fix(auto): use action parser for repair gates
This commit is contained in:
@@ -32,6 +32,7 @@ import structlog
|
||||
import yaml
|
||||
|
||||
from src.constants.alert_types import ALERTNAME_TO_TYPE
|
||||
from src.services.action_parser import parse_kubectl_action
|
||||
|
||||
logger = structlog.get_logger(__name__)
|
||||
|
||||
@@ -43,19 +44,17 @@ _generating: set[str] = set()
|
||||
# Redis 分散式鎖 TTL (秒),覆蓋 Ollama + Gemini 最長生成時間
|
||||
_RULE_GEN_LOCK_TTL = 120
|
||||
|
||||
# ── kubectl 注入防護 (Task 2.3, ADR-076, 2026-04-14) ─────────
|
||||
# 對齊 auto_approve._DESTRUCTIVE_PATTERNS + decision_manager._ALLOWED_KUBECTL_PATTERN
|
||||
# 目標: 規則 YAML 中的 kubectl_command 在變數替換後若含下列破壞性模式 → 清空並告警
|
||||
_RULE_ENGINE_DESTRUCTIVE_RE = re.compile(
|
||||
r"(kubectl\s+delete\s+(pvc|namespace|statefulset|deployment)" # 破壞性 K8s 刪除
|
||||
r"|kubectl\s+(drain|cordon)" # 節點驅逐/封鎖
|
||||
r"|--replicas=\s*0\b" # 縮容至零
|
||||
r"|rm\s+-[rf]{1,2}\s" # rm -rf
|
||||
r"|\bdrop\s+(table|database)\b" # SQL 破壞性 DDL
|
||||
r"|\$\([^)]{0,200}\)" # shell 命令替換 $(...)
|
||||
r"|`[^`]{0,200}`" # 反引號替換
|
||||
r")",
|
||||
re.IGNORECASE,
|
||||
# ── action parser 注入防護 (SPF-2, 2026-04-30) ───────────────
|
||||
# kubectl 走 structured token parser;非 kubectl 保留簡單 dangerous-fragment
|
||||
# 掃描,避免舊式巨型 regex 誤殺安全的單一 delete pod / deployment resource forms。
|
||||
_RULE_ENGINE_DANGEROUS_FRAGMENTS = (
|
||||
"rm -rf",
|
||||
"rm -f /",
|
||||
"drop table",
|
||||
"drop database",
|
||||
"truncate table",
|
||||
"$(",
|
||||
"`",
|
||||
)
|
||||
|
||||
# ── kubectl 注入防護 公開 API ───────────────────────────────
|
||||
@@ -63,7 +62,7 @@ _RULE_ENGINE_DESTRUCTIVE_RE = re.compile(
|
||||
|
||||
def validate_kubectl_command(command: str) -> bool:
|
||||
"""
|
||||
kubectl 注入安全驗證(Task 2.3, ADR-076)。
|
||||
Action 注入安全驗證(Task 2.3, ADR-076; SPF-2 parser upgrade)。
|
||||
|
||||
Returns:
|
||||
True — 指令安全,可執行
|
||||
@@ -74,18 +73,19 @@ def validate_kubectl_command(command: str) -> bool:
|
||||
- "ssh ..." 開頭 — SSH 層指令,不走 kubectl 路徑
|
||||
|
||||
阻擋條件(返回 False):
|
||||
- kubectl delete pvc/namespace/statefulset/deployment — 破壞性刪除
|
||||
- kubectl drain / cordon — 節點驅逐(業務衝擊)
|
||||
- --replicas=0 — 縮容至零(服務停止)
|
||||
- rm -rf — 主機層破壞
|
||||
- DROP TABLE/DATABASE — SQL 破壞性 DDL
|
||||
- $(...) 或反引號 — Shell 命令注入
|
||||
- kubectl parser 不支援的語法(deployment delete / drain / cordon /
|
||||
replicas=0 / shell metachar / compound command)
|
||||
- 非 kubectl 指令內含主機/SQL/command-substitution 危險片段
|
||||
"""
|
||||
command = (command or "").strip()
|
||||
if not command:
|
||||
return True
|
||||
if command.strip().startswith("ssh "):
|
||||
if command.startswith("ssh "):
|
||||
return True
|
||||
return not bool(_RULE_ENGINE_DESTRUCTIVE_RE.search(command))
|
||||
if command.startswith("kubectl"):
|
||||
return parse_kubectl_action(command).ok
|
||||
command_lower = command.lower()
|
||||
return not any(fragment in command_lower for fragment in _RULE_ENGINE_DANGEROUS_FRAGMENTS)
|
||||
|
||||
|
||||
# ── 變數提取 ────────────────────────────────────────────────
|
||||
|
||||
Reference in New Issue
Block a user