Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: enhance "--insecure" option for stacker builds #311

Open
rchincha opened this issue Sep 27, 2022 · 3 comments
Open

feat: enhance "--insecure" option for stacker builds #311

rchincha opened this issue Sep 27, 2022 · 3 comments
Labels
enhancement
Milestone
v1.0.1

Comments

@rchincha
Copy link
Contributor

rchincha commented Sep 27, 2022
edited
Loading

Add a stacker build --insecure so that when the build encounters a from: remote url, the build will proceed only if from signed/trusted sources. NOTE that insecure mode is currently the default, but we should move to secure by default and make insecure explicit.

The following options must be supported.

References:

docker trust inspect alpine:edge
https://github.com/docker/cli/blob/master/cli/command/trust/inspect.go#L22

https://github.com/sigstore/cosign

https://github.com/notaryproject/notation
@rchincha rchincha changed the title add a "--verify" option for stacker builds add a "--insecure" option for stacker builds Oct 19, 2022
@rchincha
Copy link
Contributor Author

rchincha commented Dec 14, 2022
edited
Loading

stacker already supports a insecure: directive

insecure should mean:

  1. try https best effort - bad/unknown CA ignored
  2. else fallback to http
  3. also ignore signatures

Also, does this have to be a build arg on cmdline or in the stacker.yaml, or both?

stacker build --substitute INSECURE=true
...
insecure: ${{INSECURE}}

@rchincha rchincha changed the title add a "--insecure" option for stacker builds feat: enhance "--insecure" option for stacker builds Dec 14, 2022
@rchincha
Copy link
Contributor Author

Also, insecure: false by default

@rchincha rchincha modified the milestones: v0.40.1, v0.40.2 Dec 14, 2022
@rchincha rchincha modified the milestones: v0.40.2, v1.0.0 Jan 9, 2023
@smoser
Copy link
Contributor

smoser commented Jan 25, 2023

stacker already supports a insecure: directive

insecure should mean:

1. try https best effort - bad/unknown CA ignored
2. else fallback to http
3. also ignore signatures

That is a lot of things for one flag.
perhaps something more fine-grained?

I would also like to request that we avoid negative terms. Ie, i'd rather have the keyword 'secure' and it default to 'true' than 'insecure' and it default to 'false'. doulbe negatives just cause confusion.

rchincha added a commit to rchincha/stacker that referenced this issue Feb 27, 2023
@rchincha
feat(insecure): ensure builds are secure by default
7c91ef8 
BREAKING CHANGE: `insecure:` directive is now `true` by default.
Previously, it was `false`.

Fixes issue project-stacker#311

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
@rchincha rchincha mentioned this issue Feb 27, 2023
Draft
rchincha added a commit to rchincha/stacker that referenced this issue Feb 28, 2023
@rchincha
feat(insecure): ensure builds are secure by default
53612c8 
BREAKING CHANGE: `insecure:` directive is now `true` by default.
Previously, it was `false`.

Fixes issue project-stacker#311

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
@rchincha rchincha modified the milestones: v1.0.0, v1.0.1 Dec 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
v1.0.1
Development

No branches or pull requests
2 participants
@smoser @rchincha