Add outbound allowlist to allowed endpoints for SSRF filter
Context
In Enable SSRF protection for dependency proxy for... (!184626 - merged) we've added the SSRF protection for dependency proxy for containers.
After the rollout on gitlab.com the feature flag was enabled and removed in %18.1
Remove FF for SSRF protection for dependency proxy (!192238 - merged).
Recently, there have been several reports of issues when pulling Docker images from Docker Hub https://gitlab.com/gitlab-org/gitlab/-/issues/554440+
What does this MR do and why?
Add outbound_local_requests_whitelist
from the settings to the list of
allowed endpoints for SSRF filter for the dependency proxy for
containers.
References
https://gitlab.com/gitlab-org/gitlab/-/issues/554440+
Screenshots or screen recordings
No.
How to set up and validate locally
The steps to reproduce the issue are detailed here.
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Related to #554440