diff options
| author | Yuriy Andamasov <yuriy@vyos.io> | 2026-05-29 12:15:36 +0300 |
|---|---|---|
| committer | Yuriy Andamasov <yuriy@vyos.io> | 2026-05-29 12:15:36 +0300 |
| commit | 1fa39bd7ac64898f7a21922bc0f195d115d3cdeb (patch) | |
| tree | 223d18bbeca66b00b432cb6892cda28a6eef2f11 /docs/contributing | |
| parent | 5da6f5c1671f5ac0b6e431d1ec17b1fe26e5c3c5 (diff) | |
| download | vyos-documentation-1fa39bd7ac64898f7a21922bc0f195d115d3cdeb.tar.gz vyos-documentation-1fa39bd7ac64898f7a21922bc0f195d115d3cdeb.zip | |
ci(ai-validation): allow Pass 2 review on external-contributor PRs
The upstream `anthropics/claude-code-action` performs a write-permission
check on `github.actor` before our skip logic runs. On `pull_request_target`
the actor is the PR author; external contributors resolve to `read` and the
action exits 1 with `Actor does not have write permissions to the repository`.
Net effect: AI validation has been failing on every external-contributor PR
(LiudmylaNad, teslazonda, scottlaird in the last 4 weeks) while succeeding
on maintainer PRs. Failure reproduced on run 26541079685 (PR #2061).
Fix: set `allowed_non_write_users: '*'` on the Pass 2 step. The action
bypasses the actor check when this input is set and `github_token` is
provided (already the case). The action also auto-scrubs Anthropic / cloud
/ GHA secrets from subprocess envs when this input is set.
Safe in THIS workflow because the existing defense-in-depth bounds what
Pass 2 can do with untrusted PR content:
- `allowedTools` restricted to inline-comment + read-only surfaces
- `github_token` is the PR-scoped default (not the broader VYOS_APP_ID)
- prompt marks PR content as untrusted via `<UNTRUSTED-PR-CONTENT>`
- workspace-wipe removes `CLAUDE.md` / `.claude/` before Pass 2
- prepare bundles MD via `git show HEAD:<path>` (blob, not `cp`)
Full rationale inlined as a comment block above the new input.
🤖 Generated by [robots](https://vyos.io)
Diffstat (limited to 'docs/contributing')
0 files changed, 0 insertions, 0 deletions
