search

asciidoctor / asciidoctor-kroki

Asciidoctor.js extension to convert diagrams to images using Kroki!
https://kroki.io/
MIT License
146 stars 47 forks source link

Add configuration to disable fallback to https://kroki.io #70

Closed mirogta closed 4 years ago

mirogta commented 4 years ago

Story: As an architect/developer I want to disable the fallback to https://kroki.io via configuration So that we don't share sensitive diagrams with Intellectual Property content with any 3rd party like kroki.io and always use our own instance running the eyuzutech/kroki container.

Scenario - Configuration When the asciidoctor-kroki plugin is loaded Then it takes into account a new fallback configuration key which allows to disable the fallback to https://kroki.io

Scenario - Default Configuration is Enabled When the asciidoctor-kroki plugin is loaded Then the default fallback configuration is enabled And the diagram generation falls back to https://kroki.io

Scenario - Configuration is Disabled When the asciidoctor-kroki plugin is loaded And the fallback configuration is disabled Then the diagram generation does not fall back to any default URL

ggrossetie commented 4 years ago

Hello again @mirogta

As you figured it out, the only way to prevent that is to block the access to kroki.io on your corporate network. Otherwise, even if we add a configuration to enable/disable the fallback, it will be prone to error. Arguably, we could also use a "blank" value as the default server but even then you will depend on the default configuration on other tools. For instance, the VS code plugin could decide that it's more praticable to use kroki.io and to enable this extension by default.

mirogta commented 4 years ago

OK, thank you, feel free to close this then.

Blocking kroki.io is an option indeed but we don't want to do that, so that PM's can still access the kroki.io website to see what it's about and devs can still access the examples which unfortunately live on https://kroki.io/examples.html as well, rather than on https://docs.kroki.io/kroki/ (examples page there just points to https://kroki.io/examples.html).

I've raised this with kroki (https://github.com/yuzutech/kroki/issues/222) - if at least the examples can be moved to docs, so that we can effectively block (un-whitelist) kroki.io in a corporate firewall.

ggrossetie commented 4 years ago

Fair enough, let's continue the discussion over yuzutech/kroki#222 :grinning: