Closed mirogta closed 4 years ago
Hello again @mirogta
As you figured it out, the only way to prevent that is to block the access to kroki.io on your corporate network. Otherwise, even if we add a configuration to enable/disable the fallback, it will be prone to error. Arguably, we could also use a "blank" value as the default server but even then you will depend on the default configuration on other tools. For instance, the VS code plugin could decide that it's more praticable to use kroki.io and to enable this extension by default.
OK, thank you, feel free to close this then.
Blocking kroki.io is an option indeed but we don't want to do that, so that PM's can still access the kroki.io website to see what it's about and devs can still access the examples which unfortunately live on https://kroki.io/examples.html as well, rather than on https://docs.kroki.io/kroki/ (examples page there just points to https://kroki.io/examples.html).
I've raised this with kroki (https://github.com/yuzutech/kroki/issues/222) - if at least the examples can be moved to docs, so that we can effectively block (un-whitelist) kroki.io in a corporate firewall.
Fair enough, let's continue the discussion over yuzutech/kroki#222 :grinning:
Story: As an architect/developer I want to disable the fallback to https://kroki.io via configuration So that we don't share sensitive diagrams with Intellectual Property content with any 3rd party like kroki.io and always use our own instance running the eyuzutech/kroki container.
Scenario - Configuration When the asciidoctor-kroki plugin is loaded Then it takes into account a new fallback configuration key which allows to disable the fallback to https://kroki.io
Scenario - Default Configuration is Enabled When the asciidoctor-kroki plugin is loaded Then the default fallback configuration is enabled And the diagram generation falls back to https://kroki.io
Scenario - Configuration is Disabled When the asciidoctor-kroki plugin is loaded And the fallback configuration is disabled Then the diagram generation does not fall back to any default URL