Skip to content

RHAIENG-6078: Ignore ErrNotDynLinked for apply-seccomp on codeserver#350

Merged
openshift-merge-bot[bot] merged 1 commit into
openshift:mainfrom
ysok:RHAIENG-6078-apply-seccomp-pandoc-rhai
Jul 17, 2026
Merged

RHAIENG-6078: Ignore ErrNotDynLinked for apply-seccomp on codeserver#350
openshift-merge-bot[bot] merged 1 commit into
openshift:mainfrom
ysok:RHAIENG-6078-apply-seccomp-pandoc-rhai

Conversation

@ysok

@ysok ysok commented Jul 11, 2026

Copy link
Copy Markdown
Contributor

Summary

Follow-up to #327. Adds a payload-scoped ErrNotDynLinked exception for codeserver only so Konflux/FBC check-payload scans pass while FIPS checks remain enabled.

codeserver (RHAIENG-6078)

VS Code 1.112 (code-server v4.112.0) ships statically linked apply-seccomp helpers from @anthropic-ai/sandbox-runtime. These are seccomp BPF loaders with no cryptographic operations — optional MCP/terminal sandbox tooling only.

Waive under payload.odh-workbench-codeserver-datascience-cpu-py312-rhel9 via explicit files paths (same style as rg and py-spy in #327). The npm package ships four binaries (arm64 + x64 under both dist/vendor/seccomp and vendor/seccomp); there are no ppc64le/s390x variants, so Konflux multi-arch builds still scan the bundled arm64/x64 paths.

/usr/lib/code-server/lib/vscode/node_modules/@anthropic-ai/sandbox-runtime/dist/vendor/seccomp/arm64/apply-seccomp
/usr/lib/code-server/lib/vscode/node_modules/@anthropic-ai/sandbox-runtime/dist/vendor/seccomp/x64/apply-seccomp
/usr/lib/code-server/lib/vscode/node_modules/@anthropic-ai/sandbox-runtime/vendor/seccomp/arm64/apply-seccomp
/usr/lib/code-server/lib/vscode/node_modules/@anthropic-ai/sandbox-runtime/vendor/seccomp/x64/apply-seccomp

Tracking

Binary Jira Action
apply-seccomp (4 paths) RHAIENG-6078 This PR — codeserver files waiver

Test plan

  • make test passes locally
  • config.toml validates (pre-commit hook)
  • OpenShift CI after /ok-to-test
  • After merge: bump embedded check-payload in quay.io/konflux-ci/konflux-test

@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Jul 11, 2026
@openshift-ci-robot

openshift-ci-robot commented Jul 11, 2026

Copy link
Copy Markdown

@ysok: This pull request references RHAIENG-6078 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "5.0.0" version, but no target version was set.

Details

In response to this:

Summary

Follow-up to #327 (merged). Adds payload-scoped ErrNotDynLinked exceptions for RHOAI workbench images so Konflux/FBC check-payload scans pass while FIPS checks remain enabled.

codeserver (RHAIENG-6078)

VS Code 1.112 (code-server v4.112.0) ships statically linked apply-seccomp helpers from @anthropic-ai/sandbox-runtime. These are seccomp BPF loaders with no cryptographic operations — optional MCP/terminal sandbox tooling only.

Waive under payload.odh-workbench-codeserver-datascience-cpu-py312-rhel9 via dirs prefix (same paths as notebooks scripts/check-payload/config.toml).

pandoc (RHAIENG-5898)

RHAIENG-5898 reports release FIPS scan failures on /usr/local/pandoc/bin/pandoc across jupyter workbench images. #327 already waived that path; this PR also adds the pandoc-rhai wheel layout used in newer images:

/opt/app-root/lib/python3.12/site-packages/pandoc_rhai/data/bin/pandoc

Pandoc is used for notebook PDF export only (nbconvert); it is not a crypto boundary. Long-term remediation: AIPCC-7795.

Tracking

Binary Jira Notes
apply-seccomp RHAIENG-6078 VS Code 1.112 sandbox-runtime
pandoc RHAIENG-5898, RHOAIENG-58626 Legacy + pandoc-rhai paths
py-spy, rg RHOAIENG-58916, RHOAIENG-58626 Already in #327

Test plan

  • make test passes locally
  • config.toml validates (pre-commit hook)
  • OpenShift CI after /ok-to-test
  • After merge: bump check-payload in quay.io/konflux-ci/konflux-test so Konflux PR fips-check picks up embedded config

Made with Cursor

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci
openshift-ci Bot requested review from mrunalp and rhmdnd July 11, 2026 04:42
@openshift-ci openshift-ci Bot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Jul 11, 2026
@openshift-ci

openshift-ci Bot commented Jul 11, 2026

Copy link
Copy Markdown
Contributor

Hi @ysok. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@ysok

ysok commented Jul 11, 2026

Copy link
Copy Markdown
Contributor Author

smith-xyz We would like to ask for your approval this again "apply-seccomp"

@ysok
ysok force-pushed the RHAIENG-6078-apply-seccomp-pandoc-rhai branch from 9907b98 to de48561 Compare July 11, 2026 04:55
@ysok ysok changed the title RHAIENG-6078: Ignore ErrNotDynLinked for apply-seccomp and pandoc-rhai RHAIENG-6078: Ignore ErrNotDynLinked for apply-seccomp on codeserver Jul 11, 2026
VS Code 1.112+ bundles @anthropic-ai/sandbox-runtime apply-seccomp BPF
loaders (statically linked, no cryptography). Waive the four npm-shipped
arm64/x64 binaries via explicit file paths on the codeserver payload.

Co-authored-by: Cursor <cursoragent@cursor.com>
@ysok
ysok force-pushed the RHAIENG-6078-apply-seccomp-pandoc-rhai branch from de48561 to 2474950 Compare July 11, 2026 04:56
@openshift-ci openshift-ci Bot added the lgtm Indicates that a PR is ready to be merged. label Jul 13, 2026

@pablofelix pablofelix left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci

openshift-ci Bot commented Jul 16, 2026

Copy link
Copy Markdown
Contributor

@pablofelix: changing LGTM is restricted to collaborators

Details

In response to this:

/lgtm

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Comment thread config.toml
files = [
"/opt/app-root/bin/py-spy",
"/usr/lib/code-server/lib/vscode/node_modules/@vscode/ripgrep/bin/rg",
"/usr/lib/code-server/lib/vscode/node_modules/@anthropic-ai/sandbox-runtime/dist/vendor/seccomp/arm64/apply-seccomp",

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thank you for adding the disclaimer that no crypto is used.

These directories are brittle though - we may need to come back and allow for an entire dir to be ignored, or matching patterns.

But that is complexity for later, just noting that if anything changes with these dirs we have to come back to this.

Comment thread config.toml
"/usr/lib/code-server/lib/vscode/node_modules/@anthropic-ai/sandbox-runtime/dist/vendor/seccomp/arm64/apply-seccomp",
"/usr/lib/code-server/lib/vscode/node_modules/@anthropic-ai/sandbox-runtime/dist/vendor/seccomp/x64/apply-seccomp",
"/usr/lib/code-server/lib/vscode/node_modules/@anthropic-ai/sandbox-runtime/vendor/seccomp/arm64/apply-seccomp",
"/usr/lib/code-server/lib/vscode/node_modules/@anthropic-ai/sandbox-runtime/vendor/seccomp/x64/apply-seccomp",

@smith-xyz smith-xyz Jul 17, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

took a review of these - and these c binaries specifically do not have crypto.

but, the wider @anthropic-ai/sandbox-runtime does have crypto usage, (via node:crypto).

I think ultimately what this is showing about this program is that, when used as a policy gate, it ends up being a toll gate instead.

I don't think this is a blocker - just noting that I may open a separate issue for this project that this is something we should consider addressing.

@smith-xyz

Copy link
Copy Markdown
Contributor

/ok-to-test

@openshift-ci openshift-ci Bot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Jul 17, 2026
@smith-xyz

Copy link
Copy Markdown
Contributor

/approve

@openshift-ci

openshift-ci Bot commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: atheo89, pablofelix, smith-xyz, ysok

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 17, 2026
@smith-xyz

Copy link
Copy Markdown
Contributor

/retest

@openshift-ci

openshift-ci Bot commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

@ysok: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@openshift-merge-bot
openshift-merge-bot Bot merged commit 6a49677 into openshift:main Jul 17, 2026
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants