-
Notifications
You must be signed in to change notification settings - Fork 831
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(agent): Fix for agent leaking Rclone storage secrets via logs #4967
fix(agent): Fix for agent leaking Rclone storage secrets via logs #4967
Conversation
The updated URI may contain storage credentials; we cannot be sure, so we do not copy it.
These may contain storage credentials, and we do not know what a caller may use this for or if it may log this.
These configs may contain storage credentials, which are secret and should not be leaked.
@@ -331,7 +341,10 @@ func (r *RCloneClient) Copy(modelName string, srcUri string, config []byte) (str | |||
CreateEmptySrcDirs: true, | |||
} | |||
|
|||
r.logger.Infof("Copy from %s (original %s) to %s", srcUpdated, srcUri, dst) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ℹ️ There was leaking of credentials here from srcUpdated
@@ -340,7 +353,7 @@ func (r *RCloneClient) Copy(modelName string, srcUri string, config []byte) (str | |||
|
|||
_, err = r.call(b, RcloneSyncCopyPath) | |||
if err != nil { | |||
return "", fmt.Errorf("Failed to sync/copy %s to %s %w", srcUpdated, dst, err) | |||
return "", fmt.Errorf("Failed to sync/copy %s to %s %w", srcUri, dst, err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ℹ️ There was leaking of credentials here from srcUpdated
for _, config := range config.Rclone.Config { | ||
logger.Infof("Loading rclone config %s", config) | ||
logger.Info("loading Rclone config") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ℹ️ There was leaking of credentials here from config
, as that is the raw bytes which may include credentials
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks all good
What this PR does / why we need it:
At present, the SCv2 agent has a bad habit of logging entire Rclone storage configurations, which may contain credentials. Any such credentials are sensitive and should be treated carefully to minimise the risk of exposure.
This PR fixes not only the particular case identified in #4949 but also some similar issues I have discovered by scanning through how our Rclone client interacts with storage secrets/configs.
Which issue(s) this PR fixes:
Fixes #4949
Special notes for your reviewer:
Testing is outstanding. I'll add notes on reproducing my testing setup shortly, as I work through testing.
Testing
It seems there isn't a way to pass storage secrets directly any more, so I've created a fresh
kind
cluster in order to use k8s secrets:Before
In k8s, I can see the below when using the default secret for the Seldon-provided iris model:
In Docker Compose, I could also see this line (in k8s there's an equivalent
loading Rclone secret
which doesn't leak info):After
I updated the image using the following:
Agent logs:
I'll update the fields in the structured logs, as space-separated terms don't render clearly and reusing the term
source
is slightly confusing.