ci: Resolve Poutine security scanner findings (#23900)

2026-05-12 16:10:30 +02:00 · 2026-01-06 11:10:04 +01:00 · 2026-01-06 11:10:04 +01:00 · e649879c07
commit e649879c07
parent 072a1dd825
2 changed files with 19 additions and 17 deletions
--- a/.github/workflows/ci-evals.yml
+++ b/.github/workflows/ci-evals.yml
@ -35,12 +35,15 @@ jobs:
          ref: ${{ github.event.inputs.branch || github.ref }}

      - name: Select dataset
+        env:
+          DATASET_INPUT: ${{ github.event.inputs.dataset }}
+          EVENT_NAME: ${{ github.event_name }}
        run: |
          DATASET="workflow-builder-canvas-prompts"
-          if [ "${{ github.event_name }}" = "schedule" ]; then
+          if [ "$EVENT_NAME" = "schedule" ]; then
            DATASET="prompts-v2"
-          elif [ -n "${{ github.event.inputs.dataset }}" ]; then
-            DATASET="${{ github.event.inputs.dataset }}"
+          elif [ -n "$DATASET_INPUT" ]; then
+            DATASET="$DATASET_INPUT"
          fi
          echo "LANGSMITH_DATASET_NAME=$DATASET" >> "$GITHUB_ENV"

--- a/.poutine.yml
+++ b/.poutine.yml
@ -33,22 +33,21 @@ skip:
      - pkg:githubactions/tomi/paths-filter-action
      - pkg:githubactions/useblacksmith/setup-docker-builder

-  # === TEMPORARY SKIPS ===
-  # These findings need to be addressed in a follow-up ticket.
-  # Do not add new entries to this section.
-
-  # TODO: Fix injection vulnerability - use environment variable instead of
-  # direct interpolation of github.event.inputs.dataset
-  - rule: injection
-    path:
-      - .github/workflows/ci-evals.yml
-
-  # TODO: Review untrusted checkout execution patterns.
-  # These workflows run local actions or package managers after checking out
-  # untrusted PR code, which is a potential security risk.
+  # === UNTRUSTED CHECKOUT EXECUTION (DOCUMENTED FALSE POSITIVES) ===
+  # These workflows check out code and run local actions/package managers.
+  # Poutine flags them as potential risks, but they are safe due to their
+  # invocation context.
  - rule: untrusted_checkout_exec
    path:
+      # Only called from release-publish.yml with release tag refs (e.g., n8n@1.2.3),
+      # never PR code. The checked out code is already-released, trusted code.
      - .github/workflows/sbom-generation-callable.yml
+      # Uses merge commit SHA from GitHub - the code has already been reviewed
+      # and merged, not arbitrary PR code.
      - .github/workflows/linting-reusable.yml
-      - .github/workflows/test-workflows-callable.yml
+      # Uses merge commit SHA from GitHub - the code has already been reviewed
+      # and merged, not arbitrary PR code.
      - .github/workflows/units-tests-reusable.yml
+      # Permission-gated: only maintainers (admin/write/maintain) can trigger
+      # via /test-workflows comment. Verified in test-workflows-pr-comment.yml.
+      - .github/workflows/test-workflows-callable.yml