pecan icon indicating copy to clipboard operation
pecan copied to clipboard
verified publisher icon PecanProject

Migrate Monitor (monitor.py)from using http.server

Open Chris-Schnaufer opened this issue 4 years ago • 3 comments

Bug Description

The Monitor code is using http.server which is not recommended for production environments since Python 3.6: https://docs.python.org/3.6/library/http.server.html.

Continuing to use http.server introduces vulnerabilities since the port it uses is exposed (per https://pecanproject.github.io/pecan-documentation/develop/pecan-docker.html#pecan-dc-monitor)

To Reproduce

Build a Monitor docker image, or use an existing image, and run it. This exposes port 9999 to the outside world and requests are handled by code that is not recommended to be used in a production environment.

Expected behavior

Production-ready code/libraries are used

Screenshots

N/A

Machine (please complete the following information):

N/A

Additional context

Chris-Schnaufer avatar Jun 18 '21 18:06 Chris-Schnaufer

do you have any recommendations for libraries to use?

robkooper avatar Jun 18 '21 18:06 robkooper

I use/have used Flask with Gunicorn, and others. There are many choices listed here (but not limited to these): https://docs.python-guide.org/scenarios/web/ and here: https://wiki.python.org/moin/WebFrameworks. Not being familiar with Monitor, I'm not sure what the best one(s) are.

Chris-Schnaufer avatar Jun 18 '21 19:06 Chris-Schnaufer

This issue is stale because it has been open 365 days with no activity.

github-actions[bot] avatar Jun 19 '22 00:06 github-actions[bot]