I am building a Rails application that manages different K8s clusters for different customers.
Basically the Rails application works like this:
- The tenant writes some YAML files for configuring his own cluster
- The Rails app connects to the cluster of the customer and applies the new configuration
Is it safe to use kubectl for this use case?
- Can a malicious YAML file passed to kubectl produce file access, environment variables access, arbitrary code execution, etc. on the server that makes the API call to K8s?
- Can a malicious K8s response to a request made by kubectl cause similar security issues?
It would be useful to document whether kubectl is appropriate or not to be used in shared / multi-tenant environments with untrusted inputs (YAML configuration, etc).
Thanks in advance