feat: enable Terraform debug mode via deployment configuration #8260
Conversation
|
Should we: a) Only allow admins to run builds in debug mode? (That is, hide the "try in debug mode" button unless you're an admin - this would resolve the issue with not being able to get the deployment values.) |
|
I think @johnstcn makes some good points. I would take it even further such that enable debug mode is per-provisioner (disabled by default). Another thought that comes to mind.. should the user even be allowed to see the build log from a debug-enabled build? I can foresee there being multiple knobs for this behavior. Like allow debug: never|admin|user. If set to admin, users shouldn't see the build log, etc. |
I'm working on this 👍
I would not like to increase the complexity of this PR as we have an issue to mitigate (disable unsafe logs). We can chat later about gaps we should address in the future. Here I would focus on enabling a global switch. |
Agreed, that's fair. 👍🏻 |
|
I refactored the PR considering the following statements:
|
| @@ -638,11 +646,19 @@ func (b *Builder) authorize(authFunc func(action rbac.Action, object rbac.Object | |||
| } | |||
| } | |||
|
|
|||
| if b.logLevel != "" && !authFunc(rbac.ActionUpdate, template) { | |||
| if b.logLevel != "" && !authFunc(rbac.ActionRead, rbac.ResourceDeploymentValues) { | |||
There was a problem hiding this comment.
Is this the de-facto way to check for admin? It feels like it'd be one of those things that might change in the future (esp. a read permission). Probably fine for now though.
There was a problem hiding this comment.
Yes, that's why I covered it on the workspace build level with tests for all crucial roles.
Related: #8248
This PR mitigates the security concern around the untrusted Terraform plugin: