agones icon indicating copy to clipboard operation
agones copied to clipboard

Published 20 hours ago verified publisher icon googleforgames

Increase the installation security by replacing TLS certificates

Open pooneh-m opened this issue 5 years ago • 2 comments

Is your feature request related to a problem? Please describe. When installing Agones using yaml file instead of helm, TLS certificates that are used by the services are defaulted to checked-in certificates. A user may inadvertently use the solution without replacing the certificate and expose security risk of the cluster resources get compromised.

Describe the solution you'd like There should be a process in place that before installing yaml, replace certificates with generated certificates. Otherwise, we should not offer yaml installation.

pooneh-m avatar Sep 23 '19 20:09 pooneh-m

I think we could update https://github.com/googleforgames/agones/blob/master/install/helm/agones/certs/cert.sh to generate all certs, and then add as an optional step on installation with yaml to run that script first before installing things.

We should also confirm this whole bundle is grabbed together when doing a release and attached to the release. I think it is, but we should confirm.

markmandel avatar Sep 23 '19 20:09 markmandel

One other thought we had in community call - rather than pull certs from static files, generate the cert from Helm on every run of make gen-install. This is not perfect, since each yaml install for a version will have the same certs as another install - but at least you have different certs per-release.

markmandel avatar Jul 28 '22 16:07 markmandel

Is this even worth pursuing? I feel like it should just be a documented limitation of the YAML install, which is less robust anyways.

zmerlynn avatar Feb 06 '23 19:02 zmerlynn

'This issue is marked as Stale due to inactivity for more than 30 days. To avoid being marked as 'stale' please add 'awaiting-maintainer' label or add a comment. Thank you for your contributions '

github-actions[bot] avatar May 15 '23 10:05 github-actions[bot]

I feel like it should just be a documented limitation of the YAML install, which is less robust anyways.

I tend to agree. There is always a tension between security and ease-of-use, and the yaml installation is specifically designed for ease of use.

We can strengthen the warning at the top of https://agones.dev/site/docs/installation/install-agones/yaml/ to make it clearer that we don't recommend using the checked-in install.yaml file for production. Instead, users should opt to use helm install or at least helm template to generate their own unique installation configuration.

roberthbailey avatar May 18 '23 22:05 roberthbailey