Security Enforcement for Trusted Registries: Only allow module restore from truested registries

Author: jiangmingzhe

src/Bicep.Cli.IntegrationTests/RestoreCommandTests.cs

@@ -655,6 +655,126 @@ public async Task Restore_bicepparam_should_fail_with_error_diagnostics_for_regi
             result.Stderr.Should().Contain("main.bicepparam(1,7) : Error BCP192: Unable to restore the artifact with reference \"br:mockregistry.io/parameters/basic:v1\": Mock registry request failure.");
         }
 
+        // ── Trusted Registry (BCP446 / BCP447) tests ─────────────────────────
+
+        [TestMethod]
+        public async Task Restore_UntrustedRegistry_EmitsBcp446_ExitCodeOne()
+        {
+            // Use an arbitrary hostname that is NOT in the built-in trusted list and NOT in the module's bicepconfig.json
+            var registry = "untrusted.example.com";
+            var repository = "mymodule";
+
+            // The clientFactory is not expected to be called because enforcement blocks before network I/O.
+            var clientFactory = StrictMock.Of<IContainerRegistryClientFactory>();
+            var templateSpecRepositoryFactory = StrictMock.Of<ITemplateSpecRepositoryFactory>();
+
+            var tempDirectory = FileHelper.GetUniqueTestOutputPath(TestContext);
+            Directory.CreateDirectory(tempDirectory);
+
+            var bicepFilePath = Path.Combine(tempDirectory, "main.bicep");
+            File.WriteAllText(bicepFilePath, $"module mod 'br:{registry}/{repository}:v1' = {{ name: 'mod' }}");
+
+            var settings = new InvocationSettings(new(TestContext, RegistryEnabled: true), clientFactory.Object, templateSpecRepositoryFactory.Object);
+            var (output, error, result) = await Bicep(settings, "restore", bicepFilePath);
+
+            using (new AssertionScope())
+            {
+                result.Should().Be(1);
+                output.Should().BeEmpty();
+                error.Should().Contain("BCP446");
+                error.Should().Contain(registry);
+            }
+        }
+
+        [TestMethod]
+        public async Task Restore_UntrustedRegistry_AddedToTrustedRegistries_Succeeds()
+        {
+            var registry = "mycompany.example.com";
+            var repository = "mymodule";
+            var registryUri = new Uri($"https://{registry}");
+
+            // Publish a real (mock) module so restore can succeed
+            var client = new FakeRegistryBlobClient();
+            var clientFactory = StrictMock.Of<IContainerRegistryClientFactory>();
+            clientFactory
+                .Setup(m => m.CreateAuthenticatedBlobClient(It.IsAny<CloudConfiguration>(), registryUri, repository))
+                .Returns(client);
+
+            var tempDirectory = FileHelper.GetUniqueTestOutputPath(TestContext);
+            Directory.CreateDirectory(tempDirectory);
+
+            var publishedBicepFilePath = Path.Combine(tempDirectory, "module.bicep");
+            File.WriteAllText(publishedBicepFilePath, "output hello string = 'world'");
+
+            var templateSpecRepositoryFactory = BicepTestConstants.TemplateSpecRepositoryFactory;
+            var publishSettings = new InvocationSettings(new(TestContext, RegistryEnabled: true), clientFactory.Object, templateSpecRepositoryFactory);
+
+            // Publish the module
+            var (_, _, publishResult) = await Bicep(publishSettings, "publish", publishedBicepFilePath, "--target", $"br:{registry}/{repository}:v1");
+            publishResult.Should().Be(0);
+
+            // Write a bicepconfig.json that adds the registry to trustedRegistries
+            var bicepConfigPath = Path.Combine(tempDirectory, "bicepconfig.json");
+            File.WriteAllText(bicepConfigPath, $$"""
+                {
+                  "security": {
+                    "trustedRegistries": ["{{registry}}"]
+                  }
+                }
+                """);
+
+            var bicepFilePath = Path.Combine(tempDirectory, "main.bicep");
+            File.WriteAllText(bicepFilePath, $"module mod 'br:{registry}/{repository}:v1' = {{ name: 'mod' }}");
+
+            var restoreSettings = new InvocationSettings(new(TestContext, RegistryEnabled: true), clientFactory.Object, templateSpecRepositoryFactory);
+            var (output, error, result) = await Bicep(restoreSettings, "restore", bicepFilePath);
+
+            using (new AssertionScope())
+            {
+                result.Should().Be(0, $"restore should succeed when registry is in trustedRegistries; stderr was: {error}");
+                output.Should().BeEmpty();
+                error.Should().BeEmpty();
+            }
+        }
+
+        [TestMethod]
+        public async Task Restore_InvalidTrustedRegistriesPattern_EmitsBcp447_ExitCodeOne()
+        {
+            // Use a registry hostname that IS trusted by default but the bicepconfig has an invalid pattern
+            var registry = "contoso.azurecr.io";
+            var repository = "mymodule";
+
+            var clientFactory = StrictMock.Of<IContainerRegistryClientFactory>();
+            var templateSpecRepositoryFactory = StrictMock.Of<ITemplateSpecRepositoryFactory>();
+
+            var tempDirectory = FileHelper.GetUniqueTestOutputPath(TestContext);
+            Directory.CreateDirectory(tempDirectory);
+
+            // Write a bicepconfig.json with an invalid pattern (single-label wildcard *.io is rejected)
+            var bicepConfigPath = Path.Combine(tempDirectory, "bicepconfig.json");
+            File.WriteAllText(bicepConfigPath, """
+                {
+                  "security": {
+                    "trustedRegistries": ["*.io"]
+                  }
+                }
+                """);
+
+            var bicepFilePath = Path.Combine(tempDirectory, "main.bicep");
+            File.WriteAllText(bicepFilePath, $"module mod 'br:{registry}/{repository}:v1' = {{ name: 'mod' }}");
+
+            var settings = new InvocationSettings(new(TestContext, RegistryEnabled: true), clientFactory.Object, templateSpecRepositoryFactory.Object);
+            var (output, error, result) = await Bicep(settings, "restore", bicepFilePath);
+
+            using (new AssertionScope())
+            {
+                result.Should().Be(1);
+                output.Should().BeEmpty();
+                error.Should().Contain("BCP447");
+                error.Should().Contain("*.io");
+            }
+        }
+
         private static IEnumerable<object[]> GetAllDataSetsWithPublishSource()
         {
             foreach (DataSet ds in DataSets.AllDataSets)

src/Bicep.Core.Samples/Files/baselines/Registry_LF/bicepconfig.json

@@ -15,5 +15,14 @@
         "modulePath": "demo"
       }
     }
+  },
+  "security": {
+    "trustedRegistries": [
+      "mock-registry-one.invalid",
+      "mock-registry-two.invalid",
+      "localhost",
+      "127.0.0.1",
+      "[::1]"
+    ]
   }
 }

src/Bicep.Core.UnitTests/Configuration/ConfigurationManagerTests.cs

@@ -121,6 +121,9 @@ public void GetBuiltInConfiguration_NoParameter_ReturnsBuiltInConfigurationWithA
           "insertFinalNewline": true,
           "indentSize": 2,
           "width": 120
+        },
+        "security": {
+          "trustedRegistries": []
         }
       }
       """);
@@ -205,6 +208,9 @@ public void GetBuiltInConfiguration_DisableAllAnalyzers_ReturnsBuiltInConfigurat
           "insertFinalNewline": true,
           "indentSize": 2,
           "width": 120
+        },
+        "security": {
+          "trustedRegistries": []
         }
       }
       """);
@@ -311,6 +317,9 @@ public void GetBuiltInConfiguration_DisableAnalyzers_ReturnsBuiltInConfiguration
           "insertFinalNewline": true,
           "indentSize": 2,
           "width": 120
+        },
+        "security": {
+          "trustedRegistries": []
         }
       }
       """);
@@ -483,6 +492,9 @@ public void GetBuiltInConfiguration_EnableExperimentalFeature_ReturnsBuiltInConf
                 "insertFinalNewline": true,
                 "indentSize": 2,
                 "width": 120
+            },
+            "security": {
+              "trustedRegistries": []
             }
             }
             """);
@@ -835,6 +847,9 @@ public void GetConfiguration_ValidCustomConfiguration_OverridesBuiltInConfigurat
                     "insertFinalNewline": true,
                     "indentSize": 2,
                     "width": 80
+                  },
+                  "security": {
+                    "trustedRegistries": []
                   }
                 }
                 """);