You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request. Searching for pre-existing feature requests helps us consolidate datapoints for identical requirements into a single place, thank you!
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
If you are interested in working on this issue or have submitted a pull request, please leave a comment.
Overview of the Issue
The atlantis project has always used the command.exec golang functions. These are error prone and have lead to security issues in the past. It would be best to replace these with native golang libraries.
shell commands for pre workflows, post workflows, and normal workflows which is acceptable
This is impossible to remove since it's a first class feature. It would help to audit this to improve it and consolidate the cmd := exec.Command("sh", "-c", formattedArgs) type commands
I'd like to note that tofu-exec isn't really well maintained at this point and it relies on exec'ing anyway, so would defer to using TofuDL + exec'ing instead.
The benefits of using a 3rd party official library for this, even if it uses the same underlying mechanism is that we can presume, due to more usage and official ownership, that it's probably better maintained than our bespoke implementation. Our implementation is also inconsistent and could lead to mistakes resulting in security issues.
From the looks of https://github.com/opentofu/tofu-exec, it appears it's a fork of the terraform version with commits to keep it updated for opentofu. The last commit was from 4 months ago which is relatively recent. For comparison, there are libraries we depend on that haven't been updated in years. See #2795.
I'm looking through the code and it uses a pattern where it defines each subcommand as an individual function to help insulate each passed in argument before calling the underlying exec.CommandContext() which is better practice.
Community Note
Overview of the Issue
The atlantis project has always used the command.exec golang functions. These are error prone and have lead to security issues in the past. It would be best to replace these with native golang libraries.
There are currently 19 files that use it
https://github.com/search?q=repo%3Arunatlantis%2Fatlantis+exec.command+language%3AGo&type=code
Use-cases are
cmd := exec.Command("sh", "-c", formattedArgs)
type commandsReproduction Steps
N/A
Logs
N/A
Environment details
N/A
Additional Context
The text was updated successfully, but these errors were encountered: