Skip to content

Commit

Permalink
fix: hidden cmdline, memstat and token in serverconfig (#726)
Browse files Browse the repository at this point in the history
## What type of PR is this?

/kind cleanup

## What this PR does / why we need it:

- hidden AI backend token in ServerConfig api
- remove `cmdline` and `memstat` in ServerConfig api


![image](https://github.com/user-attachments/assets/d8677e2d-b62a-4ac6-9132-38a879234507)

## Which issue(s) this PR fixes:

<!--
*Automatically closes linked issue when PR is merged.
Usage: `Fixes #<issue number>`, or `Fixes (paste link of issue)`.
_If PR is about `failing-tests or flakes`, please post the related
issues/tests in a comment and do not use `Fixes`_*
-->

Fixes #
  • Loading branch information
ruquanzhao authored Jan 14, 2025
1 parent 32d6514 commit 4165ce0
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 2 deletions.
4 changes: 3 additions & 1 deletion cmd/karpor/app/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,9 @@ func NewServerCommand(ctx context.Context) *cobra.Command {
return o.SearchStorageOptions
}))
expvar.Publish("AIOptions", expvar.Func(func() interface{} {
return o.AIOptions
displayOpts := *o.AIOptions
displayOpts.AIAuthToken = "[hidden]"
return &displayOpts
}))
expvar.Publish("Version", expvar.Func(func() interface{} {
return version.GetVersion()
Expand Down
30 changes: 29 additions & 1 deletion pkg/core/route/route.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,10 @@
package route

import (
"encoding/json"
"errors"
"expvar"
"net/http"

docs "github.com/KusionStack/karpor/api/openapispec"
aggregatorhandler "github.com/KusionStack/karpor/pkg/core/handler/aggregator"
Expand Down Expand Up @@ -125,7 +127,7 @@ func NewCoreRoute(
router.Get("/endpoints", endpointhandler.Endpoints(router))

// Expose server configuration and runtime statistics.
router.Get("/server-configs", expvar.Handler().ServeHTTP)
router.Get("/server-configs", customVarHandler().ServeHTTP)

healthhandler.Register(router, generalStorage)
return router, nil
Expand Down Expand Up @@ -189,3 +191,29 @@ func setupRestAPIV1(
r.Get("/resource-groups/{resourceGroupRuleName}", resourcegrouphandler.List(resourceGroupMgr))
r.Get("/authn", authnhandler.Get())
}

func customVarHandler() http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")

w.Write([]byte("{"))
first := true

expvar.Do(func(kv expvar.KeyValue) {
if kv.Key == "memstats" || kv.Key == "cmdline" {
return // Skip memstats and cmdline
}
if !first {
w.Write([]byte(","))
} else {
first = false
}

b, _ := json.Marshal(kv.Key)
w.Write(b)
w.Write([]byte(":"))
w.Write([]byte(kv.Value.String()))
})
w.Write([]byte("}"))
})
}

0 comments on commit 4165ce0

Please sign in to comment.