CHORE Zizmor: branch protection for GH workflows#3103
Open
BenjaminBossan wants to merge 3 commits intohuggingface:mainfrom
Open
CHORE Zizmor: branch protection for GH workflows#3103BenjaminBossan wants to merge 3 commits intohuggingface:mainfrom
BenjaminBossan wants to merge 3 commits intohuggingface:mainfrom
Conversation
Zizmor currently gives the following type of warning:
--> .github/workflows/build_docker_images.yml:33:25
|
19 | latest-cpu:
| ---------- this job
...
33 | username: ${{ secrets.DOCKERHUB_USERNAME }}
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ secret is accessed outside of a dedicated environment
https://github.com/huggingface/peft/actions/runs/23046711202/job/66937507862
This is not really an issue, since these workflows are only triggered on
main, thus attackers cannot exfiltrate secrets this way. Moreover,
maintainers vet each PR before allowing CI to run. Finally, GH doesn't
expose secrets to forks by default. There are thus multiple layers of
protection, which make these warnings false positives.
However, for forward security, I still added a GH Environment with
branch protection (only 'main') and wait timer where appropriate.
https://github.com/huggingface/peft/settings/environments
This should add yet another protection layer in case the others are
inadvertently removed in the future.
With these changes, I had to update the Zizmor config, as the lines to
ignore moved around. There, I also saw that there were some lines in
build_docker_images.yml that no longer exists, as we have removed the
BNB CI, so these lines were removed too.
BenjaminBossan
had a problem deploying
to
branch-protection-main
GitHub Actions
Failure
BenjaminBossan
had a problem deploying
to
branch-protection-main
GitHub Actions
Failure
BenjaminBossan
had a problem deploying
to
branch-protection-main
GitHub Actions
Failure
BenjaminBossan
had a problem deploying
to
branch-protection-main
GitHub Actions
Failure
BenjaminBossan
had a problem deploying
to
branch-protection-main
GitHub Actions
Failure
BenjaminBossan
had a problem deploying
to
branch-protection-main
GitHub Actions
Failure
BenjaminBossan
had a problem deploying
to
branch-protection-main
GitHub Actions
Failure
BenjaminBossan
had a problem deploying
to
branch-protection-main
GitHub Actions
Failure
|
The docs for this PR live here. All of your documentation changes will be reflected on that endpoint. The docs are available until 30 days after the last update. |
githubnemo
reviewed
Mar 24, 2026
Collaborator
githubnemo
left a comment
githubnemo
left a comment
There was a problem hiding this comment.
One comment, otherwise LGTM
Comment on lines
+21
to
+22
| # GH Environment for extra protection: https://github.com/huggingface/peft/settings/environments | ||
| environment: branch-protection-main |
Collaborator
There was a problem hiding this comment.
Does this mean that when testing a change for, say, building & pushing the container the build will now fail at the push stage since the secret is not available? Maybe we should document that this will limit the token availability to main so that we don't trip over this in the future.
Member
Author
There was a problem hiding this comment.
When testing a change to the docker build, we only run https://github.com/huggingface/peft/blob/main/.github/workflows/test-docker-build.yml, i.e. only building it but not pushing it, so that should be fine. AFAICT, we don't have testing where we also push the docker image.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Zizmor currently gives the following type of warning:
https://github.com/huggingface/peft/actions/runs/23046711202/job/66937507862
This is not really an issue, since these workflows are only triggered on main, thus attackers cannot exfiltrate secrets this way. Moreover, maintainers vet each PR before allowing CI to run. Finally, GH doesn't expose secrets to forks by default. There are thus multiple layers of protection, which make these warnings false positives.
However, for forward security, I still added a GH Environment with branch protection (only 'main') and wait timer where appropriate.
https://github.com/huggingface/peft/settings/environments
This should add yet another protection layer in case the others are inadvertently removed in the future.
With these changes, I had to update the Zizmor config, as the lines to ignore moved around. There, I also saw that there were some lines in
build_docker_images.ymlthat no longer exists, as we have removed the BNB CI, so these lines were removed too.