TUN-8730: implement diag/configuration

Implements the endpoint that retrieves the configuration of a running instance.

The configuration consists in a map of cli flag to the provided value along with the uid that of the user that started the process

cmd/cloudflared/tunnel/cmd.go

@@ -127,6 +127,92 @@ var (
 		"most likely you already have a conflicting record there. You can also rerun this command with --%s to overwrite "+
 		"any existing DNS records for this hostname.", overwriteDNSFlag)
 	deprecatedClassicTunnelErr = fmt.Errorf("Classic tunnels have been deprecated, please use Named Tunnels. (https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/)")
+	nonSecretFlagsList         = []string{
+		"config",
+		"autoupdate-freq",
+		"no-autoupdate",
+		"metrics",
+		"pidfile",
+		"url",
+		"hello-world",
+		"socks5",
+		"proxy-connect-timeout",
+		"proxy-tls-timeout",
+		"proxy-tcp-keepalive",
+		"proxy-no-happy-eyeballs",
+		"proxy-keepalive-connections",
+		"proxy-keepalive-timeout",
+		"proxy-connection-timeout",
+		"proxy-expect-continue-timeout",
+		"http-host-header",
+		"origin-server-name",
+		"unix-socket",
+		"origin-ca-pool",
+		"no-tls-verify",
+		"no-chunked-encoding",
+		"http2-origin",
+		"management-hostname",
+		"service-op-ip",
+		"local-ssh-port",
+		"ssh-idle-timeout",
+		"ssh-max-timeout",
+		"bucket-name",
+		"region-name",
+		"s3-url-host",
+		"host-key-path",
+		"ssh-server",
+		"bastion",
+		"proxy-address",
+		"proxy-port",
+		"loglevel",
+		"transport-loglevel",
+		"logfile",
+		"log-directory",
+		"trace-output",
+		"proxy-dns",
+		"proxy-dns-port",
+		"proxy-dns-address",
+		"proxy-dns-upstream",
+		"proxy-dns-max-upstream-conns",
+		"proxy-dns-bootstrap",
+		"is-autoupdated",
+		"edge",
+		"region",
+		"edge-ip-version",
+		"edge-bind-address",
+		"cacert",
+		"hostname",
+		"id",
+		"lb-pool",
+		"api-url",
+		"metrics-update-freq",
+		"tag",
+		"heartbeat-interval",
+		"heartbeat-count",
+		"max-edge-addr-retries",
+		"retries",
+		"ha-connections",
+		"rpc-timeout",
+		"write-stream-timeout",
+		"quic-disable-pmtu-discovery",
+		"quic-connection-level-flow-control-limit",
+		"quic-stream-level-flow-control-limit",
+		"label",
+		"grace-period",
+		"compression-quality",
+		"use-reconnect-token",
+		"dial-edge-timeout",
+		"stdin-control",
+		"name",
+		"ui",
+		"quick-service",
+		"max-fetch-size",
+		"post-quantum",
+		"management-diagnostics",
+		"protocol",
+		"overwrite-dns",
+		"help",
+	}
 )
 
 func Flags() []cli.Flag {
@@ -465,7 +551,16 @@ func StartServer(
 		observer.RegisterSink(tracker)
 
 		readinessServer := metrics.NewReadyServer(clientID, tracker)
-		diagnosticHandler := diagnostic.NewDiagnosticHandler(log, 0, diagnostic.NewSystemCollectorImpl(buildInfo.CloudflaredVersion), tunnelConfig.NamedTunnel.Credentials.TunnelID, clientID, tracker)
+		diagnosticHandler := diagnostic.NewDiagnosticHandler(
+			log,
+			0,
+			diagnostic.NewSystemCollectorImpl(buildInfo.CloudflaredVersion),
+			tunnelConfig.NamedTunnel.Credentials.TunnelID,
+			clientID,
+			tracker,
+			c,
+			nonSecretFlagsList,
+		)
 		metricsConfig := metrics.Config{
 			ReadyServer:         readinessServer,
 			DiagnosticHandler:   diagnosticHandler,