Skip to content

fix: remove secret management#26

Draft
Sneh1999 wants to merge 1 commit into
mainfrom
fix-without-aws-secrets
Draft

fix: remove secret management#26
Sneh1999 wants to merge 1 commit into
mainfrom
fix-without-aws-secrets

Conversation

@Sneh1999
Copy link
Copy Markdown
Contributor

@Sneh1999 Sneh1999 commented May 7, 2026

No description provided.

gemini-code-assist[bot]
gemini-code-assist Bot reviewed May 7, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request removes the logic for fetching secrets from AWS Secrets Manager and dynamic configuration injection from the entrypoint script. The review identifies a critical security regression where sensitive information like private keys may now be exposed to the untrusted host instance. Additionally, the feedback points out that the removal of validation logic and default CLI flags could lead to less descriptive errors and unintended behavior changes, while also leaving obsolete dependencies in the Docker image.

I am having trouble creating individual review comments. Click here to see my feedback.

aws-nitro/nitro/docker/aws-nitro-entrypoint.sh (45-52)

security-high high

Removing the logic to fetch secrets from AWS Secrets Manager within the enclave is a significant security regression. In the AWS Nitro Enclave security model, the host (parent instance) is considered untrusted. By removing this, sensitive information like the private-key must now be included in the configuration file mounted from the host (/opt/nitro/config), making it accessible to the parent instance. This undermines the primary isolation benefit of using an enclave for the batch poster.

aws-nitro/nitro/docker/aws-nitro-entrypoint.sh (45-52)

medium

Since the aws CLI is no longer used to retrieve secrets, the awscli installation and the AWS_REGION/AWS_SECRET_ID environment variables in Dockerfile.aws-nitro-poster are now obsolete. Consider removing them to reduce the Docker image size and minimize the attack surface.

aws-nitro/nitro/docker/aws-nitro-entrypoint.sh (80-91)

medium

The removal of the validation logic for Data Availability (DA_ENABLED) and Celestia (CELESTIA_ENABLED) means that the script no longer verifies if the required URLs are provided when these features are enabled. This could lead to the nitro binary failing with less descriptive errors if the configuration is incomplete.

aws-nitro/nitro/docker/aws-nitro-entrypoint.sh (148-150)

medium

The removal of these flags also removes the default interval values (e.g., 125ms for monitoring/resubmission and 10s for polling) that were previously enforced via the CLI. If these intervals are not explicitly defined in the poster_config.json file, the nitro binary will revert to its internal defaults, which may differ from these values and impact the application's performance or behavior.

@Sneh1999 Sneh1999 force-pushed the fix-without-aws-secrets branch from fcc9860 to 724733a Compare May 7, 2026 12:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Sneh1999