Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

remove stats as default #616

Merged
merged 1 commit into from
Jan 30, 2025
Merged

remove stats as default #616

merged 1 commit into from
Jan 30, 2025

Conversation

elfranne
Copy link

@elfranne elfranne commented Aug 9, 2024
edited
Loading

Fix for #590

This is not a default parameter from Haproxy, and is bad practice to open up stats to all.
This is also not enabled on BSD.

@elfranne elfranne requested review from bastelfreak and a team as code owners August 9, 2024 10:51
@matejzero
Copy link

Can this be merged. It is indeed a bad practice to enable stats on every frontend by default.

@elfranne
Copy link
Author

any update on this ?

@elfranne
Copy link
Author

Maybe @skyamgarp can help ?

@malikparvez
Copy link
Member

@elfranne could you please fix the failing specs & squash the commits later?

@elfranne
Copy link
Author

elfranne commented Dec 6, 2024

let's see if the tests works this time.

@jonathanmarsaud
Copy link

This is a security issue. By default this module opens stats to the whole public, and the option can be just set to auth login:pass and not completely disabled.

@elfranne
Copy link
Author

You can always add stats where you want with authentication, I just don't want to be enabled as default everywhere.

@ncode
Copy link

ncode commented Jan 27, 2025
edited
Loading

Since the new merge_options parameter defaults to true, every single installation that decided to use custom options to disable 'stats enabled' will get it automatically back as side effect.

@elfranne @amitkarsale
remove stats as default
84d27d0 
PF-3525 : pdk update for module

(CAT-2101) Add support for Debian-12

(CAT-2101) test comit

(CAT-2101) test commit

(CAT-2158) Upgrade rexml to address CVE-2024-49761

remove stats from checks
@amitkarsale amitkarsale merged commit 521286a into puppetlabs:main Jan 30, 2025
42 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amitkarsale amitkarsale amitkarsale approved these changes

@span786 span786 span786 approved these changes

@bastelfreak bastelfreak Awaiting requested review from bastelfreak bastelfreak is a code owner

Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@elfranne @matejzero @malikparvez @jonathanmarsaud @ncode @amitkarsale @span786