-
Notifications
You must be signed in to change notification settings - Fork 35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[security] Fix exposed push tokens through gh workflow_run #379
Conversation
a215366
to
dba002e
Compare
I am very uneducated in secuitry issues but what prevents the malicious user to rewrite those new workflows and get access to the secret token? |
from: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
if i understand it correctly, the excerpt above is saying that a malicious user might modify new workflows trying to get access to the secret token, BUT github will only run version of those workflows (specifically, workflows that are triggerred by workflow_run event) that are on |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks mostly good to me.
I think that using GH webhooks to a HF space may be better in the long run, that way no need to add the secret to each repo, which is really annoying (especially since we're going to rotate them all).
The only concern is that currently someone malicious could overwrite the docs of another PR from the same repo.
Also, we can remove the delete_doc_comment
and delete_pr_documentation
workflows probably: PR docs are automatically deleted after 30 days anyway.
Secrets are never passed to workflows run from forks. The workflow that uploads the docs here: https://github.com/huggingface/accelerate-wip/blob/main/.github/workflows/upload_pr_documentation.yml It's only run from the main branch, and https://github.com/huggingface/doc-builder/pull/379/files#diff-f05826b801b9407ec985196b30fc45b111e09b5d98ee8670333493868e2b8dad it only downloads & reuploads an artifact |
I think you can create organization-level secret. Which should solve this issue, no ?
I didn't know it. Could you point me to a resource for conformation? If so, indeed |
It would help a lot yes :) A few repos (transformers.js, ...) would still need but it's a lot better
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the explanation!
Definitely worth a try (as long as it's tested with PRs opened from forks, which is the main issue we are trying to solve :-) ).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you all think it's safe, then this sounds good to me!
Pretty much implements https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
tldr:
todos (in order):