Molecule AI Core-BE
6947774e1b
collectCPConfigFiles was added in PR #1075 (OFFSEC-010) but never called — the symlink guards were dead code. This patch wires the function into CPProvisioner.Start so the guards actually protect the CP request path. Changes: 1. cpProvisionRequest gains ConfigFiles map[string]string field (base64-encoded, same shape as Docker provisioner's WriteFilesToContainer) 2. Start calls collectCPConfigFiles(cfg) before building the request; errors propagate as hard failures (a workspace without its config files is not usable) 3. Two new tests: - TestStart_CollectsConfigFiles: verifies TemplatePath files AND ConfigFiles map appear in the CP request body, base64-encoded - TestStart_SymlinkTemplatePathError: verifies a symlink TemplatePath causes Start to fail, exercising the OFFSEC-010 root-symlink guard Without this wiring, a malicious operator could bypass the WalkDir symlink guards by passing TemplatePath as a symlink to the CP. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| cmd | ||
| internal | ||
| migrations | ||
| pkg/provisionhook | ||
| .air.toml | ||
| .ci-force | ||
| .gitignore | ||
| .golangci.yaml | ||
| Dockerfile | ||
| Dockerfile.dev | ||
| Dockerfile.tenant | ||
| entrypoint-tenant.sh | ||
| go.mod | ||
| go.sum | ||