Skip to content

Add internal-only debug endpoints

What we're after

There are several endpoints I'd like to have accessible internally only:

  • Change log level
  • pprof
  • River UI

Hypothesized benefit(s)/why:

Troubleshooting and operator admin tasks, besides billing admin tasks covered in product#3304.

Security considerations

  • Must be internal only. If waiting on product#3303 , could make them only available on localhost. If authn & authz is solved, GSA IPs + Ops UAA would be ok.

Notes for implementers

  • Recommend hosting on a different port so we can route it differently in CF. This will require a separate mux and a second ListenAndServe. May require refactoring in internal/server.
  • Consider using the /z/ convention as a root path.
  • River supports mounting the UI in client Go apps. See issues https://github.com/riverqueue/riverui/issues/107 and PR https://github.com/riverqueue/riverui/pull/133. See if pprof supports the same.
  • Log level will also be set by product#3315; consider how they will interact.

Related issues/sub-projects

(Some linked above)