Improve trust when installing agent

[dustinblackman]

Is your feature request related to a problem?

Nothing is broken, but it's a problem nonetheless.

Which solution do you suggest?

DevPod is fantastic where it's able to bring up an any environment I define in the place I need it to, I love it! The only addition to my devcontainer is the DevPod agent. At the moment DevPod expects a developer to put trust that the binary from GitHub releases that's downloaded in each new environment is the same as it was a month ago. This is a trust many are happy to provide, but in circles where security is more strict, having DevPod download an executable on each new run is a hard sell.

HackerNews has articles on supply chain attacks almost weekly now, it can happen to any of us where our creds get leaked, someone sees a popular repo like this one, and swaps out a binary in releases with something malicious.

Which alternative solutions exist?

It's great that the AGENT_URL parameter is available, this makes it easier to be sure the agent remains the same on each run if I self host. Getting friends and colleagues of all levels to remember setting it is difficult though.

What would be a great middle ground is if the DevPod client that's spinning up an environment validates a checksum of the agent on each download. Looking at how DevPod is compiled I can imagine this may be a tad difficult. The agent and the CLI are bundled in a single binary, so computing and embedding a checksum isn't possible (to my knowledge, at least). However if you guys were open to providing a stripped down additional binary of just the agent, you could compute checksum and bundle it in the CLI and Desktop app. With this if the unfortunate scenario happens where a binary is swapped out post release, red flags start going off within the app before executing.

A secondary option; as SSH access is available it's could be an option to upload the binary from the users machine to the remote environment, and that saves the effort of having to do checksums. The binary size would be greater, but it may be a worthwhile trade off.

Happy to discuss further if you find either of these interesting. Thanks!

[pascalbreuninger]

Hey @dustinblackman, thanks for raising the concern and the detailed elaboration. We agree that we should validate the checksum against the latest release before we download the agent on any machine - we'll introduce a new pipeline to do this soon-ish (not exactly sure when but in the next couple of weeks).

Why we download from the releases page sometimes is because of potentially different architectures of DevPod on your host machine and your target machine