExportJSON(w io.Writer, cluster *arvados.Cluster) error {
 	return json.NewEncoder(w).Encode(m)
 }
 
-// whitelist classifies configs as safe/unsafe to reveal to
-// unauthenticated clients.
+// whitelist classifies configs as safe/unsafe to reveal through the API
+// endpoint. Note that endpoint does not require authentication.
 //
 // Every config entry must either be listed explicitly here along with
 // all of its parent keys (e.g., "API" + "API.RequestTimeout"), or