From 74d2f5261eb341fcaed41bdccce4aa69cf8d7cac Mon Sep 17 00:00:00 2001 From: adilburaksen Date: Thu, 18 Jun 2026 23:12:35 +0300 Subject: [PATCH] ci(terraform): restrict the privileged terraform job to non-fork PRs The terraform job authenticates with GCP credentials and runs `terraform init`/`plan` over the pull request's own .tf files. On `pull_request` this checks out fork-controlled code, and terraform init/plan execute that HCL (module sources, `external` data sources), so a fork PR can run arbitrary commands while the GCP service-account key and the Buildkite API token are in scope. The job's `if:` only checked that orgs changed; the intended "PR from trusted users" guard was never implemented, and the matrix environments (bazel / bazel-trusted / bazel-testing) have no required reviewers, so nothing stops a fork PR from reaching this job. Gate the job so fork pull requests can no longer reach it: run on push, or on pull requests that originate from this repository. --- .github/workflows/terraform.yml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 18d9676072..711c30444b 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -54,8 +54,14 @@ jobs: # Job 2: Terraform Execution terraform: needs: detect-changes - # Run only if we have changed orgs AND (it's a push to master OR PR from trusted users) - if: needs.detect-changes.outputs.orgs != '[]' + # Run only if we have changed orgs AND (it's a push to master OR a PR from this + # repository, not a fork). Fork pull requests must not reach this job: it loads + # GCP credentials and runs `terraform plan` over the PR's .tf files, which executes + # attacker-controlled HCL (module sources, `external` data sources). + if: >- + needs.detect-changes.outputs.orgs != '[]' + && (github.event_name == 'push' + || github.event.pull_request.head.repo.full_name == github.repository) runs-on: ubuntu-latest # Lock per organization. Cancels old runs on PRs (saves time), but queues pushes (safe apply).