TripleParity / docks-api

RESTful API Server for Docks
https://tripleparity.github.io/docks-api/stack-api-spec.html
GNU General Public License v3.0
0 stars 0 forks source link

Eliminate 'pass through tunnel' #20

Closed FJMentz closed 6 years ago

FJMentz commented 6 years ago

I feel this is a big issue to discuss in a face-to-face meeting but here is the basics:

I want to move all the 'direct' calls [from the frontend (docks-ui) to docker] to backend (docks). In example: In frontend I want to make a request getAmountContainers and pass x through (an amount) and the backend should implement the functionality to get containers from docker's api and do the filtering (like only send through x amount of containers) back.

This will make the api more api like and also move all 'vulnerabilities' to the backend and give the frontend only the needed 'functions' making it a bit more secure? I feel this is should be done.

Can I please have some feedback on this from everyone? Also can we discuss this on slack and if needed in person?

Jason-vh commented 6 years ago

As I said to Raymond in our last meeting, this is a requirement - that API passthrough is fine for temporary development, but it can't be used in a production environment.

egeldenhuys commented 6 years ago

The Docker API will have to be wrapped in order to provide authorization

egeldenhuys commented 6 years ago

Side effect from implementing other features.