1. Who is the customer behind the request?
Account: name (acct #) Industria de Diseño Textil SA
TAM customer: yes
CSM customer: yes
Strategic: yes

2. What is the nature and description of the request?: Allow disabling /debug/pprof endpoint in Quay

3. Why does the customer need this? (List the business requirements here):
The debug/pprof endpoint in Quay is exposed. This is caused by the Pushgateway process in Quay.

At the moment, the same procedure to fetch Pushgateway for upstream images is also used downstream. This means that whatever upstream Pushgateway community decides, it also applies to the Pushgateway binary we provide with Quay. It's up to them to either disable the endpoint completely (as was suggested in the Github issue you linked) or give some other means of disabling that endpoint.

There is an open discussion in
https://github.com/prometheus/pushgateway/discussions/520
to disable it.

We should have the possibility of disabling it as some customers are concerned about the security issue is having this endpoint exposed.

4. How would the customer like to achieve this? (List the functional requirements here): There should be a configurable option in Quay config file to disable the /debug/pprof endpoint.

5. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.

6. Is there already an existing RFE upstream or in Red Hat Bugzilla?: No

7. Does the customer have any specific time-line dependencies and which release would they like to target (i.e. RHEL5, RHEL6)?: No

8. Is the sales team involved in this request and do they have any additional input?: No

9. List any affected packages or components: Quay and Pushgateway

10. Would the customer be able to assist in testing this functionality if implemented?: Yes