Skip to content

Add SSRF protection to HTTP resolver by blocking private/internal IPs#9937

Open
ab-ghosh wants to merge 1 commit intotektoncd:mainfrom
ab-ghosh:fix-http-resolver-ssrf-block-private-ips
Open

Add SSRF protection to HTTP resolver by blocking private/internal IPs#9937
ab-ghosh wants to merge 1 commit intotektoncd:mainfrom
ab-ghosh:fix-http-resolver-ssrf-block-private-ips

Conversation

@ab-ghosh
Copy link
Copy Markdown
Member

@ab-ghosh ab-ghosh commented Apr 30, 2026

Changes

Fixes #9602
This PR adds defense-in-depth IP filtering to makeHttpClient():

  • Custom http.Transport with a DialContext that resolves the target hostname and rejects connections to private, loopback, link-local, CGNAT, and unspecified IP addresses
  • DNS rebinding prevention — the resolved IP is used directly for connection, so a hostname that resolves to a public IP during validation cannot resolve to a private IP during connection
  • block-private-ips config key in http-resolver-config ConfigMap, defaulting to "true". Administrators who need the resolver to reach internal registries can set it to "false"

/kind feature

Submitter Checklist

As the author of this PR, please check off the items in this checklist:

  • Has Docs if any changes are user facing, including updates to minimum requirements e.g. Kubernetes version bumps
  • Has Tests included if any functionality added or changed
  • pre-commit Passed
  • Follows the commit message standard
  • Meets the Tekton contributor standards (including functionality, content, code)
  • Has a kind label. You can add one by adding a comment on this PR that contains /kind <type>. Valid types are bug, cleanup, design, documentation, feature, flake, misc, question, tep
  • Release notes block below has been updated with any user facing changes (API changes, bug fixes, changes requiring upgrade notices or deprecation warnings). See some examples of good release notes.
  • Release notes contains the string "action required" if the change requires additional action from users switching to the new release

Release Notes

Add SSRF protection to HTTP resolver: blocks requests to private/internal IPs by default. Configure `block-private-ips: "false"` in `http-resolver-config` ConfigMap to allow internal requests.

@ab-ghosh
Add SSRF protection to HTTP resolver by blocking private/internal IPs
009c354 
  Resolves tektoncd#9602. The HTTP resolver now blocks requests to private,
  loopback, link-local, and CGNAT IP addresses by default to prevent
  SSRF attacks. A new block-private-ips ConfigMap toggle (default
  true) allows admins to opt out for legitimate internal use.

Signed-off-by: ab-ghosh <abghosh@redhat.com>
@tekton-robot tekton-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. kind/feature Categorizes issue or PR as related to a new feature. labels Apr 30, 2026
@tekton-robot tekton-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Apr 30, 2026
@tekton-robot
Copy link
Copy Markdown
Collaborator

tekton-robot commented Apr 30, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please assign athorp96 after the PR has been reviewed.
You can assign the PR to them by writing /assign @athorp96 in a comment when ready.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@twoGiants twoGiants Awaiting requested review from twoGiants

@vdemeester vdemeester Awaiting requested review from vdemeester

Assignees

No one assigned

Labels

kind/feature Categorizes issue or PR as related to a new feature. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

HTTP resolver: block requests to private/internal IP ranges by default

2 participants

@ab-ghosh @tekton-robot