summaryrefslogtreecommitdiff
path: root/.github/workflows
diff options
context:
space:
mode:
authorYuriy Andamasov <yuriy@vyos.io>2026-05-10 23:07:12 +0300
committerYuriy Andamasov <yuriy@vyos.io>2026-05-10 23:07:12 +0300
commita22df7d89dc52a2af1cff35e6eaba2084ecd0696 (patch)
tree46b9bd77604dd44b67e37b6f297381485f202f02 /.github/workflows
parent610b2a4d9b00226460d5de5c9a513681a63d61a9 (diff)
downloadvyos-documentation-a22df7d89dc52a2af1cff35e6eaba2084ecd0696.tar.gz
vyos-documentation-a22df7d89dc52a2af1cff35e6eaba2084ecd0696.zip
fix(ci): prepare on GitHub-hosted ubuntu + PR comment on skip
Two more Copilot findings on b0fdd07: 1. line 35 — defense in depth: prepare on self-hosted is risky. Even though the prepare job doesn't execute fork code (it only does git diff / git show / file reads — never pip install, npm install, build, or tests), Copilot's right that running fork content on a self-hosted runner with internal-network access is the wrong default. A future maintainer who innocently adds a "run linter" step to prepare could turn it into an attack vector against the VyOS internal network or a persistence mechanism on the host. Moved prepare to runs-on: ubuntu-latest. GitHub-hosted runners are ephemeral, isolated, and have no path to internal services. The trusted validate job stays on [self-hosted, web]; the split-job artifact bridges the trust boundary as before. Side benefit: removes the runner-side dependency on jq/gh/git for the prepare job (those are pre-installed on ubuntu-latest). 2. line 149 — skip-notice discoverability. When secrets are missing the workflow only emits ::notice:: in the run logs. Contributors checking the PR timeline have no reason to click through to the run page. Added a new step that posts an actual PR comment via gh pr comment when skip=true, running with GH_TOKEN: ${{ github.token }} (the validate job already has pull-requests: write). The ::notice:: annotation is preserved alongside. 🤖 Generated by [robots](https://vyos.io)
Diffstat (limited to '.github/workflows')
-rw-r--r--.github/workflows/ai-validation.yml24
1 files changed, 23 insertions, 1 deletions
diff --git a/.github/workflows/ai-validation.yml b/.github/workflows/ai-validation.yml
index 689b9b4e..c9861ff3 100644
--- a/.github/workflows/ai-validation.yml
+++ b/.github/workflows/ai-validation.yml
@@ -25,8 +25,17 @@ jobs:
# expanding the attack surface to any future shell change in this job.
# The validate job below performs the secrets-availability check and
# skips with a notice if any are missing.
+ # Untrusted prepare runs on GitHub-hosted ubuntu-latest, NOT the
+ # self-hosted web pool. Even though this job doesn't execute fork code
+ # (it only does git diff / git show / file reads — never pip install,
+ # npm install, build, or tests), GitHub-hosted runners are ephemeral
+ # and isolated, so a future maintainer who adds a build step to prepare
+ # cannot accidentally turn it into an attack vector against internal
+ # network services or persist state across runs on the self-hosted
+ # host. The trusted validate job below stays on self-hosted web; the
+ # split-job artifact bridges the trust boundary.
prepare:
- runs-on: [self-hosted, web]
+ runs-on: ubuntu-latest
permissions:
contents: read
steps:
@@ -148,6 +157,19 @@ jobs:
echo "skip=false" >> "$GITHUB_OUTPUT"
fi
+ # Surface the skip to PR authors as a normal review comment in
+ # addition to the workflow ::notice:: annotation (which only appears
+ # on the run page). This way a maintainer reviewing the PR sees the
+ # skip in the same place as other automated review feedback.
+ - name: Notify on PR (when skipping)
+ if: steps.secrets-check.outputs.skip == 'true'
+ env:
+ GH_TOKEN: ${{ github.token }}
+ run: |
+ gh pr comment "${{ github.event.pull_request.number }}" \
+ --repo "${{ github.repository }}" \
+ --body "AI Validation skipped — required secrets are not configured on this repo (\`ANTHROPIC_API_KEY\`, \`VYOS_APP_ID\`, \`VYOS_APP_PRIVATE_KEY\`). Maintainers: see the workflow run for details."
+
- name: Download PR input
if: steps.secrets-check.outputs.skip != 'true'
uses: actions/download-artifact@v4