Architecture #4174
Updated by BenoƮt PECCATTE over 7 years ago
We want to get rid ride of API v1, as it is has they are not a good thing from a security point of view. Before being able to deprecate it, them, we need to - list all of there current use cases - port functionality fonctionnality to API v2, - find workaround or usage evolution for past use case not cover at identity. That last point is important, especially if a feature relies one the non-authenticated aspect of API To remember purpose, API v1 covers: - api/status - api/deploy/reload - api/dyngroup/reload - api/techniqueLibrary/reload - api/archives/{list, archive, restore, zip}/... A quick search raise the following usage in our code base: - in Techniques - initial-promises and system technique "distributePolicy", in aliveCheck.cf => "sites_to_check": /api/status - system technique "distributePolicy", techniqueReload.st => root_technique_reload_rest_url: /api/techniqueLibrary/reload - some tools look for Rudder status with "curl -s http://localhost/rudder/api/status" So, before trying to decide what to do, do I miss other usage ? Matthieu, assigned to you so that you see it, but it's just because I feel that the main usage of these API v1 may be in tooling around Rudder and Techniques... So as soon as you don't see any other usage, please pass the token to other (NicoP, NicoC, etc) so that they can react.