From 99b66d41cebe77635aa864b6c9c052817971383d Mon Sep 17 00:00:00 2001 From: Derek Carr Date: Sat, 9 May 2026 18:46:59 -0400 Subject: [PATCH] feat(driver-kubernetes): disable service account token auto-mounting Disables automountServiceAccountToken in sandbox pods for security hardening. Sandbox pods should not have access to the Kubernetes API by default. Adds test case to verify the pod spec includes the disabled setting. Signed-off-by: Derek Carr --- .../openshell-driver-kubernetes/src/driver.rs | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/crates/openshell-driver-kubernetes/src/driver.rs b/crates/openshell-driver-kubernetes/src/driver.rs index 668a18d8c..51a838277 100644 --- a/crates/openshell-driver-kubernetes/src/driver.rs +++ b/crates/openshell-driver-kubernetes/src/driver.rs @@ -1064,6 +1064,13 @@ fn sandbox_template_to_k8s( } } + // Disable service account token auto-mounting for security hardening. + // Sandbox pods should not have access to the Kubernetes API by default. + spec.insert( + "automountServiceAccountToken".to_string(), + serde_json::json!(false), + ); + let mut container = serde_json::Map::new(); container.insert("name".to_string(), serde_json::json!("agent")); // Use template image if provided, otherwise fall back to default @@ -2116,6 +2123,26 @@ mod tests { ); } + #[test] + fn automount_service_account_token_is_disabled() { + let pod_template = { + let params = SandboxPodParams::default(); + sandbox_template_to_k8s( + &SandboxTemplate::default(), + false, + &std::collections::HashMap::new(), + true, + ¶ms, + ) + }; + + assert_eq!( + pod_template["spec"]["automountServiceAccountToken"], + serde_json::json!(false), + "service account token auto-mounting must be disabled for security hardening" + ); + } + #[test] fn platform_config_bool_extracts_value() { let template = SandboxTemplate {