Fix potential controller sensitive data exposure by sprig template functions #1703

RaveNoX · 2025-03-14T09:52:54Z

Description of the change

Fixing potential controller environment exposure by removing some sprig template functions:

env, expandenv - controller environment variables exposure (which can contain sensitive data)
getHostByName - add possibility to resolve dns entries from templates, which is not secure in some cases

This potential exposure is added by PR #1542 where security risks was described in "possible drawbacks" section.

Also, sprig func map is now initialized due module initialization and reusing for rendering, which may improve performance.

In fact is just port of the argocd solution, which described in initial PR #1542

Benefits

Possible drawbacks

No one

Applicable issues

Additional information

Signed-off-by: Artur Kraev <[email protected]>

alvneiayu · 2025-03-27T12:35:30Z

thanks a lot for your work @RaveNoX

RaveNoX requested review from alvneiayu and agarcia-oss as code owners March 14, 2025 09:52

Remove some sprig functions to prevent controller environment exposure

6521a86

Signed-off-by: Artur Kraev <[email protected]>

RaveNoX force-pushed the sprig-controller-exposure branch from 92cecc9 to 6521a86 Compare March 14, 2025 09:58

Merge branch 'bitnami-labs:main' into sprig-controller-exposure

f8df4a1

alvneiayu approved these changes Mar 27, 2025

View reviewed changes

alvneiayu merged commit ab00d33 into bitnami-labs:main Mar 27, 2025
15 checks passed

Provide feedback