Skip to content

Commit 8caa192

Browse files
Brucedhchristophetd
Brucedh
and
christophetd
authored
New attack technique: Invoke Bedrock Model (#581)
* New attack technique: Invoke Bedrock Model * Generate docs * Use context.Background() instead of context.TODO() * Simplify error handling logic * Rename wrapper to be a package-visible struct only * added detection recommendations * fixed detection * fixed detection * fixed detection * autogenerate docs * Added call to GetFoundationModelAvailability * Updated docs, including the Permiso article * Add Permiso ref * Error handling and avoid using context.TODO() * Autogen docs * Added calls to ListFoundationModelAgreementOffers, CreateFoundationModelAgreement, PutFoundationModelEntitlement * changed idempotent to false * Autogen docs * Rework Bedrock attack * autogenerate docs * only create use-case and model agreement once per account * Update docs * Update docs and refactor signature functions * Better error descriptions and remove incorrect status code check * Refactor methods inside a struct * Add detonation logs * Revert unnecessary Go version changes * Use go 1.21 in CI * Fix CI * Fix base Docker image * Make final Stratus binary smaller by removing debug symbols * Upgrade staticcheck * Attempt using staticcheck 2023.1.4 * Install the appropriate Go version for staticcheck * allow raw.githubusercontent.com network call in staticcheck CI * Fix SAST findings --------- Co-authored-by: Christophe Tafani-Dereeper <[email protected]>
1 parent 49c50c4 commit 8caa192

File tree

19 files changed

+1949
-32
lines changed

19 files changed

+1949
-32
lines changed

.github/workflows/docker.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,7 @@ jobs:
3232
pkg-containers.githubusercontent.com:443
3333
production.cloudflare.docker.com:443
3434
proxy.golang.org:443
35+
sum.golang.org:443
3536
registry-1.docker.io:443
3637
storage.googleapis.com:443
3738
*.actions.githubusercontent.com:443

.github/workflows/release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ jobs:
4141
- name: Set up Go
4242
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
4343
with:
44-
go-version: 1.19
44+
go-version: 1.21
4545
- name: Run GoReleaser
4646
timeout-minutes: 60
4747
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0

.github/workflows/static-analysis.yml

Lines changed: 3 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -27,18 +27,15 @@ jobs:
2727
storage.googleapis.com:443
2828
sum.golang.org:443
2929
golang.org:443
30+
sum.golang.org:443
3031
*.actions.githubusercontent.com:443
3132
objects.githubusercontent.com:443
33+
raw.githubusercontent.com:443
3234
go.dev:443
3335
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
3436
with:
3537
fetch-depth: 1
36-
- name: Set up Go
37-
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
38-
with:
39-
go-version: 1.19
4038
- uses: dominikh/staticcheck-action@fe1dd0c3658873b46f8c9bb3291096a617310ca6
4139
with:
42-
version: "2022.1"
43-
install-go: false
40+
install-go: true
4441
working-directory: "./v2"

.github/workflows/test.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ jobs:
2626
objects.githubusercontent.com:443
2727
go.dev:443
2828
golang.org:443
29+
sum.golang.org:443
2930
api.github.com:443
3031
*.actions.githubusercontent.com:443
3132
- name: Checkout repository
@@ -34,7 +35,7 @@ jobs:
3435
- name: Set up Go
3536
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
3637
with:
37-
go-version: 1.19
38+
go-version: 1.21
3839

3940
- name: Run unit tests
4041
run: make test

Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
FROM golang:1.20.4-alpine3.16@sha256:6469405d7297f82d56195c90a3270b0806ef4bd897aa0628477d9959ab97a577 AS builder
1+
FROM golang:1.21.13-alpine3.20@sha256:2414035b086e3c42b99654c8b26e6f5b1b1598080d65fd03c7f499552ff4dc94 AS builder
22
ARG VERSION=dev-snapshot
33
RUN mkdir /build
44
RUN apk add --update make

Makefile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ export GO111MODULE=on
1010
BIN_DIR := $(ROOT_DIR)/bin
1111

1212
# Define go flags
13-
GOFLAGS := -ldflags="-X main.BuildVersion=$(BUILD_VERSION)"
13+
GOFLAGS := -ldflags="-X main.BuildVersion=$(BUILD_VERSION) -w"
1414

1515
.PHONY: build docs test thirdparty-licenses mocks
1616

@@ -44,4 +44,4 @@ mocks:
4444
@cd v2 && mockery --name=StateManager --dir internal/state --output internal/state/mocks
4545
@cd v2 && mockery --name=TerraformManager --dir pkg/stratus/runner --output pkg/stratus/runner/mocks
4646
@cd v2 && mockery --name=FileSystem --structname FileSystemMock --dir internal/state --output internal/state/mocks
47-
@echo "Mocks generated successfully."
47+
@echo "Mocks generated successfully."

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ See the documentation at **[stratus-red-team.cloud](https://stratus-red-team.clo
3333

3434
### Direct install
3535

36-
Requires Go 1.19+
36+
Requires Go 1.21+
3737

3838
```
3939
go install -v github.com/datadog/stratus-red-team/v2/cmd/stratus@latest

0 commit comments

Comments
 (0)