Skip to content

[AAASM-3993] 🔧 (ci): Least-privilege permissions + minimize reusable-wf secret exposure#201

Merged
Chisanan232 merged 9 commits into
masterfrom
v0.0.1/AAASM-3993/config/ci_least_privilege
Jul 2, 2026
Merged

[AAASM-3993] 🔧 (ci): Least-privilege permissions + minimize reusable-wf secret exposure#201
Chisanan232 merged 9 commits into
masterfrom
v0.0.1/AAASM-3993/config/ci_least_privilege

Conversation

@Chisanan232

Copy link
Copy Markdown
Contributor

Description

CI supply-chain hardening for the python-sdk GitHub Actions workflows.

AAASM-3993 — least-privilege permissions. Adds a top-level permissions: contents: read block to every workflow that previously declared none: benchmarks.yml, ci.yaml, ci_includes_e2e_test.yaml, native-core-build.yml, type-check.yml, and the two reusable workflows rw_build_and_test.yaml / rw_run_all_test_and_record.yaml. Every job here only checks out and runs tests/builds — none pushes commits, comments on PRs, or deploys — so contents: read is sufficient. For the reusable workflows this also caps the GITHUB_TOKEN handed to the third-party workflows they call. Coverage/Sonar uploads use their own secret tokens, and artifact up/download use the Actions runtime token, so nothing needs write.

AAASM-3994 — minimize reusable-workflow secret exposure. The two reusable workflows call Chisanan232/GitHub-Action_Reusable_Workflows-Python/... (a personal-account reusable workflow). The key mitigation — a 40-char commit-SHA pin on every uses: — is already in place and kept as-is. On review, the forwarded secrets are already scoped per call: rw_build_and_test.yaml forwards e2e_test_api_token (Slack) only to the e2e job (unit/integration forward none); rw_run_all_test_and_record.yaml forwards only codecov_token to each *_codecov_finish call, and sonar_token is used solely by the local sonarcloud_finish job (SonarSource action) — never forwarded to the third party. This PR adds documenting comments capturing that trust assumption plus a TODO(AAASM-3994) to vendor the workflow into the ai-agent-assembly org (or pin a signed release) as the full long-term fix.

Type of Change

  • 🔧 Bug fix (CI hardening; no runtime code change)

Breaking Changes

  • No

Related Issues

  • Refs AAASM-3993
  • Closes AAASM-3994

Testing

  • Validated all changed workflows with actionlint — no new findings (pre-existing shellcheck nits inside untouched run: blocks remain, out of scope).
  • No tests required — YAML/workflow-only permissions + comments; no push/comment/deploy job affected.

Checklist

  • Code follows project style guidelines
  • Self-review completed
  • Comments added for complex logic (trust assumption + TODO)
  • All SHA pins confirmed 40-char

Chisanan232 and others added 9 commits July 2, 2026 13:28
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01MvjnG3ysnqTY6Gu1wQ2h73
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01MvjnG3ysnqTY6Gu1wQ2h73
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01MvjnG3ysnqTY6Gu1wQ2h73
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01MvjnG3ysnqTY6Gu1wQ2h73
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01MvjnG3ysnqTY6Gu1wQ2h73
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01MvjnG3ysnqTY6Gu1wQ2h73
… workflow

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01MvjnG3ysnqTY6Gu1wQ2h73
…uild_and_test

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01MvjnG3ysnqTY6Gu1wQ2h73
…un_all_test_and_record

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01MvjnG3ysnqTY6Gu1wQ2h73
@codecov

codecov Bot commented Jul 2, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@sonarqubecloud

sonarqubecloud Bot commented Jul 2, 2026

Copy link
Copy Markdown

@Chisanan232

Copy link
Copy Markdown
Contributor Author

🤖 Claude Code — PR Review

Verdict: APPROVE (scope-clean). [AAASM-3993 + AAASM-3994 — python]

Adds a top-level least-privilege permissions: contents: read to 7 workflows: benchmarks.yml, ci.yaml, ci_includes_e2e_test.yaml, native-core-build.yml, rw_build_and_test.yaml, rw_run_all_test_and_record.yaml, type-check.yml.

No job starved of scope: these are checkout + test/build/lint/benchmark workflows. Codecov upload authenticates via codecov_token (a repo secret, not GITHUB_TOKEN write) and Sonar via sonar_token; no job pushes, comments, or deploys, so contents: read is sufficient. Setting it on the reusable rw_* workflows also correctly caps the token granted to the third-party workflows they call.

AAASM-3994 (reusable-wf supply chain): documented in-place — trust bounded by the 40-char commit-SHA pins (retained), secrets already per-call minimized (e2e_test_api_token only to run_e2e-test; codecov_token only to codecov-finish; sonar_token never forwarded to the third party), with a TODO(AAASM-3994) to vendor the workflow. Correct minimization, no over-scoping.

YAML valid — full CI is green (21/21). Additive, config-only.

@Chisanan232 Chisanan232 marked this pull request as ready for review July 2, 2026 06:06
@Chisanan232 Chisanan232 merged commit a75b74c into master Jul 2, 2026
25 checks passed
@Chisanan232 Chisanan232 deleted the v0.0.1/AAASM-3993/config/ci_least_privilege branch July 2, 2026 06:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant