You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Right now there is just a global switch to enable or disable the /query endpoint: ENABLE_QUERY.
It would be nice to have an easy way to allow only a sub-selection of the available PuppetDB endpoints.
For example the catalog endpoint might return secrets from the host's catalog and this could be considered unsafe and to be forbidden in a given environment. But at the same time it would be very useful to allow fact queries. And this is my use case.
An additional configuration parameter that allow to specify the list of enabled PuppetDB endpoints that could be queried should be easy enough to add, increasing a lot Puppetboard flexibility.
The text was updated successfully, but these errors were encountered:
volans-
added a commit
to volans-/puppetboard
that referenced
this issue
Jul 18, 2018
Allow to configure which PuppetDB endpoints are allowed in the /query
page, adding the ENABLED_QUERY_ENDPOINTS configuration variable, that
if set restricts the allowed endpoints to query. If not set the previous
behaviour is kept, allowing all PuppetDB endpoints to be queried, if the
ENABLE_QUERY configuration is True.
Closes: voxpupuli#475
Allow to configure which PuppetDB endpoints are allowed in the /query
page, adding the ENABLED_QUERY_ENDPOINTS configuration variable, that
if set restricts the allowed endpoints to query. If not set the previous
behaviour is kept, allowing all PuppetDB endpoints to be queried, if the
ENABLE_QUERY configuration is True.
Closes: voxpupuli#475
Right now there is just a global switch to enable or disable the
/query
endpoint:ENABLE_QUERY
.It would be nice to have an easy way to allow only a sub-selection of the available PuppetDB endpoints.
For example the catalog endpoint might return secrets from the host's catalog and this could be considered unsafe and to be forbidden in a given environment. But at the same time it would be very useful to allow fact queries. And this is my use case.
An additional configuration parameter that allow to specify the list of enabled PuppetDB endpoints that could be queried should be easy enough to add, increasing a lot Puppetboard flexibility.
The text was updated successfully, but these errors were encountered: