Just in case it wasn't clear: the security issue occurs only when running a local flow manager inside of our GCP clusters. That's not a typical use of the local flow manager. The local flow manager is meant to run on a client machine as part of the Morphic client app. In that case, the issue I brought up doesn't exist. This only exists for the specific case of (1) testing the LFM within (2) a production configuration that (3) is running within our GCP cluster. (That's a pretty specific context). Our GCP cluster's security is such that it does not allow any outgoing requests, as I understand it.
Regarding Gregg's question: > Is Github secure enough that we want production code to be downloading > from there? Production *code* is not downloaded based on the changes for GPII-4273. What is downloaded is better described as *data* -- information about the solutions running on the client machine. Regarding Christopher's question: > Can we digitally sign the solutions registry files so that the client > can verify they was created by us? Possibly. That leads to other questions: 1. Is signing sufficient for the testing scenario I've described such that: it justifies a hole in our cluster's security to allow outgoing requests to github from our dev and/or stg clusters? That's a question for dev-ops (at least). Also, it is worth the effort for only this testing scenario? 2. Is this necessary for the typical situation, that is, running the Morphic client app? Do solutions registry files need this level of security? I guess it wouldn't hurt, but I don't have any feel for security issues with the content of a solutions registry file. This feels beyond the scope of GPII-4273. On 2020-04-20 4:40 p.m., Christopher Walker wrote: > Can we digitally sign the solutions registry files so that the client > can verify they was created by us? > > Christopher > > On Mon, Apr 20, 2020 at 16:37 Gregg Vanderheiden RTF > <[email protected] <mailto:[email protected]>> wrote: > > Is Github secure enough that we want production code to be > downloading from there? > > I guess if the URL for downloading is in the siteconfig - we can > easily move it later. > > /gregg/ > > ——————————— > Professor, University of Maryland, College Park > Director , Trace R&D Center, UMD > Co-Founder Raising the Floor. http://raisingthefloor.org > And the Global Public Inclusive Infrastructure (GPII) http://GPII.net > > > > >> On Apr 20, 2020, at 2:09 PM, Joseph Scheuhammer >> <[email protected] <mailto:[email protected]>> wrote: >> >> All, but mostly Stepan, Alfredo, and Sergey (dev-ops), >> >> The goal of GPII-4273[i] is to provide a means by which the Morphic >> client can fetch its platform's latest solutions registry from >> github. >> In this case "latest" is defined by the version of gpii-universal >> running in the cloud. >> >> I've modified the solutions registry datasource (SRDS) >> subcomponent of >> the local flow manager (LFM) to construct an url to github for the >> appropriate solutions registry and make a GET request to download >> it. >> An example of such an url is, assuming Morphic is running on Windows: >> >> https://raw.githubusercontent.com/GPII/universal/bd992f03313acd9a35b81f00fc63922540292255/testData/solutions/win32.json5 >> >> I have modified the production tests to test the new LFM and its >> SRDS. >> The production tests involve running docker containers built from an >> image of gpii-universal that provide the main components of the >> GPII cloud. >> >> The production tests also run in GCP in dev and stg. Here a >> "productiontests" container is run in which the production tests are >> executed as a one-shot job. >> >> Given that background: will the security within GCP allow the >> LFM/SRDS >> within the productiontests container to make the outgoing GET >> request to >> github? I suspect not, but I will test with my dev cluster. >> >> i. https://issues.gpii.net/browse/GPII-4273 >> >> -- >> ;;;;joseph. >> >> 'The only reason for time is so that everything doesn't happen >> all at once.' >> - B. Banzai - >> >> _______________________________________________ >> Architecture mailing list >> [email protected] <mailto:[email protected]> >> https://lists.gpii.net/mailman/listinfo/architecture > > _______________________________________________ > Architecture mailing list > [email protected] <mailto:[email protected]> > https://lists.gpii.net/mailman/listinfo/architecture > -- ;;;;joseph. 'The only reason for time is so that everything doesn't happen all at once.' - B. Banzai - _______________________________________________ Architecture mailing list [email protected] https://lists.gpii.net/mailman/listinfo/architecture
