Git cloning via SSH was not verifying host public key (argoproj#1261)

Dockerfile

@@ -47,6 +47,7 @@ RUN apt-get update && \
  rm -rf /var/lib/apt/lists/* && \
  curl -L -o /usr/local/bin/kubectl -LO https://storage.googleapis.com/kubernetes-release/release/v${KUBECTL_VERSION}/bin/linux/amd64/kubectl && \
  chmod +x /usr/local/bin/kubectl
+COPY hack/ssh_known_hosts /etc/ssh/ssh_known_hosts
 COPY --from=builder /usr/local/bin/docker /usr/local/bin/
 
 

api/openapi-spec/swagger.json

@@ -250,6 +250,10 @@
  "repo"
  ],
  "properties": {
+ "insecureIgnoreHostKey": {
+ "description": "InsecureIgnoreHostKey disables SSH strict host key checking during git clone",
+ "type": "boolean"
+ },
  "passwordSecret": {
  "description": "PasswordSecret is the secret selector to the repository password",
  "$ref": "#/definitions/io.k8s.api.core.v1.SecretKeySelector"

hack/ssh_known_hosts

@@ -0,0 +1,8 @@
+# This file was automatically generated. DO NOT EDIT
+bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
+github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
+gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=
+gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf
+gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9
+ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
+vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H

hack/update-ssh-known-hosts.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+set -e
+
+KNOWN_HOSTS_FILE=$(dirname "$0")/ssh_known_hosts
+HEADER="# This file was automatically generated. DO NOT EDIT"
+echo "$HEADER" > $KNOWN_HOSTS_FILE
+ssh-keyscan github.com gitlab.com bitbucket.org ssh.dev.azure.com vs-ssh.visualstudio.com | sort -u >> $KNOWN_HOSTS_FILE
+chmod 0644 $KNOWN_HOSTS_FILE
+
+# Public SSH keys can be verified at the following URLs:
+# - github.com: https://help.github.com/articles/github-s-ssh-key-fingerprints/
+# - gitlab.com: https://docs.gitlab.com/ee/user/gitlab_com/#ssh-host-keys-fingerprints
+# - bitbucket.org: https://confluence.atlassian.com/bitbucket/ssh-keys-935365775.html
+# - ssh.dev.azure.com, vs-ssh.visualstudio.com: https://docs.microsoft.com/en-us/azure/devops/repos/git/use-ssh-keys-to-authenticate?view=azure-devops
+diff - <(ssh-keygen -l -f $KNOWN_HOSTS_FILE | sort -k 3) <<EOF
+2048 SHA256:zzXQOXSRBEiUtuE8AikJYKwbHaxvSc0ojez9YXaGp1A bitbucket.org (RSA)
+2048 SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8 github.com (RSA)
+256 SHA256:HbW3g8zUjNSksFbqTiUWPWg2Bq1x8xdGUrliXFzSnUw gitlab.com (ECDSA)
+256 SHA256:eUXGGm1YGsMAS7vkcx6JOJdOGHPem5gQp4taiCfCLB8 gitlab.com (ED25519)
+2048 SHA256:ROQFvPThGrW4RuWLoL9tq9I9zJ42fK4XywyRtbOz/EQ gitlab.com (RSA)
+2048 SHA256:ohD8VZEXGWo6Ez8GSEJQ9WpafgLFsOfLOtGGQCQo6Og ssh.dev.azure.com (RSA)
+2048 SHA256:ohD8VZEXGWo6Ez8GSEJQ9WpafgLFsOfLOtGGQCQo6Og vs-ssh.visualstudio.com (RSA)
+EOF

pkg/apis/workflow/v1alpha1/types.go

@@ -649,8 +649,12 @@ type GitArtifact struct {
 
  // PasswordSecret is the secret selector to the repository password
  PasswordSecret *apiv1.SecretKeySelector `json:"passwordSecret,omitempty"`
+
  // SSHPrivateKeySecret is the secret selector to the repository ssh private key
  SSHPrivateKeySecret *apiv1.SecretKeySelector `json:"sshPrivateKeySecret,omitempty"`
+
+ // InsecureIgnoreHostKey disables SSH strict host key checking during git clone
+ InsecureIgnoreHostKey bool `json:"insecureIgnoreHostKey,omitempty"`
 }
 
 // ArtifactoryAuth describes the secret selectors required for authenticating to artifactory

workflow/artifacts/git/git.go

@@ -21,9 +21,10 @@ import (
 
 // GitArtifactDriver is the artifact driver for a git repo
 type GitArtifactDriver struct {
- Username string
- Password string
- SSHPrivateKey string
+ Username string
+ Password string
+ SSHPrivateKey string
+ InsecureIgnoreHostKey bool
 }
 
 // Load download artifacts from an git URL
@@ -34,7 +35,9 @@ func (g *GitArtifactDriver) Load(inputArtifact *wfv1.Artifact, path string) erro
  return errors.InternalWrapError(err)
  }
  auth := &ssh2.PublicKeys{User: "git", Signer: signer}
- auth.HostKeyCallback = ssh.InsecureIgnoreHostKey()
+ if g.InsecureIgnoreHostKey {
+ auth.HostKeyCallback = ssh.InsecureIgnoreHostKey()
+ }
  return gitClone(path, inputArtifact, auth, g.SSHPrivateKey)
  }
  if g.Username != "" || g.Password != "" {
@@ -49,7 +52,7 @@ func (g *GitArtifactDriver) Save(path string, outputArtifact *wfv1.Artifact) err
  return errors.Errorf(errors.CodeBadRequest, "Git output artifacts unsupported")
 }
 
-func writePrivateKey(key string) error {
+func writePrivateKey(key string, insecureIgnoreHostKey bool) error {
  usr, err := user.Current()
  if err != nil {
  return errors.InternalWrapError(err)
@@ -60,12 +63,14 @@ func writePrivateKey(key string) error {
  return errors.InternalWrapError(err)
  }
 
- sshConfig := `Host *
+ if insecureIgnoreHostKey {
+ sshConfig := `Host *
  StrictHostKeyChecking no
  UserKnownHostsFile /dev/null`
- err = ioutil.WriteFile(fmt.Sprintf("%s/config", sshDir), []byte(sshConfig), 0644)
- if err != nil {
- return errors.InternalWrapError(err)
+ err = ioutil.WriteFile(fmt.Sprintf("%s/config", sshDir), []byte(sshConfig), 0644)
+ if err != nil {
+ return errors.InternalWrapError(err)
+ }
  }
  err = ioutil.WriteFile(fmt.Sprintf("%s/id_rsa", sshDir), []byte(key), 0600)
  if err != nil {
@@ -101,7 +106,7 @@ func gitClone(path string, inputArtifact *wfv1.Artifact, auth transport.AuthMeth
  }
  log.Errorf("`%s` stdout:\n%s", cmd.Args, string(output))
  if privateKey != "" {
- err := writePrivateKey(privateKey)
+ err := writePrivateKey(privateKey, inputArtifact.Git.InsecureIgnoreHostKey)
  if err != nil {
  return errors.InternalWrapError(err)
  }

workflow/executor/executor.go

@@ -453,7 +453,9 @@ func (we *WorkflowExecutor) InitDriver(art wfv1.Artifact) (artifact.ArtifactDriv
  return &http.HTTPArtifactDriver{}, nil
  }
  if art.Git != nil {
- gitDriver := git.GitArtifactDriver{}
+ gitDriver := git.GitArtifactDriver{
+ InsecureIgnoreHostKey: art.Git.InsecureIgnoreHostKey,
+ }
  if art.Git.UsernameSecret != nil {
  usernameBytes, err := we.GetSecrets(we.Namespace, art.Git.UsernameSecret.Name, art.Git.UsernameSecret.Key)
  if err != nil {