Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Provider verification in KFP Operator events webhook #407

Open
grahamia opened this issue Dec 5, 2024 · 0 comments
Open

Provider verification in KFP Operator events webhook #407

grahamia opened this issue Dec 5, 2024 · 0 comments

Comments

@grahamia
Copy link
Contributor

grahamia commented Dec 5, 2024

Overview
Currently in the run completion data that is sent to the events webhook the "provider" is never validated that it is the correct value, a provider should never be able to send a request for another provider, we should validate as a step in the webhook that the provider is correct.

Technical Details
The request in to the webhook accepts the following JSON:

{
    "pipelineName": "penguin-pipeline",
    "provider": "vai",
    "runConfigurationName": "penguin-rc",
    "runId": "penguin-pipeline-20241125040000990",
    "runName": "penguin-pipeline",
    "servingModelArtifacts": null,
    "status": "succeeded"
}

the provider element needs to verified to ensure it came from that provider.

This task is separate to the main security task of securing the connection from the provider to the KFP Operator webhook (link to issue once raised)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant