Option to disable swagger-ui endpoint #19780
Comments
|
Any reason not to just disable it at the ingress? |
|
Not specifically, I didn’t consider that approach. I was looking for a simpler solution. |
|
Fair. I'm in favor of fewer options in Argo CD if possible, but if we need it we need it. 🙂 |
|
Copying comment(#16791 (comment)) from related discussion for code reference
|
pasha-codefresh
added
component:api
|
@svghadi, do you still need the option? |
|
It would be good to have this option. Even though the API docs are the same across different Argo CD instances and don't pose a security risk, some users might be interested in disabling the API documentation UI. |
|
If there's no pressing need, and if network rules can generally solve the problem, I'd rather avoid adding Argo CD code for this relative edge case. |
andrii-korotkov-verkada
added
the
workaround
|
Understood. That sounds reasonable. I'll reopen the issue if there’s a pressing need from users in the future." |
Summary
Provide a option to disable the authenticated
/swagger-uiendpoint which serves the api documentation.Motivation
Api docs are served on
<argocd-url>/swagger-uiendpoint without authentication. Even though these docs are the same across different Argo CD instances and don't pose a security risk when exposed, some of the users are interested is disabling it.Proposal
Make the endpoint configurable via a
argocd-cmconfigmap key (eg:disableSwaggerUI: true) or a cli argument toargocd-server(eg:--disable-swagger-ui)The text was updated successfully, but these errors were encountered: