bank-vaults/vault-secrets-webhook v1.23.1

on GitHub

What's Changed

⚠️ Breaking change: object-supplied Vault addresses are now validated (SSRF hardening)

The vault.security.banzaicloud.io/vault-addr annotation on a ConfigMap,
Secret, or Pod is no longer trusted as-is. It is now validated against an
operator-controlled allowlist, and the vault-skip-verify annotation no longer
disables TLS verification unless explicitly permitted.

Secure by default: with no configuration, object annotations may not
override the address — only the operator-configured VAULT_ADDR (env/Helm) is
used. Deployments that rely on per-object address overrides will see admission
rejected with rejected Vault address from object annotation: address "..." is not in the configured allowlist.

Do I need to act?

• No — if you don't set the vault-addr annotation, or only set it to the
  same address as the operator VAULT_ADDR. Nothing changes.
• Yes — if workloads point the vault-addr annotation at a different Vault,
  or use the vault-skip-verify annotation.

How to adjust (operator config / Helm env)

env:
  # Allow specific object-supplied addresses (comma-separated, full scheme+host[:port]):
  VAULT_ADDR_ALLOWLIST: "https://vault.prod.svc:8200,https://vault.dr.svc:8200"

  # Allow the vault-skip-verify annotation to disable TLS verification (default: false):
  VAULT_ALLOW_OBJECT_SKIP_VERIFY: "true"

  # Allow object addresses that resolve to private/loopback IP literals
  # (cloud metadata endpoints stay blocked regardless; default: false):
  VAULT_ALLOW_PRIVATE_ADDR: "true"

Allowlist entries are matched on scheme + host + port. Loopback, link-local
(incl. cloud metadata 169.254.169.254), private, and CGNAT IP literals are
rejected unless VAULT_ALLOW_PRIVATE_ADDR is set; metadata hosts are always
blocked.

Maintenance 🚧

• fix: missing IPC_LOCK capability in vault-agent initContainer by @jarnfast in #956

Dependency Updates ⬆️

Full Changelog: v1.23.0...v1.23.1