harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3
zeroclaw/docs/actions-source-policy.md
Will Sarg 1fbea97b2a
ci(security): pin rustsec audit action and supersede #588 (#592) 
* fix(workflows): standardize runner configuration for security jobs

* ci(actionlint): add Blacksmith runner label to config

Add blacksmith-2vcpu-ubuntu-2404 to actionlint self-hosted-runner labels config
to suppress "unknown label" warnings during workflow linting.

This label is used across all workflows after the Blacksmith migration.

* fix(actionlint): adjust indentation for self-hosted runner labels

* feat(security): enhance security workflow with CodeQL analysis steps

* fix(security): update CodeQL action to version 4 for improved analysis

* fix(security): remove duplicate permissions in security workflow

* fix(security): revert CodeQL action to v3 for stability

The v4 version was causing workflow file validation failures.
Reverting to proven v3 version that is working on main branch.

* fix(security): remove duplicate permissions causing workflow validation failure

The permissions block had duplicate security-events and actions keys,
which caused YAML validation errors and prevented workflow execution.

Fixes: workflow file validation failures on main branch

* fix(security): remove pull_request trigger to reduce costs

* fix(security): restore PR trigger but skip codeql on PRs

* fix(security): resolve YAML syntax error in security workflow

* refactor(security): split CodeQL into dedicated scheduled workflow

* fix(security): update workflow name to Rust Package Security Audit

* fix(codeql): remove push trigger, keep schedule and on-demand only

* feat(codeql): add CodeQL configuration file to ignore specific paths

* Potential fix for code scanning alert no. 39: Hard-coded cryptographic value

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* fix(ci): resolve auto-response workflow merge markers

* fix(build): restore ChannelMessage reply_target usage

* ci(workflows): run workflow sanity on workflow pushes for all branches

* ci(workflows): rename auto-response workflow to PR Auto Responder

* ci(workflows): require owner approval for workflow file changes

* ci: add lint-first PR feedback gate

* ci(workflows): split label policy checks from workflow sanity

* ci(workflows): consolidate policy and rust workflow setup

* ci: add safe pull request intake sanity checks

* ci(security): switch audit to pinned rustsec audit-check

---------

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
2026-02-17 13:39:47 -05:00

3.2 KiB
Raw Blame History

Actions Source Policy (Phase 1)

This document defines the current GitHub Actions source-control policy for this repository.

Phase 1 objective: lock down action sources with minimal disruption, before full SHA pinning.

Current Policy

  • Repository Actions permissions: enabled
  • Allowed actions mode: selected
  • SHA pinning required: false (deferred to Phase 2)

Selected allowlist patterns:

  • actions/* (covers actions/cache, actions/checkout, actions/upload-artifact, actions/download-artifact, and other first-party actions)
  • docker/*
  • dtolnay/rust-toolchain@*
  • Swatinem/rust-cache@*
  • DavidAnson/markdownlint-cli2-action@*
  • lycheeverse/lychee-action@*
  • EmbarkStudios/cargo-deny-action@*
  • rustsec/audit-check@*
  • rhysd/actionlint@*
  • softprops/action-gh-release@*
  • sigstore/cosign-installer@*
  • useblacksmith/* (Blacksmith self-hosted runner infrastructure)

Change Control Export

Use these commands to export the current effective policy for audit/change control:

gh api repos/zeroclaw-labs/zeroclaw/actions/permissions
gh api repos/zeroclaw-labs/zeroclaw/actions/permissions/selected-actions

Record each policy change with:

  • change date/time (UTC)
  • actor
  • reason
  • allowlist delta (added/removed patterns)
  • rollback note

Why This Phase

  • Reduces supply-chain risk from unreviewed marketplace actions.
  • Preserves current CI/CD functionality with low migration overhead.
  • Prepares for Phase 2 full SHA pinning without blocking active development.

Agentic Workflow Guardrails

Because this repository has high agent-authored change volume:

  • Any PR that adds or changes uses: action sources must include an allowlist impact note.
  • New third-party actions require explicit maintainer review before allowlisting.
  • Expand allowlist only for verified missing actions; avoid broad wildcard exceptions.
  • Keep rollback instructions in the PR description for Actions policy changes.

Validation Checklist

After allowlist changes, validate:

  1. CI
  2. Docker
  3. Security Audit
  4. Workflow Sanity
  5. Release (when safe to run)

Failure mode to watch for:

  • action is not allowed by policy

If encountered, add only the specific trusted missing action, rerun, and document why.

Latest sweep notes:

  • 2026-02-16: Hidden dependency discovered in release.yml: sigstore/cosign-installer@...
    • Added allowlist pattern: sigstore/cosign-installer@*
  • 2026-02-16: Blacksmith migration blocked workflow execution
    • Added allowlist pattern: useblacksmith/* for self-hosted runner infrastructure
    • Actions: useblacksmith/setup-docker-builder@v1, useblacksmith/build-push-action@v2
  • 2026-02-17: Security audit reproducibility/freshness balance update
    • Added allowlist pattern: rustsec/audit-check@*
    • Replaced inline cargo install cargo-audit execution with pinned rustsec/audit-check@69366f33c96575abad1ee0dba8212993eecbe998 in security.yml
    • Supersedes floating-version proposal in #588 while keeping action source policy explicit

Rollback

Emergency unblock path:

  1. Temporarily set Actions policy back to all.
  2. Restore selected allowlist after identifying missing entries.
  3. Record incident and final allowlist delta.