Potential fix for code scanning alert no. 2: Workflow does not contain permissions#2
Merged
Conversation
…n permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
aksOps
added a commit
that referenced
this pull request
Apr 25, 2026
…isolation Reviewer (cf5145d8) requested three changes on commit c839460. Addresses each with verified failure-on-regression checks. #1 — Cross-tenant boot hydration of vector index Previously main.go hydrated the index via repo.GetLogsV2(appCtx, ...) which is tenant-scoped to whatever tenant ctx carries — appCtx has none, so only the default tenant's rows reloaded after restart and find_similar_logs was cold for every other tenant until fresh ERROR logs landed. The new tenant-aware vectorIdx.Add(..., l.TenantID, ...) didn't fix it because the non-default rows were never fetched. - internal/storage/log_repo.go: new ListRecentHighSeverityLogsAllTenants — explicitly cross-tenant administrative read used only by hydration. Each row carries its own TenantID; fan-out happens in the caller. - main.go: hydration now uses the new method so every tenant's warm index survives a restart. - internal/vectordb/index.go: tenant-aware FIFO eviction. At cap, drop up to maxSize/10 of the inserting tenant's oldest rows so a noisy tenant cannot evict another tenant's warm rows (availability isolation; confidentiality is still enforced by doc.Tenant filtering in Search). Brand-new tenants drop one globally-oldest row to claim a first slot. #2 — root_cause_analysis assertion was vacuous internal/mcp/tenant_isolation_test.go:434 passed an empty ownMarker to assertNoLeak, so the merge gate would still pass if the tool regressed to returning [] for every tenant. Now passes ownService (RankedCause carries Service so it must appear in a non-empty response). Verified by sabotaging the handler to return a nil slice — the assertion fails with 'expected own marker "acme-orders" in response, body=null' as designed, then reverted. #3 — Drain cluster-id test didn't actually compare cluster IDs The previous test reused seedTenant (per-tenant service names) and only scanned response text, so a regression that surfaced the same cluster row across tenants would still pass. Rewritten to: - Use one shared service name across both tenants so Drain produces colliding (service, templateID) keys — the SignalStore partition is the only thing keeping rows separate. - Inspect the actual []graphrag.LogClusterNode returned by CorrelatedSignals (not just response text), checking Template + SampleLog content for own-marker presence and foreign-marker absence. - Log the per-tenant cluster IDs so future refactors that change the ID scheme leave a visible audit trail. - End-to-end probe via the MCP HTTP surface remains, asserting the same isolation reaches clients. RAN-20 supporting tests internal/vectordb/index_test.go, internal/api/similar_handler_test.go, internal/mcp/tools_ran20_test.go cover vectordb tenant scoping at three layers (in-memory, REST handler, MCP tool). They were sitting untracked on the branch from the parallel RAN-20 work; bundling them so the follow-up vectordb behavior added here is covered. Verified: - go vet ./... clean - go test ./... clean (full repo) - go test -race ./internal/{mcp,graphrag,vectordb,api}/... clean Co-Authored-By: Paperclip <noreply@paperclip.ing>
aksOps
added a commit
that referenced
this pull request
Apr 25, 2026
…N-20) (#31) * feat(mcp): tenant ctx through GraphRAG handlers + merge-gate isolation test (RAN-39) Threads the tenant resolved by the MCP transport (X-Tenant-ID header → ctx) into every GraphRAG-backed tool handler and adds the merge-gate integration test that asserts cross-tenant isolation for the full GraphRAG-backed MCP surface. mcp/tools.go - get_system_graph and get_service_health now accept ctx and route through GraphRAG.ServiceMap / AllServiceEdges so they pick up RAN-37's per-tenant in-memory partitioning. Legacy svcGraph remains as a fallback path only when GraphRAG isn't wired (boot windows, future test harnesses). - All other GraphRAG handlers were already ctx-threaded after RAN-37/38; no behavior change for those. vectordb/index.go (+ main.go, api/similar_handler.go) - vectordb.Index.Add and Search now take a tenant string; LogVector and SearchResult carry the tenant tag and Search filters by it. RAN-37 already added tenant args at the call sites in graphrag/clustering.go and mcp/tools.go but the matching vectordb signature change had not landed, leaving the branch unbuildable. This closes that gap with the smallest surgical change; the broader vectordb rework remains RAN-20. - main.go now passes l.TenantID into vectorIdx.Add on hydration and the live ingest hook; api/similar_handler resolves tenant from the request context before searching. graphrag/builder.go - New RegisterAnomaly(tenant, AnomalyNode) — small public API symmetric with PersistInvestigation, used by the new isolation test to seed per-tenant anomalies without depending on the throttled detector loop. mcp/tenant_isolation_test.go - Stands up an in-process MCP server (httptest) wired to GraphRAG over in-memory SQLite, seeds three tenants (acme, beta, default) with overlapping service_name / trace_id / span_id / Drain template / log body / snapshot, and exercises every GraphRAG-backed tool — get_service_map, get_service_health, get_error_chains, trace_graph, impact_analysis, root_cause_analysis, correlated_signals, get_anomaly_timeline, get_investigations, get_investigation (own + cross-tenant id-guess), get_graph_snapshot, find_similar_logs, get_system_graph — three times each (X-Tenant-ID acme, X-Tenant-ID beta, no header → DefaultTenantID). Each response is scanned for the caller's own tenant marker and for any other seeded tenant's marker (service name, log body, op name, anomaly evidence, snapshot id) to prove no cross-tenant leak. Verified: go vet ./... clean; go test ./... clean; go test -race ./internal/{mcp,graphrag}/... clean. Co-Authored-By: Paperclip <noreply@paperclip.ing> * fix(mcp,vectordb): RAN-39 reviewer follow-ups + RAN-20 vector tenant isolation Reviewer (cf5145d8) requested three changes on commit c839460. Addresses each with verified failure-on-regression checks. #1 — Cross-tenant boot hydration of vector index Previously main.go hydrated the index via repo.GetLogsV2(appCtx, ...) which is tenant-scoped to whatever tenant ctx carries — appCtx has none, so only the default tenant's rows reloaded after restart and find_similar_logs was cold for every other tenant until fresh ERROR logs landed. The new tenant-aware vectorIdx.Add(..., l.TenantID, ...) didn't fix it because the non-default rows were never fetched. - internal/storage/log_repo.go: new ListRecentHighSeverityLogsAllTenants — explicitly cross-tenant administrative read used only by hydration. Each row carries its own TenantID; fan-out happens in the caller. - main.go: hydration now uses the new method so every tenant's warm index survives a restart. - internal/vectordb/index.go: tenant-aware FIFO eviction. At cap, drop up to maxSize/10 of the inserting tenant's oldest rows so a noisy tenant cannot evict another tenant's warm rows (availability isolation; confidentiality is still enforced by doc.Tenant filtering in Search). Brand-new tenants drop one globally-oldest row to claim a first slot. #2 — root_cause_analysis assertion was vacuous internal/mcp/tenant_isolation_test.go:434 passed an empty ownMarker to assertNoLeak, so the merge gate would still pass if the tool regressed to returning [] for every tenant. Now passes ownService (RankedCause carries Service so it must appear in a non-empty response). Verified by sabotaging the handler to return a nil slice — the assertion fails with 'expected own marker "acme-orders" in response, body=null' as designed, then reverted. #3 — Drain cluster-id test didn't actually compare cluster IDs The previous test reused seedTenant (per-tenant service names) and only scanned response text, so a regression that surfaced the same cluster row across tenants would still pass. Rewritten to: - Use one shared service name across both tenants so Drain produces colliding (service, templateID) keys — the SignalStore partition is the only thing keeping rows separate. - Inspect the actual []graphrag.LogClusterNode returned by CorrelatedSignals (not just response text), checking Template + SampleLog content for own-marker presence and foreign-marker absence. - Log the per-tenant cluster IDs so future refactors that change the ID scheme leave a visible audit trail. - End-to-end probe via the MCP HTTP surface remains, asserting the same isolation reaches clients. RAN-20 supporting tests internal/vectordb/index_test.go, internal/api/similar_handler_test.go, internal/mcp/tools_ran20_test.go cover vectordb tenant scoping at three layers (in-memory, REST handler, MCP tool). They were sitting untracked on the branch from the parallel RAN-20 work; bundling them so the follow-up vectordb behavior added here is covered. Verified: - go vet ./... clean - go test ./... clean (full repo) - go test -race ./internal/{mcp,graphrag,vectordb,api}/... clean Co-Authored-By: Paperclip <noreply@paperclip.ing> * fix(mcp,graphrag): wire tenant from ctx into vectordb.Search call sites (RAN-20) The vectordb.Index.Search signature went tenant-aware in the prior commit but two call sites still used the legacy 2-arg form, leaving the branch unbuildable: - internal/mcp/tools.go: toolFindSimilarLogs had a TODO(RAN-20) marker and `_ = ctx`. Now resolves tenant via storage.TenantFromContext on mcpCtx(ctx) and passes it to Search. - internal/graphrag/clustering.go: SimilarErrors had the same TODO and `_ = ctx`. Now resolves tenant from the same ctx and passes it through. Both surfaces share the storage tenant-context idiom used everywhere else, so coercion rules (empty → DefaultTenantID) stay consistent. Verified: go build ./... clean, go vet ./... clean, go test -race ./internal/{vectordb,api,mcp,graphrag,storage}/... clean. Co-Authored-By: Paperclip <noreply@paperclip.ing> --------- Co-authored-by: Paperclip <noreply@paperclip.ing>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Potential fix for https://github.com/RandomCodeSpace/Argus/security/code-scanning/2
In general, the fix is to explicitly declare a minimal
permissionsblock for the GITHUB_TOKEN, either at the workflow root (so it applies to all jobs) or per job, and grant only the scopes actually needed. For this workflow, the jobs only read repository contents to build and analyze code, socontents: readis sufficient.The best minimal change without altering existing functionality is to add a workflow‑level
permissionssection right after thename:key. This will apply to bothvulnerability-checkandbuild-checkjobs, unless overridden. No other scopes (likeissues,pull-requests, orpackages) are necessary based on the provided steps. Concretely, in.github/workflows/audit.yml, insert:between line 1 (
name: Security Audit) and line 3 (on:). No imports or additional definitions are required, since this is just GitHub Actions YAML configuration.Suggested fixes powered by Copilot Autofix. Review carefully before merging.