Document security considerations for detailed healthcheck

The detailed healthcheck output includes some potentially sensitive information like stack traces of the service. This may be unacceptable in some organizations and we should point it out in the help for the option. Change-Id: Ic10c29f39ef601e4c7873acb0d56e1ec8e4ebcb3
author: Ben Nemec <bnemec@redhat.com> 2018-10-05 19:45:38 +0000
committer: Ben Nemec <bnemec@redhat.com> 2018-10-05 19:47:21 +0000
commit: 1af38387a24532c8c90bc3da5fef4fed7e5b76c9 (patch)
tree: a434a28f8f40b7030bd91ecacd63648d5fc85d20
parent: dc2ba62297b5b8a8c9eeecbe2a4678fe4844a1f7 (diff)
download: oslo-middleware-1af38387a24532c8c90bc3da5fef4fed7e5b76c9.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/oslo_middleware/healthcheck/opts.py b/oslo_middleware/healthcheck/opts.py
index ff39e98..5e4dffe 100644
--- a/oslo_middleware/healthcheck/opts.py
+++ b/oslo_middleware/healthcheck/opts.py
@@ -20,7 +20,11 @@ HEALTHCHECK_OPTS = [
                help='The path to respond to healtcheck requests on.'),
     cfg.BoolOpt('detailed',
                 default=False,
-                help='Show more detailed information as part of the response'),
+                help='Show more detailed information as part of the response. '
+                     'Security note: Enabling this option may expose '
+                     'sensitive details about the service being monitored. '
+                     'Be sure to verify that it will not violate your '
+                     'security policies.'),
     cfg.ListOpt('backends',
                 default=[],
                 help='Additional backends that can perform health checks and '
author	Ben Nemec <bnemec@redhat.com>	2018-10-05 19:45:38 +0000
committer	Ben Nemec <bnemec@redhat.com>	2018-10-05 19:47:21 +0000
commit	1af38387a24532c8c90bc3da5fef4fed7e5b76c9 (patch)
tree	a434a28f8f40b7030bd91ecacd63648d5fc85d20
parent	dc2ba62297b5b8a8c9eeecbe2a4678fe4844a1f7 (diff)
download	oslo-middleware-1af38387a24532c8c90bc3da5fef4fed7e5b76c9.tar.gz