Add few more sentences for the debug endpoint

Initially I misunderstood that the debug endpoint has to be disabled in production environments. That's why I created https://github.com/distribution/distribution/issues/4084 and https://github.com/distribution/distribution/issues/4085.
But it turns out that the docs want to state the the debug endpoint should not be exposed publicly to the internet.

Signed-off-by: ialidzhikov <i.alidjikov@gmail.com>
This commit is contained in:
ialidzhikov 2023-10-02 11:00:56 +03:00
parent 3fc1216dc3
commit 993af6fefd

View file

@ -821,6 +821,8 @@ can be helpful in diagnosing problems. The debug endpoint can be used for
monitoring registry metrics and health, as well as profiling. Sensitive monitoring registry metrics and health, as well as profiling. Sensitive
information may be available via the debug endpoint. Please be certain that information may be available via the debug endpoint. Please be certain that
access to the debug endpoint is locked down in a production environment. access to the debug endpoint is locked down in a production environment.
The debug endpoint should not be exposed publicly to the internet.
Instead, keep the debug endpoint private or enforce authentication for it.
The `debug` section takes a single required `addr` parameter, which specifies The `debug` section takes a single required `addr` parameter, which specifies
the `HOST:PORT` on which the debug server should accept connections. the `HOST:PORT` on which the debug server should accept connections.