Skip to content

fix: explicit set workflow permission and move secrets to necessary#3484

Merged
winglian merged 4 commits intomainfrom
fix/workflow-permission
Mar 16, 2026
Merged

fix: explicit set workflow permission and move secrets to necessary#3484
winglian merged 4 commits intomainfrom
fix/workflow-permission

Conversation

@NanoCode012
Copy link
Collaborator

@NanoCode012 NanoCode012 commented Mar 10, 2026
edited by coderabbitai bot
Loading

steps only

Followup to #3480 , this PR:

  • explicitly sets workflow permission to prevent a default more open permission.
  • Scope secrets to specific stage only
  • consolidate the versioning between flows
  • fix a deprecated syntax

Description

Motivation and Context

How has this been tested?

AI Usage Disclaimer

Claude for review for potential vulnerabilities

Screenshots (if appropriate)

Types of changes

Social Handles (Optional)

Summary by CodeRabbit

  • Chores
    • Updated GitHub Actions versions for improved stability and security
    • Enhanced CI/CD workflow permissions with explicit access controls
    • Improved credential handling in testing workflows for better security isolation

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Mar 10, 2026
edited
Loading

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: f2698680-42fe-49ea-a4ea-743be1374507

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

This PR updates GitHub Actions workflows to harden security permissions and modernize workflow configurations. Changes include adding top-level contents: read permissions across workflows, updating Docker action versions, refactoring CODECOV_TOKEN environment variable handling, and updating GitHub Actions output mechanisms.

Changes

Cohort / File(s) Summary
Workflow Permissions Hardening
\.github/workflows/lint.yml`, `.github/workflows/main.yml`, `.github/workflows/nightlies.yml``		 Adds top-level permissions: contents: read block to restrict workflow access scope.
Docker Action Version Updates
\.github/workflows/base.yml``		 Updates action versions: docker/login-action (v2 → v3), docker/build-push-action (v4 → v5). Also adds contents: read permissions block.
CODECOV_TOKEN Environment Variable Refactoring
\.github/workflows/multi-gpu-e2e.yml`, `.github/workflows/tests-nightly.yml`, `.github/workflows/tests.yml``		 Moves CODECOV_TOKEN from global environment setup to step-level environment blocks on specific Modal test jobs. Adds permissions: contents: read to each workflow.
GitHub Actions Output Mechanism Update
\.github/workflows/pypi.yml``		 Replaces deprecated set-output command with GITHUB_OUTPUT file mechanism for TAG_NAME extraction.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

Suggested labels

ready to merge

Suggested reviewers

  • winglian
🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the main changes: adding explicit workflow permissions and moving secrets to specific steps where needed.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch fix/workflow-permission

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Mar 10, 2026
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (2)
.github/workflows/pypi.yml (1)

47-49: Prefer GITHUB_REF_NAME over parsing GITHUB_REF.

GITHUB_REF is the fully qualified ref, while GITHUB_REF_NAME is already the short branch/tag name GitHub exposes for exactly this use case. Using the built-in short ref avoids shell parsing here and makes the GITHUB_OUTPUT migration cleaner. (docs.github.com)

Suggested change 
-        run: echo "TAG_NAME=$(echo $GITHUB_REF | cut -d / -f 3)" >> "$GITHUB_OUTPUT"
+        run: echo "TAG_NAME=$GITHUB_REF_NAME" >> "$GITHUB_OUTPUT"
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/pypi.yml around lines 47 - 49, Replace the shell parsing
of GITHUB_REF in the "Extract tag name" step (id: tag) with the built-in short
ref variable GITHUB_REF_NAME: set TAG_NAME to the value of GITHUB_REF_NAME and
write it to GITHUB_OUTPUT (echo "TAG_NAME=$GITHUB_REF_NAME" >> "$GITHUB_OUTPUT")
so the step uses the shorter, safer ref name instead of cutting GITHUB_REF.
.github/workflows/tests.yml (1)

31-33: Consider a job-level pull-requests: read override for gate-skip-e2e.

This workflow now sets only contents: read at the top level, which makes unspecified scopes none. The later actions/github-script step calls github.rest.pulls.listCommits(), so gate-skip-e2e is the one job here that likely needs pull-requests: read in addition to contents: read. Keeping that override job-local preserves the least-privilege intent of this PR. (docs.github.com)

Suggested change 
 jobs:
   gate-skip-e2e:
+    permissions:
+      contents: read
+      pull-requests: read
     needs: [pre-commit]
     runs-on: ubuntu-latest
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/tests.yml around lines 31 - 33, Top-level workflow
permissions only grant contents: read, leaving other scopes none; add a
job-level override for the gate-skip-e2e job to include pull-requests: read so
the actions/github-script step that calls github.rest.pulls.listCommits() can
succeed. Locate the gate-skip-e2e job in the workflow and add a permissions
block that sets pull-requests: read (keeping contents: read as needed) so the
job retains least-privilege access.
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/tests.yml:
- Around line 422-423: Remove the unnecessary secret exposure by deleting the
env block that sets CODECOV_TOKEN for the cicd.cleanup entrypoint: locate the
workflow step that calls the cicd.cleanup action/entrypoint and remove the "env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}" lines so the cleanup step no longer
receives the Codecov token; ensure no other references to CODECOV_TOKEN remain
in that cleanup step.

---

Nitpick comments:
In @.github/workflows/pypi.yml:
- Around line 47-49: Replace the shell parsing of GITHUB_REF in the "Extract tag
name" step (id: tag) with the built-in short ref variable GITHUB_REF_NAME: set
TAG_NAME to the value of GITHUB_REF_NAME and write it to GITHUB_OUTPUT (echo
"TAG_NAME=$GITHUB_REF_NAME" >> "$GITHUB_OUTPUT") so the step uses the shorter,
safer ref name instead of cutting GITHUB_REF.

In @.github/workflows/tests.yml:
- Around line 31-33: Top-level workflow permissions only grant contents: read,
leaving other scopes none; add a job-level override for the gate-skip-e2e job to
include pull-requests: read so the actions/github-script step that calls
github.rest.pulls.listCommits() can succeed. Locate the gate-skip-e2e job in the
workflow and add a permissions block that sets pull-requests: read (keeping
contents: read as needed) so the job retains least-privilege access.
ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: edc7a76c-8d47-48e1-b35a-1d6f7b30839a

📥 Commits

Reviewing files that changed from the base of the PR and between cf4d550 and 2fd5c03.

📒 Files selected for processing (8)
  • .github/workflows/base.yml
  • .github/workflows/lint.yml
  • .github/workflows/main.yml
  • .github/workflows/multi-gpu-e2e.yml
  • .github/workflows/nightlies.yml
  • .github/workflows/pypi.yml
  • .github/workflows/tests-nightly.yml
  • .github/workflows/tests.yml

.github/workflows/tests.yml Outdated
Comment on lines +422 to +423
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
Copy link
Contributor

@coderabbitai coderabbitai bot Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

fd 'cleanup\.py$' .
rg -n -C3 'CODECOV_TOKEN|codecov' cicd

Repository: axolotl-ai-cloud/axolotl

Length of output: 1901

🏁 Script executed:

cat -n ./cicd/cleanup.py | head -50

Repository: axolotl-ai-cloud/axolotl

Length of output: 558

🏁 Script executed:

cat -n ./cicd/cleanup.sh

Repository: axolotl-ai-cloud/axolotl

Length of output: 406

Remove CODECOV_TOKEN from the cleanup step environment.

The cicd.cleanup entrypoint only performs cache cleanup and does not upload coverage or use the Codecov token. This step should not have access to the secret.

Remove the env: block (lines 422-423) to avoid unnecessary secret exposure:

Change 
        - name: Run cleanup
          run: modal run cicd.cleanup
-       env:
-         CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
- name: Run cleanup
run: modal run cicd.cleanup
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/tests.yml around lines 422 - 423, Remove the unnecessary
secret exposure by deleting the env block that sets CODECOV_TOKEN for the
cicd.cleanup entrypoint: locate the workflow step that calls the cicd.cleanup
action/entrypoint and remove the "env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN
}}" lines so the cleanup step no longer receives the Codecov token; ensure no
other references to CODECOV_TOKEN remain in that cleanup step.

@codecov
Copy link

codecov bot commented Mar 10, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@winglian winglian merged commit 4a5876d into main Mar 16, 2026
40 of 44 checks passed
@winglian winglian deleted the fix/workflow-permission branch March 16, 2026 04:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

+1 more reviewer

@ved1beta ved1beta ved1beta approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

ready to merge

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@NanoCode012 @ved1beta @winglian