From a22df7d89dc52a2af1cff35e6eaba2084ecd0696 Mon Sep 17 00:00:00 2001 From: Yuriy Andamasov Date: Sun, 10 May 2026 23:07:12 +0300 Subject: fix(ci): prepare on GitHub-hosted ubuntu + PR comment on skip MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Two more Copilot findings on b0fdd07: 1. line 35 — defense in depth: prepare on self-hosted is risky. Even though the prepare job doesn't execute fork code (it only does git diff / git show / file reads — never pip install, npm install, build, or tests), Copilot's right that running fork content on a self-hosted runner with internal-network access is the wrong default. A future maintainer who innocently adds a "run linter" step to prepare could turn it into an attack vector against the VyOS internal network or a persistence mechanism on the host. Moved prepare to runs-on: ubuntu-latest. GitHub-hosted runners are ephemeral, isolated, and have no path to internal services. The trusted validate job stays on [self-hosted, web]; the split-job artifact bridges the trust boundary as before. Side benefit: removes the runner-side dependency on jq/gh/git for the prepare job (those are pre-installed on ubuntu-latest). 2. line 149 — skip-notice discoverability. When secrets are missing the workflow only emits ::notice:: in the run logs. Contributors checking the PR timeline have no reason to click through to the run page. Added a new step that posts an actual PR comment via gh pr comment when skip=true, running with GH_TOKEN: ${{ github.token }} (the validate job already has pull-requests: write). The ::notice:: annotation is preserved alongside. 🤖 Generated by [robots](https://vyos.io) --- .github/workflows/ai-validation.yml | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) (limited to '.github/workflows') diff --git a/.github/workflows/ai-validation.yml b/.github/workflows/ai-validation.yml index 689b9b4e..c9861ff3 100644 --- a/.github/workflows/ai-validation.yml +++ b/.github/workflows/ai-validation.yml @@ -25,8 +25,17 @@ jobs: # expanding the attack surface to any future shell change in this job. # The validate job below performs the secrets-availability check and # skips with a notice if any are missing. + # Untrusted prepare runs on GitHub-hosted ubuntu-latest, NOT the + # self-hosted web pool. Even though this job doesn't execute fork code + # (it only does git diff / git show / file reads — never pip install, + # npm install, build, or tests), GitHub-hosted runners are ephemeral + # and isolated, so a future maintainer who adds a build step to prepare + # cannot accidentally turn it into an attack vector against internal + # network services or persist state across runs on the self-hosted + # host. The trusted validate job below stays on self-hosted web; the + # split-job artifact bridges the trust boundary. prepare: - runs-on: [self-hosted, web] + runs-on: ubuntu-latest permissions: contents: read steps: @@ -148,6 +157,19 @@ jobs: echo "skip=false" >> "$GITHUB_OUTPUT" fi + # Surface the skip to PR authors as a normal review comment in + # addition to the workflow ::notice:: annotation (which only appears + # on the run page). This way a maintainer reviewing the PR sees the + # skip in the same place as other automated review feedback. + - name: Notify on PR (when skipping) + if: steps.secrets-check.outputs.skip == 'true' + env: + GH_TOKEN: ${{ github.token }} + run: | + gh pr comment "${{ github.event.pull_request.number }}" \ + --repo "${{ github.repository }}" \ + --body "AI Validation skipped — required secrets are not configured on this repo (\`ANTHROPIC_API_KEY\`, \`VYOS_APP_ID\`, \`VYOS_APP_PRIVATE_KEY\`). Maintainers: see the workflow run for details." + - name: Download PR input if: steps.secrets-check.outputs.skip != 'true' uses: actions/download-artifact@v4 -- cgit v1.2.3