Merge pull request #17 from KongZ/fix-buff-overflow

fix possible memory overflow and update skills

Author: KongZ

Dockerfile

@@ -70,6 +70,7 @@ RUN groupadd -g 1000 kubeai && \
     chown -R kubeai:kubeai /home/kubeai
 
 COPY --from=builder /src/kubeai-chatbot /bin/kubeai-chatbot
+COPY skills/ /home/kubeai/skills/
 RUN ln -sf /opt/tools/kubectl/bin/kubectl /bin/kubectl
 
 USER kubeai

charts/kubeai-chatbot/values.yaml

@@ -161,18 +161,18 @@ autoscaling:
   # targetMemoryUtilizationPercentage: 80
 
 # Additional volumes on the output Deployment definition.
-# Example: mount a skills ConfigMap:
+# Example: mount a skills ConfigMap as a subfolder inside the built-in skills directory:
 # volumes:
-#   - name: skills
+#   - name: custom-skills
 #     configMap:
-#       name: kubeai-skills
+#       name: kubeai-custom-skills
 volumes: []
 
 # Additional volumeMounts on the output Deployment definition.
-# Example: mount a skills ConfigMap at /etc/kubeai/skills:
+# Example: mount custom skills into a subfolder so built-in skills are preserved:
 # volumeMounts:
-#   - name: skills
-#     mountPath: /etc/kubeai/skills
+#   - name: custom-skills
+#     mountPath: /home/kubeai/skills/custom
 #     readOnly: true
 volumeMounts: []
 
@@ -229,11 +229,12 @@ env:
   # MCP_SERVERS: ""
 
   ## Skills Configuration
-  ## Path to a directory containing skill .md files (YAML frontmatter + instructions).
-  ## Mount a ConfigMap with your skill files and set SKILLS_DIR to the mount path.
-  ## Example: create a ConfigMap with key "debug-crashloop.md" and mount it below.
+  ## Path to the skills directory. Skills are loaded from .md files in this directory
+  ## and one level of subdirectories. Built-in skills ship with the image at this path.
+  ## Mount a ConfigMap into a subdirectory (e.g. /home/kubeai/skills/custom) to add
+  ## custom skills without overwriting the built-in ones.
   #
-  # SKILLS_DIR: "/etc/kubeai/skills"
+  # SKILLS_DIR: "/home/kubeai/skills"
 
   ## Authentication Configuration
   #

pkg/agent/systemprompt_template_default.txt

@@ -101,11 +101,14 @@ You can execute commands that modify resources automatically without requesting
 
 {{if .Skills}}
 ## Available Skills:
-The following skills provide specialized guidance for common tasks. Apply the most relevant skill's instructions when the user's request matches:
+The following skills provide authoritative, environment-specific guidance. When a skill matches the user's request, you MUST:
+- Follow the skill's instructions as the **sole source of truth** for that topic.
+- **Do NOT** supplement with general knowledge, training data, or assumptions about the technology.
+- **Do NOT** suggest any concept, resource type, CRD, or step that is not explicitly mentioned in the skill.
+- If the user's issue is not covered by the skill, say: "This is outside what I have documented for this topic." Do not guess.
+
 {{range .Skills}}- **{{.Name}}**: {{.Description}}
 {{end}}
-When a skill is relevant, follow its step-by-step instructions to handle the task.
-
 {{end}}
 ## Command Structuring Guidelines:
 **IMPORTANT:**

pkg/skills/loader.go

@@ -38,7 +38,27 @@ func LoadFromDir(dir string) ([]Skill, error) {
 
 	var result []Skill
 	for _, entry := range entries {
-		if entry.IsDir() || !strings.HasSuffix(entry.Name(), ".md") {
+		if entry.IsDir() {
+			subEntries, err := os.ReadDir(filepath.Join(dir, entry.Name()))
+			if err != nil {
+				return nil, fmt.Errorf("reading skills subdirectory %s: %w", entry.Name(), err)
+			}
+			for _, subEntry := range subEntries {
+				if subEntry.IsDir() || !strings.HasSuffix(subEntry.Name(), ".md") {
+					continue
+				}
+				skill, err := loadFile(filepath.Join(dir, entry.Name(), subEntry.Name()))
+				if err != nil {
+					return nil, fmt.Errorf("loading skill %s/%s: %w", entry.Name(), subEntry.Name(), err)
+				}
+				if skill.Name == "" {
+					continue
+				}
+				result = append(result, skill)
+			}
+			continue
+		}
+		if !strings.HasSuffix(entry.Name(), ".md") {
 			continue
 		}
 		skill, err := loadFile(filepath.Join(dir, entry.Name()))

pkg/skills/skills_test.go

@@ -133,12 +133,25 @@ func TestLoadFromDir_MultipleSkills(t *testing.T) {
 	assert.Contains(t, names, "skill-b")
 }
 
-func TestLoadFromDir_SkipsSubdirectories(t *testing.T) {
+func TestLoadFromDir_LoadsSubdirectories(t *testing.T) {
 	dir := t.TempDir()
-	subdir := filepath.Join(dir, "subdir")
+	subdir := filepath.Join(dir, "custom")
 	require.NoError(t, os.Mkdir(subdir, 0o755))
 	writeSkillFile(t, subdir, "nested.md", "---\nname: nested\n---\nBody.")
 
+	loaded, err := LoadFromDir(dir)
+	require.NoError(t, err)
+	require.Len(t, loaded, 1)
+	assert.Equal(t, "nested", loaded[0].Name)
+}
+
+func TestLoadFromDir_SkipsDeepSubdirectories(t *testing.T) {
+	dir := t.TempDir()
+	subdir := filepath.Join(dir, "custom")
+	deepdir := filepath.Join(subdir, "deep")
+	require.NoError(t, os.MkdirAll(deepdir, 0o755))
+	writeSkillFile(t, deepdir, "deep.md", "---\nname: deep\n---\nBody.")
+
 	loaded, err := LoadFromDir(dir)
 	require.NoError(t, err)
 	assert.Empty(t, loaded)
@@ -231,3 +244,4 @@ func TestRegistry_MatchNoMatch(t *testing.T) {
 	r.Register(Skill{Name: "crashloop", Triggers: []string{"crashloop"}})
 	assert.Empty(t, r.Match("everything is fine today"))
 }
+

pkg/ui/slack/slack.go

@@ -299,6 +299,7 @@ func (s *SlackUI) handleAuthSuccess(w http.ResponseWriter, r *http.Request) {
 
 	if identity == nil {
 		// Re-trigger login if no identity found
+		r.Body = http.MaxBytesReader(w, r.Body, 1<<20) // 1 MB limit for form body (SAML/OIDC POST)
 		state := r.FormValue("state")
 		if state == "" {
 			state = r.FormValue("RelayState")

skills/debug-piggy.md skills/piggy-webhooks.mdskills/debug-piggy.md renamed to skills/piggy-webhooks.md

@@ -6,14 +6,24 @@ triggers:
   - piggysec
   - piggy-env
   - piggy-webhooks
-  - install-piggy-env
   - PIGGY_ALLOWED_SA
   - secrets injection
   - secret manager
+  - decision not allowed
+  - install-piggy-env
+  - piggysec.com
+  - piggy-initial-delay
+  - piggy-enforce-integrity
+  - piggy-ignore-no-env
+  - piggy-number-of-retry
+  - piggy-address
+  - piggy-aws-secret-name
 ---
 
 Piggy is a Kubernetes mutating admission webhook that injects AWS Secrets Manager secrets into pod environments via a `piggy-env` init container. Follow this step-by-step diagnostic process.
 
+> **Note:** Piggy is configured entirely through **Kubernetes annotations** and **environment variables** on the `piggy-webhooks` deployment. There are no CRDs, no PiggyPolicy resources. All configuration is annotation-based.
+
 ## How Piggy Works (Context)
 
 When a pod is created:
@@ -22,7 +32,8 @@ When a pod is created:
   2. Piggy Webhooks injects an `install-piggy-env` init container into the pod.
   3. At runtime, `piggy-env` starts and contacts Piggy Webhooks over TLS, sending the pod's service account token, pod name, and a command signature (SHA256).
   4. Piggy Webhooks validates credentials via the Kubernetes Token Review API, exchanges the service account token for temporary AWS credentials via STS, then fetches secrets from AWS Secrets Manager.
-  5. `piggy-env` receives the secrets and replaces any environment variable prefixed with `piggy:` with the real value.
+  5. Piggy Webhooks checks the `PIGGY_ALLOWED_SA` field in the secret. If the pod's service account (`<namespace>:<service-account>`) is listed there, the request is authorized and the secret is returned. If the service account is **not** listed, Piggy Webhooks rejects the request and logs `"decision not allowed"`. The pod (`piggy-env`) receives no secret and retries according to `piggysec.com/piggy-number-of-retry`; retry attempts appear in the pod logs.
+  6. `piggy-env` receives the secrets and replaces any environment variable prefixed with `piggy:` with the real value.
 
 ## Diagnostic Steps
 
@@ -32,11 +43,17 @@ When a pod is created:
 kubectl describe pod <pod-name> -n <namespace> --context <ctx>
 ```
 
+A pod has been mutated by Piggy if **any** of the following are present:
+
+  - The `install-piggy-env` init container appears in `Init Containers:`
+  - The annotation `piggysec.com/piggy-uid` is set on the pod
+  - The environment variable `PIGGY_UID` is injected into the application container
+
 Look for the `install-piggy-env` init container in `Init Containers:`:
 
   - `Exit Code: 0` — init container succeeded; continue to Step 2.
   - Non-zero `Exit Code` or `State: Waiting` — init container failed; see Troubleshooting below.
-  - No `install-piggy-env` container at all — pod was never mutated; see "Pod Not Mutated" below.
+  - No `install-piggy-env` container, no `piggysec.com/piggy-uid` annotation, and no `PIGGY_UID` env var — pod was never mutated; see "Pod Not Mutated" below.
 
 Also check that your application container's `Command` starts with `/piggy/piggy-env`: