diff options
| author | Yuriy Andamasov <yuriy@vyos.io> | 2026-05-10 23:07:12 +0300 |
|---|---|---|
| committer | Yuriy Andamasov <yuriy@vyos.io> | 2026-05-10 23:07:12 +0300 |
| commit | a22df7d89dc52a2af1cff35e6eaba2084ecd0696 (patch) | |
| tree | 46b9bd77604dd44b67e37b6f297381485f202f02 | |
| parent | 610b2a4d9b00226460d5de5c9a513681a63d61a9 (diff) | |
| download | vyos-documentation-a22df7d89dc52a2af1cff35e6eaba2084ecd0696.tar.gz vyos-documentation-a22df7d89dc52a2af1cff35e6eaba2084ecd0696.zip | |
fix(ci): prepare on GitHub-hosted ubuntu + PR comment on skip
Two more Copilot findings on b0fdd07:
1. line 35 — defense in depth: prepare on self-hosted is risky.
Even though the prepare job doesn't execute fork code (it only does
git diff / git show / file reads — never pip install, npm install,
build, or tests), Copilot's right that running fork content on a
self-hosted runner with internal-network access is the wrong
default. A future maintainer who innocently adds a "run linter"
step to prepare could turn it into an attack vector against the
VyOS internal network or a persistence mechanism on the host.
Moved prepare to runs-on: ubuntu-latest. GitHub-hosted runners are
ephemeral, isolated, and have no path to internal services. The
trusted validate job stays on [self-hosted, web]; the split-job
artifact bridges the trust boundary as before.
Side benefit: removes the runner-side dependency on jq/gh/git
for the prepare job (those are pre-installed on ubuntu-latest).
2. line 149 — skip-notice discoverability.
When secrets are missing the workflow only emits ::notice:: in
the run logs. Contributors checking the PR timeline have no
reason to click through to the run page. Added a new step that
posts an actual PR comment via gh pr comment when skip=true,
running with GH_TOKEN: ${{ github.token }} (the validate job
already has pull-requests: write).
The ::notice:: annotation is preserved alongside.
🤖 Generated by [robots](https://vyos.io)
| -rw-r--r-- | .github/workflows/ai-validation.yml | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/.github/workflows/ai-validation.yml b/.github/workflows/ai-validation.yml index 689b9b4e..c9861ff3 100644 --- a/.github/workflows/ai-validation.yml +++ b/.github/workflows/ai-validation.yml @@ -25,8 +25,17 @@ jobs: # expanding the attack surface to any future shell change in this job. # The validate job below performs the secrets-availability check and # skips with a notice if any are missing. + # Untrusted prepare runs on GitHub-hosted ubuntu-latest, NOT the + # self-hosted web pool. Even though this job doesn't execute fork code + # (it only does git diff / git show / file reads — never pip install, + # npm install, build, or tests), GitHub-hosted runners are ephemeral + # and isolated, so a future maintainer who adds a build step to prepare + # cannot accidentally turn it into an attack vector against internal + # network services or persist state across runs on the self-hosted + # host. The trusted validate job below stays on self-hosted web; the + # split-job artifact bridges the trust boundary. prepare: - runs-on: [self-hosted, web] + runs-on: ubuntu-latest permissions: contents: read steps: @@ -148,6 +157,19 @@ jobs: echo "skip=false" >> "$GITHUB_OUTPUT" fi + # Surface the skip to PR authors as a normal review comment in + # addition to the workflow ::notice:: annotation (which only appears + # on the run page). This way a maintainer reviewing the PR sees the + # skip in the same place as other automated review feedback. + - name: Notify on PR (when skipping) + if: steps.secrets-check.outputs.skip == 'true' + env: + GH_TOKEN: ${{ github.token }} + run: | + gh pr comment "${{ github.event.pull_request.number }}" \ + --repo "${{ github.repository }}" \ + --body "AI Validation skipped — required secrets are not configured on this repo (\`ANTHROPIC_API_KEY\`, \`VYOS_APP_ID\`, \`VYOS_APP_PRIVATE_KEY\`). Maintainers: see the workflow run for details." + - name: Download PR input if: steps.secrets-check.outputs.skip != 'true' uses: actions/download-artifact@v4 |
