hide clusters from dashboard when API server SKYPILOT_DEBUG is set #8339
Conversation
Summary of ChangesHello @cg505, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request enhances security by ensuring that API requests initiated from the dashboard do not inadvertently expose internal API server environment variables. It achieves this by introducing a specific flag for dashboard-originated requests, which then triggers a server-side filter to restrict the environment variables included in the request payload to only those essential for user identification and usage tracking. Highlights
🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console. Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a security enhancement to prevent sensitive API server environment variables, such as SKYPILOT_DEBUG, from influencing queries originating from the dashboard. The approach of using a from_dashboard flag is sound. However, the server-side implementation for filtering these environment variables is not fully robust and could be susceptible to causing server errors if it receives a malformed request. I have provided a suggestion to improve its resilience.
| if data.get('from_dashboard', False): | ||
| # Limit the env vars to avoid leaking other API server env vars like | ||
| # SKYPILOT_DEBUG to the request. | ||
| data['env_vars'] = { | ||
| constants.USER_ID_ENV_VAR: data['env_vars'] | ||
| [constants.USER_ID_ENV_VAR], | ||
| constants.USER_ENV_VAR: data['env_vars'] | ||
| [constants.USER_ENV_VAR], | ||
| usage_constants.USAGE_RUN_ID_ENV_VAR: data['env_vars'][ | ||
| usage_constants.USAGE_RUN_ID_ENV_VAR], | ||
| } |
There was a problem hiding this comment.
The current implementation for filtering env_vars is not fully robust. It directly accesses keys from data['env_vars'] using bracket notation ([]), which will raise a KeyError if a key is missing. It will also raise a TypeError if a client sends a non-dictionary value (like null) for env_vars. This could lead to an unhandled exception and a 500 server error, creating a potential denial-of-service vulnerability from a crafted request.
To make this more robust, it's safer to avoid assumptions about the structure of data['env_vars']. The suggested change uses a more defensive approach to safely handle missing keys or incorrect types, making the logic more resilient.
| if data.get('from_dashboard', False): | |
| # Limit the env vars to avoid leaking other API server env vars like | |
| # SKYPILOT_DEBUG to the request. | |
| data['env_vars'] = { | |
| constants.USER_ID_ENV_VAR: data['env_vars'] | |
| [constants.USER_ID_ENV_VAR], | |
| constants.USER_ENV_VAR: data['env_vars'] | |
| [constants.USER_ENV_VAR], | |
| usage_constants.USAGE_RUN_ID_ENV_VAR: data['env_vars'][ | |
| usage_constants.USAGE_RUN_ID_ENV_VAR], | |
| } | |
| if data.get('from_dashboard', False): | |
| # Limit the env vars to avoid leaking other API server env vars like | |
| # SKYPILOT_DEBUG to the request. | |
| old_env_vars = data.get('env_vars') or {} | |
| allowed_keys = { | |
| constants.USER_ID_ENV_VAR, | |
| constants.USER_ENV_VAR, | |
| usage_constants.USAGE_RUN_ID_ENV_VAR, | |
| } | |
| data['env_vars'] = { | |
| k: v for k, v in old_env_vars.items() if k in allowed_keys | |
| } |
|
|
||
| def __init__(self, **data): | ||
| data['env_vars'] = data.get('env_vars', request_body_env_vars()) | ||
| if data.get('from_dashboard', False): |
There was a problem hiding this comment.
IIUC, the js client will not set env_vars in json body so it get populated with the server's env var in https://github.com/skypilot-org/skypilot/pull/8339/changes#diff-5ca880f8b68852cc1918d53ec44bc5741ee58013ed94ab3ed71266c5af1f916bL151
The dashboard does have no way to access ordinary env vars, but I think we may reuse the env_vars field in dashboard request to reflect client infos like USAGE_RUN_ID. Initiate a request to include a no-op env var (SKYPILOT_IS_FROM_DASHBOARD: true) might be a good beginning I think
2 participants
Tested (run the relevant ones):
bash format.sh/smoke-test(CI) orpytest tests/test_smoke.py(local)/smoke-test -k test_name(CI) orpytest tests/test_smoke.py::test_name(local)/quicktest-core(CI) orpytest tests/smoke_tests/test_backward_compat.py(local)