Project

General

Profile

Actions

Architecture #4174

closed

Deprecate API v1

Added by François ARMAND about 9 years ago. Updated about 2 years ago.

Status:
Resolved
Priority:
3
Assignee:
-
Category:
API
Target version:
Effort required:
Regression:

Description

We want to get rid of API v1, as it is not a good thing from a security point of view.

Before being able to deprecate it, we need to

- list all of there current use cases
- port functionality to API v2,
- find workaround or usage evolution for past use case not cover at identity.

That last point is important, especially if a feature relies one the non-authenticated aspect of API

To remember purpose, API v1 covers:

- api/status
- api/deploy/reload
- api/dyngroup/reload
- api/techniqueLibrary/reload
- api/archives/{list, archive, restore, zip}/...

A quick search raise the following usage in our code base:

- in Techniques
- initial-promises and system technique "distributePolicy", in aliveCheck.cf => "sites_to_check": /api/status
- system technique "distributePolicy", techniqueReload.st => root_technique_reload_rest_url: /api/techniqueLibrary/reload
- some tools look for Rudder status with "curl -s http://localhost/rudder/api/status"

So, before trying to decide what to do, do I miss other usage ?

Matthieu, assigned to you so that you see it, but it's just because I feel that the main usage of these API v1 may be in tooling around Rudder and Techniques... So as soon as you don't see any other usage, please pass the token to other (NicoP, NicoC, etc) so that they can react.


Subtasks 2 (0 open2 closed)

Architecture #12565: V1 api uses case listingRejectedPierre HAYActions
Architecture #12577: API : upgrade of reload API endpoints to actual versionRejectedPierre HAYActions

Related issues 2 (0 open2 closed)

Related to Rudder - User story #12516: Create system Rest API to replace V1 APIReleasedVincent MEMBRÉActions
Related to Rudder - Bug #18511: Remove API v1 endpointsReleasedVincent MEMBRÉActions
Actions #1

Updated by Vincent MEMBRÉ about 9 years ago

why not having a "default" api account that can only access to /api/status and /technique/reload, having a fixed token?

Actions #2

Updated by François ARMAND about 9 years ago

How did you imagine that ?
I see at least two problem to overtake with that solution: the first is because we don't have authorization by API.
The second is: because having a default token-name with a fixed token is like having no authentication at all - and so, well, it's simpler to just kept the current situation.

Actions #3

Updated by Vincent MEMBRÉ about 9 years ago

  • Target version changed from 2.9.0~rc1 to 2.9.0~rc2

This won't be done for beta1

Actions #4

Updated by Vincent MEMBRÉ about 9 years ago

  • Target version changed from 2.9.0~rc2 to 2.9.0

Delayed to 2.9 finale release

Actions #5

Updated by François ARMAND about 9 years ago

  • Assignee changed from Matthieu CERDA to Nicolas CHARLES
  • Target version changed from 2.9.0 to 2.10.0~beta1
Actions #6

Updated by Nicolas CHARLES almost 9 years ago

And we also have rewrite in the apache configuration

The technique reload is necessary after upgrade, and used by touching a file on the FS, and then promises checking this files existance, and curling the API
The site status is only for checking site availability, and restarting various part in case of failure

How could we replace these calls ?

Actions #7

Updated by François ARMAND almost 9 years ago

I feels like the status URL could be kept. It has zero impact (no read nowhere, no update, nothing), just handling a URL, so nothing more than the login page. And if that one does not follow standard API naming (and can be called without authz token), that seems to be OK.

For technique reloading, it seems that we could have it in the standard API. But in that case, it means that local script need to have a token (not sur it is already the case).

Actions #8

Updated by Vincent MEMBRÉ almost 9 years ago

  • Target version changed from 2.10.0~beta1 to 2.10.0
Actions #9

Updated by Vincent MEMBRÉ almost 9 years ago

  • Target version changed from 2.10.0 to 2.11.0~beta1
Actions #10

Updated by Jonathan CLARKE over 8 years ago

  • Target version changed from 2.11.0~beta1 to 140
Actions #11

Updated by Matthieu CERDA over 8 years ago

  • Target version changed from 140 to 3.0.0~beta1
Actions #12

Updated by Jonathan CLARKE about 8 years ago

  • Target version changed from 3.0.0~beta1 to 3.1.0~beta1
Actions #13

Updated by Benoît PECCATTE almost 8 years ago

  • Status changed from 8 to New
Actions #14

Updated by Vincent MEMBRÉ over 7 years ago

  • Target version changed from 3.1.0~beta1 to 3.1.0~rc1
Actions #15

Updated by Vincent MEMBRÉ over 7 years ago

  • Target version changed from 3.1.0~rc1 to 3.1.0
Actions #16

Updated by Vincent MEMBRÉ over 7 years ago

  • Target version changed from 3.1.0 to 3.1.1
Actions #17

Updated by Vincent MEMBRÉ over 7 years ago

  • Target version changed from 3.1.1 to 3.1.2
Actions #18

Updated by Jonathan CLARKE over 7 years ago

  • Target version changed from 3.1.2 to 3.2.0~beta1
Actions #19

Updated by Vincent MEMBRÉ about 7 years ago

  • Target version changed from 3.2.0~beta1 to 3.2.0~rc1
Actions #20

Updated by Benoît PECCATTE about 7 years ago

  • Target version changed from 3.2.0~rc1 to 3.2.0~rc2
Actions #21

Updated by Benoît PECCATTE about 7 years ago

  • Target version changed from 3.2.0~rc2 to 3.2.0
Actions #22

Updated by Vincent MEMBRÉ about 7 years ago

  • Target version changed from 3.2.0 to 3.2.1
Actions #23

Updated by Vincent MEMBRÉ almost 7 years ago

  • Target version changed from 3.2.1 to 3.2.2
Actions #24

Updated by Alexis Mousset almost 7 years ago

  • Target version changed from 3.2.2 to 4.0.0~rc2
Actions #25

Updated by François ARMAND over 6 years ago

Again missed the line. But 4.1 will have a focus on API !

Actions #26

Updated by François ARMAND over 6 years ago

  • Target version changed from 4.0.0~rc2 to 4.1.0~beta1
Actions #27

Updated by Vincent MEMBRÉ about 6 years ago

  • Target version changed from 4.1.0~beta1 to 4.1.0~beta2
Actions #28

Updated by Vincent MEMBRÉ almost 6 years ago

  • Target version changed from 4.1.0~beta2 to 4.1.0~beta3
Actions #29

Updated by Vincent MEMBRÉ almost 6 years ago

  • Target version changed from 4.1.0~beta3 to 4.1.0~rc1
Actions #30

Updated by François ARMAND almost 6 years ago

  • Target version changed from 4.1.0~rc1 to 4.2.0~beta1
Actions #31

Updated by Benoît PECCATTE almost 6 years ago

  • Subject changed from Deprecated API v1 to Deprecate API v1
  • Description updated (diff)
Actions #32

Updated by Alexis Mousset over 5 years ago

  • Target version changed from 4.2.0~beta1 to 4.2.0~beta2
Actions #33

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.2.0~beta2 to 4.2.0~beta3
Actions #34

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.2.0~beta3 to 4.2.0~rc1
Actions #35

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.2.0~rc1 to 4.2.0~rc2
Actions #36

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.2.0~rc2 to 4.2.0
Actions #37

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.2.0 to 4.2.1
Actions #38

Updated by Vincent MEMBRÉ over 5 years ago

  • Target version changed from 4.2.1 to 4.2.2
Actions #39

Updated by Vincent MEMBRÉ about 5 years ago

  • Target version changed from 4.2.2 to 4.2.3
Actions #40

Updated by Vincent MEMBRÉ about 5 years ago

  • Target version changed from 4.2.3 to 4.2.4
Actions #41

Updated by Vincent MEMBRÉ almost 5 years ago

  • Target version changed from 4.2.4 to 4.2.5
Actions #42

Updated by Vincent MEMBRÉ almost 5 years ago

  • Target version changed from 4.2.5 to 4.2.6
Actions #43

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 4.2.6 to 4.2.7
Actions #44

Updated by Nicolas CHARLES over 4 years ago

  • Assignee deleted (Nicolas CHARLES)
Actions #45

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 4.2.7 to 414
Actions #46

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 414 to 5.0.0~beta1
Actions #47

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.0~beta1 to 5.0.0~beta2
Actions #48

Updated by Vincent MEMBRÉ over 4 years ago

Actions #49

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.0~beta2 to 5.0.0~rc1
Actions #50

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.0~rc1 to 5.0.0
Actions #51

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.0 to 5.0.1
Actions #52

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.1 to 5.0.2
Actions #53

Updated by Vincent MEMBRÉ about 4 years ago

  • Target version changed from 5.0.2 to 5.0.3
Actions #54

Updated by Vincent MEMBRÉ about 4 years ago

  • Target version changed from 5.0.3 to 5.0.4
Actions #55

Updated by Vincent MEMBRÉ about 4 years ago

  • Target version changed from 5.0.4 to 5.0.5
Actions #56

Updated by Alexis Mousset almost 4 years ago

  • Target version changed from 5.0.5 to 5.0.6
Actions #57

Updated by Vincent MEMBRÉ almost 4 years ago

  • Target version changed from 5.0.6 to 5.0.7
Actions #58

Updated by François ARMAND almost 4 years ago

  • Target version changed from 5.0.7 to 5.0.9
Actions #59

Updated by Vincent MEMBRÉ almost 4 years ago

  • Target version changed from 5.0.9 to 5.0.10
Actions #60

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 5.0.10 to 5.0.11
Actions #61

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 5.0.11 to 5.0.12
Actions #62

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 5.0.12 to 5.0.13
Actions #63

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 5.0.13 to 5.0.14
Actions #64

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 5.0.14 to 5.0.15
Actions #65

Updated by Vincent MEMBRÉ about 3 years ago

  • Target version changed from 5.0.15 to 5.0.16
Actions #66

Updated by Alexis Mousset almost 3 years ago

  • Target version changed from 5.0.16 to 5.0.17
Actions #67

Updated by Vincent MEMBRÉ almost 3 years ago

  • Target version changed from 5.0.17 to 5.0.18
Actions #68

Updated by Benoît PECCATTE almost 3 years ago

  • Target version changed from 5.0.18 to 6.2.0~beta1
Actions #69

Updated by François ARMAND almost 3 years ago

  • Status changed from New to Resolved

It's done!!!

Actions #70

Updated by François ARMAND about 2 years ago

  • Related to Bug #18511: Remove API v1 endpoints added
Actions

Also available in: Atom PDF