-
Notifications
You must be signed in to change notification settings - Fork 145
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feature: Add setting to block all external network communication #6754
Comments
I was originally thinking it might be useful to use To prevent attempted external network access before it occurs, we'll need to assemble a list of every place within Meltano that might attempt external network access, and then update them all. We should try to be granular with this. Just because some small relatively unimportant part of a feature attempts to access the external network doesn't mean that the whole feature should be skipped. A context manager that can only be entered when external network access is permitted can be used for this. It can optionally be provided an exception to raise if it could not be entered, with the default behaviour being to log that it was skipped (including what specifically was skipped because of the setting), and then skip the enclosed block. |
I used to set |
@cwegener - This is a great call-out. I hadn't considered this myself. But, yes, as you say, the Expanding on this a bit, if a feature flag named something like @edgarrmondragon - What do you think of this as a possible approach here? Of course we'd have to write tests and verify nothing else is reaching out externally, but an internal override of these component settings seems like a decent way to implement. |
I couldn't think of anything else myself. Btw. a good way to validate this manually is via the repro steps I provided in this bug report: #7298 by visually inspecting the http traffic via |
Feature scope
Other
Description
Per @dingobar's request on Slack: https://meltano.slack.com/archives/C01TCRBBJD7/p1663137839450139
The text was updated successfully, but these errors were encountered: