security: scope reusable-workflow secrets (least privilege) over secrets: inherit
Adversarial Review (Gadfly) / review (pull_request) Failing after 2s
Build & push image / build-and-push (pull_request) Successful in 6s

The swarm (reviewing the mort/executus rollout PRs) correctly flagged that
`secrets: inherit` forwards EVERY caller secret to the reusable review
workflow — registry/deploy/db creds the reviewer never touches. Fix:

- review-reusable.yml: declare workflow_call.secrets (all optional) so a
  caller can forward only what the reviewer needs.
- adversarial-review.yml (gadfly's own caller) + examples/reusable.yml:
  replace `secrets: inherit` with an explicit forward of just
  OLLAMA_CLOUD_API_KEY / CLAUDE_CODE_OAUTH_TOKEN / findings tokens.
  GITEA_TOKEN stays automatic.
- Docs (README, examples) updated; also advise pinning consumers to an
  immutable @<sha> instead of @main (supply-chain, the other finding).

gadfly's own review on this PR exercises the explicit-secrets path (local
reusable ref) — validating it on the act_runner before mort/executus adopt it.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Steve Dudenhoeffer
2026-06-27 20:45:18 -04:00
parent 5f86062a5a
commit f06fe5ef72
5 changed files with 56 additions and 14 deletions
+1 -1
View File
@@ -6,7 +6,7 @@ set the secrets/vars it references. Gadfly is advisory only — it never blocks
| File | Backend | Needs |
|------|---------|-------|
| [`reusable.yml`](reusable.yml) | **slimmest stub** — calls Gadfly's reusable workflow (`secrets: inherit`); take the defaults or override a few inputs | secret `OLLAMA_CLOUD_API_KEY` |
| [`reusable.yml`](reusable.yml) | **slimmest stub** — calls Gadfly's reusable workflow, forwarding only the secrets the reviewer needs (least privilege, not `secrets: inherit`); take the defaults or override a few inputs | secret `OLLAMA_CLOUD_API_KEY` |
| [`adversarial-review.yml`](adversarial-review.yml) | **Ollama Cloud** (default) + inline notes for every provider; full self-contained stub | secret `OLLAMA_CLOUD_API_KEY` |
| [`local-ollama.yml`](local-ollama.yml) | a **local/LAN Ollama** daemon | nothing (or `GADFLY_BASE_URL` for a remote host) |
| [`openai-compatible.yml`](openai-compatible.yml) | any **OpenAI-compatible** endpoint (local Ollama `/v1`, gateway, vLLM, OpenRouter…) | `GADFLY_BASE_URL` (+ a key for most gateways) |
+16 -4
View File
@@ -6,8 +6,12 @@
# the triggers, the comment-trigger actor gate, and any overrides you want.
#
# Needs: secret OLLAMA_CLOUD_API_KEY (the default Ollama Cloud provider).
# `secrets: inherit` passes your repo/org/user secrets through to the reusable
# workflow (GITEA_TOKEN is automatic). Pin @<ref> to a Gadfly tag/branch.
# Forward ONLY the secrets the reviewer uses (least privilege) — see the
# `secrets:` block below. GITEA_TOKEN is automatic. `secrets: inherit` also works
# but hands the reusable EVERY secret in your repo (registry/deploy/db creds the
# review never touches), so prefer the explicit form. Pin @<sha> to an immutable
# Gadfly commit (not @main) so a push there can't change what runs with your
# secrets.
#
# Prefer this when you're happy with the defaults. For custom named endpoints
# (GADFLY_ENDPOINT_<NAME>) or a provider the reusable doesn't map, use the full
@@ -40,9 +44,17 @@ jobs:
if: >-
github.event_name != 'issue_comment'
|| (github.event.issue.pull_request && github.actor == 'your-username')
# Pin @<ref> to a Gadfly release tag for stability (@main tracks latest).
# Pin @<sha> to an immutable Gadfly commit (replace @main below) so a push to
# gadfly can't silently change the code that runs with your forwarded secrets.
uses: steve/gadfly/.gitea/workflows/review-reusable.yml@main
secrets: inherit
# Forward ONLY what the reviewer needs. Add provider keys you use
# (ANTHROPIC_API_KEY, OPENAI_API_KEY, GOOGLE_API_KEY, GADFLY_API_KEY) and/or
# GADFLY_ENDPOINT_M1/M5; drop the findings ones if you don't run telemetry.
secrets:
OLLAMA_CLOUD_API_KEY: ${{ secrets.OLLAMA_CLOUD_API_KEY }}
# CLAUDE_CODE_OAUTH_TOKEN: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
# GADFLY_FINDINGS_URL: ${{ secrets.GADFLY_FINDINGS_URL }}
# GADFLY_FINDINGS_TOKEN: ${{ secrets.GADFLY_FINDINGS_TOKEN }}
with:
# All optional — omit to take Gadfly's defaults. Examples:
# models: "qwen3-coder:480b-cloud,gpt-oss:120b-cloud"