Skip to content

feat(provisioner): pass owner git ssh key #13366

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
May 29, 2024
Merged

feat(provisioner): pass owner git ssh key #13366

merged 4 commits into from
May 29, 2024

Conversation

johnstcn
Copy link
Member

@johnstcn johnstcn commented May 24, 2024
edited
Loading

Related to coder/terraform-provider-coder#219
Passes owner git SSH key to proto metadata that gets passed to the terraform provider.

NOTE: requires a release of coder/terraform-provider-coder before merge.

@johnstcn johnstcn self-assigned this May 24, 2024
dannykopping
dannykopping approved these changes May 27, 2024
View reviewed changes
provisioner/terraform/provision.go
@@ -202,6 +202,8 @@ func provisionEnv(
"CODER_WORKSPACE_OWNER_NAME="+metadata.GetWorkspaceOwnerName(),
"CODER_WORKSPACE_OWNER_OIDC_ACCESS_TOKEN="+metadata.GetWorkspaceOwnerOidcAccessToken(),
"CODER_WORKSPACE_OWNER_GROUPS="+string(ownerGroups),
"CODER_WORKSPACE_OWNER_SSH_PUBLIC_KEY="+metadata.GetWorkspaceOwnerSshPublicKey(),
"CODER_WORKSPACE_OWNER_SSH_PRIVATE_KEY="+metadata.GetWorkspaceOwnerSshPrivateKey(),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this safe to do?

I suppose if the provisioner is compromised all bets are off, but just curious if there is anything we should be sensitive to here in relation to passing the privkey around.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The safety of these values is predicated on
a) trusting the provisioner that's executing the job,
b) trusting the communication channel between the provisioner and coder.

So if someone can either access the environment variables of the terraform-provider-coder process, or intercept the communication path between provisionerd and coderd, then all bets are off.

Apart from that, this is a sensitive variable just like the OIDC access token or Coder session token that get passed in the same way.

@johnstcn johnstcn force-pushed the cj/provisionerd-ssh-key branch from 2254e0e to 3a9a7d1 Compare May 28, 2024 12:02
@johnstcn johnstcn changed the title feat(provisionerdserver): pass owner git ssh key feat(provisioner): pass owner git ssh key May 29, 2024
mafredri
mafredri approved these changes May 29, 2024
View reviewed changes
Copy link
Member

@mafredri mafredri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd like to see a bit more error handling, but other than that, LGTM!

@johnstcn johnstcn merged commit cca3cb1 into main May 29, 2024
30 checks passed
@johnstcn johnstcn deleted the cj/provisionerd-ssh-key branch May 29, 2024 10:43
@github-actions github-actions bot locked and limited conversation to collaborators May 29, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@mafredri mafredri mafredri approved these changes

@dannykopping dannykopping dannykopping approved these changes

Assignees

@johnstcn johnstcn

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@johnstcn @mafredri @dannykopping