Skip to content

Commit 2234f46

Browse files
nimish-ksnimish-ks
committed
feat: validate Nomad address URL for safety in cloud environment
- Added a check to validate the Nomad address URL when the application host is set to "cloud". - Integrated the `validate_url_is_safe` function to ensure secure URL usage during Nomad token retrieval and secret synchronization.
1 parent cd92e03 commit 2234f46

File tree

1 file changed

+8
-0
lines changed
  • backend/api/utils/syncing/nomad

1 file changed

+8
-0
lines changed

backend/api/utils/syncing/nomad/main.py

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,8 @@
11
from api.utils.syncing.auth import get_credentials
22
import requests
33
import re
4+
from django.conf import settings
5+
from api.utils.network import validate_url_is_safe
46

57

68
def get_nomad_token_info(credential_id):
@@ -11,6 +13,9 @@ def get_nomad_token_info(credential_id):
1113
NOMAD_ADDR = credentials["nomad_addr"]
1214
NOMAD_TOKEN = credentials["nomad_token_secret"]
1315

16+
if settings.APP_HOST == "cloud":
17+
validate_url_is_safe(NOMAD_ADDR)
18+
1419
session = requests.Session()
1520
session.headers.update(
1621
{
@@ -59,6 +64,9 @@ def sync_nomad_secrets(secrets, credential_id, path, namespace="default"):
5964
NOMAD_ADDR = credentials["nomad_addr"]
6065
NOMAD_TOKEN = credentials["nomad_token_secret"]
6166

67+
if settings.APP_HOST == "cloud":
68+
validate_url_is_safe(NOMAD_ADDR)
69+
6270
session = requests.Session()
6371
session.headers.update(
6472
{

0 commit comments

Comments
 (0)