Skip to content

Security hardening: GitHub Actions workflows#124

Merged
Bryan-Roe merged 1 commit into
mainfrom
copilot/fix-github-actions
Apr 30, 2026
Merged

Security hardening: GitHub Actions workflows#124
Bryan-Roe merged 1 commit into
mainfrom
copilot/fix-github-actions

Conversation

Copilot AI commented Apr 30, 2026

Copy link
Copy Markdown
Contributor

Multiple security gaps in the GitHub Actions CI surface: credential exposure via workflow inputs, unpinned third-party actions (supply-chain risk), missing least-privilege permissions, and shell injection vectors.

Critical — credential leak

quantum-orchestration.yml: Removed AZURE_CREDENTIALS as a workflow_dispatch string input — values appear in the GitHub Actions UI and runner logs. Credentials now come exclusively from the repository secret.

# Before — credential JSON visible in run UI and logs
inputs:
  AZURE_CREDENTIALS:
    type: string

# After — secret-only, never via input
creds: ${{ secrets.AZURE_CREDENTIALS }}

High — supply-chain pinning

All 9 third-party actions pinned to immutable commit SHAs; floating tags (@v1, @v2) can be silently redirected.

Action Pinned to
dawidd6/action-download-artifact @bf251b5 (v6)
reviewdog/action-actionlint @6fb7acc (v1.72.0)
lycheeverse/lychee-action @8646ba3 (v2.8.0)
DavidAnson/markdownlint-cli2-action @8305c0f (v20)
actions/stale @b5d41d4 (v10.2.0)
dependabot/fetch-metadata @25dd0e3 (v3.1.0)
softprops/action-gh-release @3bb1273 (v2.6.2)
devcontainers/ci @b63b30d (v0.3)
actions/labeler @634933e (v6)

Medium — least-privilege permissions + injection hardening

  • Added permissions: contents: read to 9 workflows that had no block (default token is over-scoped).
  • setup-python-env action: pip install ${{ inputs.extra-packages }} routed through an env var to prevent shell-metacharacter injection.

Low — shell hygiene

  • azureml-train.yml: az cli arguments moved from inline ${{ inputs.* }} interpolation to env vars.
  • pr-checks.yml: SHAs passed via env vars + properly quoted; added missing id to size-check step.

…missions blocks, fix injection risks

Agent-Logs-Url: https://github.com/Bryan-Roe/Aria/sessions/90ee6ed7-006e-4da4-bcf9-6d65b03b0bb2

Co-authored-by: Bryan-Roe <74067792+Bryan-Roe@users.noreply.github.com>

@sourcery-ai sourcery-ai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @Copilot! 👋

Your private repo does not have access to Sourcery.

Please upgrade to continue using Sourcery ✨

@Bryan-Roe Bryan-Roe requested a review from Copilot April 30, 2026 08:47
@Bryan-Roe Bryan-Roe marked this pull request as ready for review April 30, 2026 08:47
@Bryan-Roe Bryan-Roe self-requested a review as a code owner April 30, 2026 08:47

@sourcery-ai sourcery-ai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @Bryan-Roe! 👋

Your private repo does not have access to Sourcery.

Please upgrade to continue using Sourcery ✨

@Bryan-Roe Bryan-Roe merged commit daaa1cb into main Apr 30, 2026
25 of 36 checks passed
@Bryan-Roe Bryan-Roe deleted the copilot/fix-github-actions branch April 30, 2026 08:48
@github-actions

Copy link
Copy Markdown
Contributor

🔴 Coverage — 251c8d5

Metric Value
Total coverage 58.8%
Minimum threshold 60%

Updated on every push · 2026-04-30

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR hardens the GitHub Actions CI surface by reducing credential exposure, pinning third-party actions to immutable SHAs, tightening default token permissions, and reducing shell-injection risk from user-controlled inputs.

Changes:

  • Removed AZURE_CREDENTIALS from workflow_dispatch inputs and switched Azure login to repository secret usage.
  • Pinned multiple third-party GitHub Actions to specific commit SHAs to reduce supply-chain risk.
  • Added least-privilege permissions: blocks to workflows and hardened shell argument handling via env vars/quoting.

Reviewed changes

Copilot reviewed 21 out of 21 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
.github/workflows/stale.yml Pins actions/stale to an immutable SHA.
.github/workflows/release.yml Pins softprops/action-gh-release to an immutable SHA.
.github/workflows/quantum-orchestration.yml Removes credential input, uses secret-only creds, adds permissions: contents: read.
.github/workflows/quantum-ai-smoke.yml Adds permissions: contents: read.
.github/workflows/pr-tests.yml Adds permissions: contents: read.
.github/workflows/pr-checks.yml Hardens PR-size step by using env vars/quoting; pins actions/labeler.
.github/workflows/nightly-regression.yml Pins dawidd6/action-download-artifact to an immutable SHA.
.github/workflows/markdown-quality.yml Pins DavidAnson/markdownlint-cli2-action to an immutable SHA.
.github/workflows/llm-maker-tests.yml Adds permissions: contents: read.
.github/workflows/e2e-tests.yml Adds permissions: contents: read.
.github/workflows/devcontainer-ci.yml Adds permissions: contents: read and pins devcontainers/ci.
.github/workflows/dependabot-automerge.yml Pins dependabot/fetch-metadata to an immutable SHA.
.github/workflows/coverage-report.yml Pins dawidd6/action-download-artifact to an immutable SHA.
.github/workflows/code-quality.yml Adds permissions: contents: read.
.github/workflows/ci-pipeline.yml Adds permissions: contents: read.
.github/workflows/broken-links.yml Pins lycheeverse/lychee-action to an immutable SHA.
.github/workflows/azureml-train.yml Moves workflow inputs into env vars for safer shell usage.
.github/workflows/auto-validation.yml Adds permissions: contents: read.
.github/workflows/aria-tests.yml Adds permissions: contents: read.
.github/workflows/actionlint.yml Pins reviewdog/action-actionlint to an immutable SHA.
.github/actions/setup-python-env/action.yml Routes pip install args via env var to reduce shell-injection risk.

Comment on lines 35 to 40
- name: Azure Login
if: ${{ inputs.AZURE_CREDENTIALS != '' }}
if: ${{ secrets.AZURE_CREDENTIALS != '' }}
uses: azure/login@v2
with:
creds: ${{ inputs.AZURE_CREDENTIALS }}
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Run Orchestration

Copilot AI Apr 30, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Azure Login step is now conditional on secrets.AZURE_CREDENTIALS being non-empty, but the orchestration step always runs afterward. If the secret is missing/misconfigured, the workflow will skip login and likely fail later inside the PowerShell scripts with less actionable errors. Consider removing the if: so the login step fails fast when creds are required, or add an explicit guard step that checks the secret and exits with a clear message before running orchestration.

Copilot uses AI. Check for mistakes.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 322bba3c0e

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

- uses: actions/checkout@v4
- name: Azure Login
if: ${{ inputs.AZURE_CREDENTIALS != '' }}
if: ${{ secrets.AZURE_CREDENTIALS != '' }}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Move secret guard out of step if

This condition uses secrets.AZURE_CREDENTIALS directly in if, which GitHub Actions does not support for conditionals (the docs require mapping the secret to an env var first and checking that env var). As written, the Azure Login step can be skipped even when the secret exists, so the subsequent orchestration script runs unauthenticated and fails against Azure resources.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants