fix(credential-provider): check acr pattern to avoid spoofing #8255
Conversation
Signed-off-by: Qingchuan Hao <[email protected]>
k8s-ci-robot
added
release-note
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: mainred The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
Hi @mainred. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
k8s-ci-robot
added
needs-ok-to-test
|
@bahe-msft I did not use the function you suggested https://github.com/kubernetes/kubernetes/blob/2bda5dd8c794d933145938affca30f012986e8fa/pkg/credentialprovider/keyring.go#L184-L194 because when it comes down credential provider from kubelet, it's a determined acr image, so we just need to follow acr pattern to do the match and validation |
|
/ok-to-test |
k8s-ci-robot
added
ok-to-test
|
Looks good, let's wait for e2e validation results |
| imageWithoutRegistry := strings.Trim(targetImage, targetRegistry) | ||
| // for non customer cloud case, return registry only when: | ||
| // - the acr pattern match | ||
| // - the left string is empty or // credential provider authenticates the image pull request, but not validates the existence of the image |
There was a problem hiding this comment.
fortunately, use acr with repo will raise authorization failure because kubelet will pull this kind of image from docker hub
Failed to pull image "qingchuanhao.azurecr.io": failed to pull and unpack image "docker.io/library/qingchuanhao.azurecr.io:latest": failed to resolve reference "docker.io/library/qingchuanhao.azurecr.io:latest": pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed
There was a problem hiding this comment.
containers:
- name: container
image: qingchuanhao.azurecr.io
| @@ -205,8 +205,8 @@ func TestProcessImageWithMirrorMapping(t *testing.T) { | |||
| for _, test := range testcases { | |||
| t.Run(test.description, func(t *testing.T) { | |||
| targetloginServer, sourceloginServer := acrProvider.parseACRLoginServerFromImage(test.image) | |||
| assert.Equal(t, targetloginServer, test.expectedLoginServer) | |||
There was a problem hiding this comment.
For assert.Equal, expected variable comes before actual variable.
https://github.com/stretchr/testify/blob/master/assert/assertions.go#L460
What type of PR is this?
/kind bug
What this PR does / why we need it:
There's a potential spoofing when the image
".azurecr.io.example.com/ubuntu2:latest when sent to the credential provider plugin, it will fetch credential from .azurecr.io unexpectedly
Currently it's not possible considering kubelet will not call credential provider plugin since the ".azurecr.io.example.com/ubuntu2:latest" does not match the matchImages defined below.
Also the credential provider plugin as a binary is installed on k8s node, is currently only called by kubelet if there's no manual operation.
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: