ci: harden lint workflows against credential exposure in fork PRs#586
Open
KevinZhao wants to merge 1 commit intogoogleapis:mainfrom
Open
ci: harden lint workflows against credential exposure in fork PRs#586KevinZhao wants to merge 1 commit intogoogleapis:mainfrom
KevinZhao wants to merge 1 commit intogoogleapis:mainfrom
Conversation
anubhav756
force-pushed
the
fix/ci-harden-lint-workflows
branch
from
9ca4fac to
70ee55f
Compare
anubhav756
force-pushed
the
fix/ci-harden-lint-workflows
branch
3 times, most recently
from
f40418b to
2a6d843
Compare
dishaprakash
approved these changes
Mar 25, 2026
anubhav756
added
the
priority: p2
Split the single lint job into two separate jobs to follow the principle of least privilege: - remove-label: runs with write permissions but does NOT check out or execute any PR code - lint: checks out and executes PR code but only has read permissions Also add persist-credentials: false to the checkout step to prevent the GITHUB_TOKEN from being stored in git credentials where it could be read by subsequent steps. This follows the same pattern applied to googleapis/genai-toolbox in commits 949e8242 and 3f83c497. Reference: https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/
anubhav756
force-pushed
the
fix/ci-harden-lint-workflows
branch
from
2a6d843 to
f3da408
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The four lint workflows (
lint-toolbox-core,lint-toolbox-adk,lint-toolbox-langchain,lint-toolbox-llamaindex) currently run the label-removal step and the lint steps in a single job. This means the lint steps — which check out and execute fork PR code (pip install -r requirements.txt,pip install .[test]) — run withpull-requests: writeandissues: writepermissions that are only needed by the label-removal step.This PR splits each workflow into two jobs:
remove-label: has write permissions, does NOT check out or execute any PR codelint: checks out and runs PR code, but only hascontents: readpermissionAlso adds
persist-credentials: falseto the checkout step so theGITHUB_TOKENis not stored in~/.git-credentialswhere subsequent steps could read it.This follows the same hardening pattern applied to
googleapis/genai-toolboxin commits949e8242and3f83c497.Reference