[CI][Security] SEC-00864: Least-privilege secrets & permissions in AMD CI workflows (amd-staging)#3045
Open
vkallesh wants to merge 1 commit into
Conversation
…AMD workflows Port of #3044 (release/therock-7.12) to amd-staging trunk. Replace blanket 'secrets: inherit' on reusable-workflow call sites with named secret pass-through, and add explicit least-privilege top-level permissions to AMD trigger workflows. - The only secrets consumed in the build/test reusable-workflow tree are BENCHMARK_DB_URL / BENCHMARK_DB_FALLBACK_URL (test_component.yml). Declare them as optional workflow_call secrets in test_component.yml and test_benchmarks.yml and forward them by name on the benchmark path (ci_windows.yml -> test_benchmarks.yml -> test_component.yml). - ci_nightly.yml additionally invokes teams_notifier.yml; forward only its already-declared AMD_STAGING_NIGHTLY_TEAMS_WEBHOOK_URL secret by name instead of inheriting everything. - Drop unused 'secrets: inherit' from build/test chains that consume no secrets (ci_linux, ci_nightly->ci_linux, ci_asan, multi_arch_ci, and the Windows/Linux build call sites). These rely on OIDC id-token and the auto-provided GITHUB_TOKEN, neither of which needs inherited secrets. - Add 'permissions: contents: read' to PSDB-amd-staging.yml, buildbot-psdb-trigger.yml and compute-rocm-dkmd-afar-trigger.yml. Scope note: this is a faithful 1:1 port of the files covered by #3044. Other trunk-only workflows on amd-staging that also use 'secrets: inherit' (spirv-ci, multi_arch_release/*, rockci_* variants, parameterised-sha-*) are intentionally not modified here. Co-authored-by: Cursor <cursoragent@cursor.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Ports the SEC-00864 fix from the release branch (#3044) onto the active amd-staging trunk so the hardening lands in mainline and does not regress.
Addresses Mythos AI finding SEC-00864 (High) — Excessive Secret Inheritance and Missing Permissions in GitHub Actions Workflows.
secrets: inherit, handing every repository secret to child workflows even though almost none are used. Audit of the build/test tree shows the only consumed secrets areBENCHMARK_DB_URL/BENCHMARK_DB_FALLBACK_URL(test_component.yml) andAMD_STAGING_NIGHTLY_TEAMS_WEBHOOK_URL(teams_notifier.yml). Everything else uses OIDC (id-token) or the auto-providedGITHUB_TOKEN.permissions:block.Changes
BENCHMARK_DB_URL/BENCHMARK_DB_FALLBACK_URLas optionalworkflow_callsecrets intest_component.ymlandtest_benchmarks.yml.ci_windows.yml→test_benchmarks.yml→test_component.yml.ci_nightly.yml, forwarded only the already-declaredAMD_STAGING_NIGHTLY_TEAMS_WEBHOOK_URLtoteams_notifier.yml(instead of inheriting everything).secrets: inheritfrom build/test chains that consume no secrets:ci_linux.yml,ci_nightly.yml→ci_linux,ci_asan.yml,multi_arch_ci.yml, and the Windows build call site.permissions: contents: readtoPSDB-amd-staging.yml,buildbot-psdb-trigger.yml,compute-rocm-dkmd-afar-trigger.yml.Scope note
This is a faithful 1:1 port of the workflows covered by #3044. amd-staging is the active trunk and contains additional trunk-only workflows that also use
secrets: inherit(spirv-ci,multi_arch_release*,rockci_*variants,parameterised-sha-*). Those are intentionally out of scope here and can be hardened in a follow-up if desired.Why this is safe
secrets: inheritdoes not affectGITHUB_TOKEN(always auto-provided) or OIDC (id-token), which the build jobs rely on.required: false, preserving the existing "fail gracefully / skip submission" behavior.multi_arch_ci→multi_arch_build_portable_linux→*_artifactschain is build-only (AWS via OIDC), so it needs no inherited secrets.Test plan
pull_requesttoamd-stagingstill triggers the PSDB Jenkins job.ci_nightly) Linux + Windows build/test pass; benchmark DB submission works on the Windows benchmark path; Teams notification is delivered.ci_asanandmulti_arch_ciruns build successfully.Made with Cursor