You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Depending on validating webhook configuration, they can fail open when they are unreachable. Because Pepr is doing a security function, we want to fail on error. Ensure failurePolicy: Fail is set in ValidatingWebhookConfiguration
Describe the solution you'd like
Given an error evaluating a match condition
When the webhook is never called
Then reject the request
Describe alternatives you've considered
(optional) A clear and concise description of any alternative solutions or features you've considered.
## Description
@bburky brought up a potential security thread related to the webhook
configurations's `failurePolicy`. Currently, the failurePolicy is always
ignore and there is no way to change it, this prove be danger to a
ValidatingAdmission Webook or even a Mutating that is supposed to remove
capability and securityContexts because it can cause the webhoook to
_ignore the object and pass it into the cluster_.
During `npx pepr init` there is a prompt about:
```bash
? How do you want Pepr to handle errors encountered during K8s operations? › - Use arrow-keys. Return to submit.
❯ Ignore - Pepr will continue processing and generate an entry in the Pepr Controller log.
Log an audit event
Reject the operation
```
Based on this response, the package.json is populated with `onError`
section:
```json
"pepr": {
"name": "pepr-test-module",
"uuid": "static-test",
"onError": "reject", // <----- HERE
"alwaysIgnore": {
"namespaces": [],
"labels": []
},
"includedFiles": []
},
```
If `reject` is present on the onError section then the failurePolicy
generated during a `npx pepr build` will be `Fail`.
## Related Issue
Fixes#434
<!-- or -->
Relates to #
## Type of change
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)
## Checklist before merging
- [x] Test, docs, adr added or updated as needed
- [x] [Contributor Guide
Steps](https://github.com/defenseunicorns/pepr/blob/main/CONTRIBUTING.md#submitting-a-pull-request)
followed
---------
Signed-off-by: Case Wylie <cmwylie19@defenseunicorns.com>
Is your feature request related to a problem? Please describe.
Depending on validating webhook configuration, they can fail open when they are unreachable. Because Pepr is doing a security function, we want to fail on error. Ensure
failurePolicy: Fail
is set inValidatingWebhookConfiguration
Describe the solution you'd like
Describe alternatives you've considered
(optional) A clear and concise description of any alternative solutions or features you've considered.
Additional context
https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#matching-requests-matchconditions
The text was updated successfully, but these errors were encountered: