feat: Thailand sandbox#31
Conversation
Signed-off-by: Navendu Pottekkat <navendu@apache.org>
WalkthroughThis PR introduces a Thailand-specific agent sandbox capability across four files. Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (1)
.github/workflows/build-thailand.yml (1)
38-41: ⚡ Quick winDisable persisted checkout credentials for least privilege.
On Lines 38-41,
actions/checkoutkeeps credentials by default. Setpersist-credentials: falseto reduce token exposure to downstream steps.Suggested fix
- uses: actions/checkout@v4 with: # Build from the same commit the base image was built from. ref: ${{ github.event.workflow_run.head_sha || github.ref }} + persist-credentials: false🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.github/workflows/build-thailand.yml around lines 38 - 41, The actions/checkout@v4 action in the workflow is not explicitly disabling credential persistence, which means authentication tokens may be exposed to downstream steps. Add `persist-credentials: false` to the `with` section of the actions/checkout@v4 step to disable credential persistence and reduce the scope of token exposure in the workflow.Source: Linters/SAST tools
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/build-thailand.yml:
- Line 38: Replace all floating version tags in the uses directives with full
40-character commit SHAs for security. For each GitHub Action reference
currently using `@v`* format (such as actions/checkout@v4, and others mentioned in
the comment), pin them to their corresponding immutable commit SHA. You may
optionally include the version tag as a comment after the SHA for readability.
This applies to all uses directives throughout the workflow file that reference
actions by floating tags.
In `@Dockerfile.thailand`:
- Around line 20-21: The BASE_IMAGE default value in the ARG declaration uses
the mutable :latest tag, which compromises reproducibility of Docker builds.
Replace the :latest tag with a specific, immutable version tag (e.g., :v1.0.0 or
a specific SHA digest) in the BASE_IMAGE default argument to ensure consistent,
reproducible builds across all environments.
---
Nitpick comments:
In @.github/workflows/build-thailand.yml:
- Around line 38-41: The actions/checkout@v4 action in the workflow is not
explicitly disabling credential persistence, which means authentication tokens
may be exposed to downstream steps. Add `persist-credentials: false` to the
`with` section of the actions/checkout@v4 step to disable credential persistence
and reduce the scope of token exposure in the workflow.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: f1ecb5b5-77c9-4400-a807-8dc2f6668c80
📒 Files selected for processing (4)
.github/workflows/build-thailand.ymlCLAUDE.mdDockerfile.thailandskills-thailand/thai-government-data/SKILL.md
| packages: write | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
cat .github/workflows/build-thailand.ymlRepository: EternisAI/agent-sandbox
Length of output: 2772
🌐 Web query:
GitHub Actions pinning commit SHA security best practices 2024
💡 Result:
As of June 2026, pinning GitHub Actions to a full-length commit SHA is considered the industry standard and a critical security best practice for mitigating supply chain risks [1][2][3]. ### Why Pinning to a Full-Length SHA is Essential * Immutability: Tags (e.g., @v4) and branches (e.g., @main) are mutable, meaning they can be updated or re-pointed to different commits by maintainers or malicious actors at any time [4][5][6]. Pinning to a full-length (40-character) commit SHA ensures that your workflow consistently runs the exact same code, providing a cryptographically secure, immutable reference [1][2][7]. * Mitigating Compromise: If an action's repository is compromised, attackers often attempt to inject malicious code into existing tags [8][2][3]. Because commit SHAs are immutable and content-addressed, a pinned SHA remains unaffected by such updates, preventing automatic execution of compromised code [4][2][9]. * Security Policies: GitHub now provides organization and repository-level policies that allow administrators to mandate SHA pinning [8][5][2]. When enabled, any workflow attempting to use a non-pinned action will fail, ensuring compliance across an entire organization [8][5]. ### Best Practices for Implementation * Use Full 40-Character SHAs: Never use shortened SHAs, as they carry a risk of collision and ambiguity [7]. Always use the full 40-character hexadecimal string [6][7]. * Maintain Human Readability: To preserve context, append the version tag as a comment in your workflow file [2][3]. This helps maintainers understand which version is being used while keeping the reference immutable [2][6]. * Example: uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 [2] * Automate Updates: Pinning manually creates maintenance overhead. Use dependency management tools like Dependabot or Renovate to automatically open pull requests that update your pinned SHAs when new releases are published [5][2][3]. * Audit Regularly: Use tools like Zizmor, Scorecards, or custom scripts to periodically scan your repositories for unpinned actions or short SHAs to ensure ongoing compliance with your security policies [2][10][3]. ### Recommended Workflow for Maintainers If you maintain your own GitHub Actions, you should also pin your internal (sub-action) dependencies to full commit SHAs [5]. This prevents your action from breaking when users adopt organization-wide SHA-enforcement policies [5].
Citations:
- 1: https://docs.github.com/en/actions/reference/security/secure-use
- 2: https://architecture.lullabot.com/adr/20260505-pin-github-actions-to-hash/
- 3: https://www.stingrai.io/blog/github-actions-security-checklist
- 4: https://www.stepsecurity.io/blog/pinning-github-actions-for-enhanced-security-a-complete-guide
- 5: https://www.romainlespinasse.dev/posts/github-actions-commit-sha-pinning/
- 6: https://safeguard.sh/resources/blog/how-to-pin-github-actions-to-shas-correctly
- 7: https://actsense.dev/vulnerabilities/short_hash_pinning/
- 8: https://github.blog/changelog/2025-08-15-github-actions-policy-now-supports-blocking-and-sha-pinning-actions/
- 9: https://nearform.com/insights/why-you-should-pin-your-github-actions-by-commit-hash/
- 10: https://github.com/github/docs/blob/962a1c8dccb8c0f66548b324e5b921b5e4fbc3d6/content/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions.md
Pin GitHub Actions to full commit SHAs.
Lines 38, 43, 45, 61, and 69 reference actions by floating tags (@v*), which is a supply-chain risk. Pin each uses: to an immutable full 40-character commit SHA, optionally with the version tag as a comment for readability.
Suggested fix pattern
- - uses: actions/checkout@v4
+ - uses: actions/checkout@<full-commit-sha> # v4
- - uses: docker/setup-buildx-action@v3
+ - uses: docker/setup-buildx-action@<full-commit-sha> # v3
- - uses: docker/login-action@v3
+ - uses: docker/login-action@<full-commit-sha> # v3
- - uses: docker/metadata-action@v5
+ - uses: docker/metadata-action@<full-commit-sha> # v5
- - uses: docker/build-push-action@v5
+ - uses: docker/build-push-action@<full-commit-sha> # v5Consider automating updates with Dependabot or Renovate.
🧰 Tools
🪛 zizmor (1.25.2)
[warning] 38-41: credential persistence through GitHub Actions artifacts (artipacked): does not set persist-credentials: false
(artipacked)
[error] 38-38: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy)
(unpinned-uses)
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In @.github/workflows/build-thailand.yml at line 38, Replace all floating
version tags in the uses directives with full 40-character commit SHAs for
security. For each GitHub Action reference currently using `@v`* format (such as
actions/checkout@v4, and others mentioned in the comment), pin them to their
corresponding immutable commit SHA. You may optionally include the version tag
as a comment after the SHA for readability. This applies to all uses directives
throughout the workflow file that reference actions by floating tags.
Source: Linters/SAST tools
| ARG BASE_IMAGE=ghcr.io/eternisai/agent-sandbox:latest | ||
| FROM ${BASE_IMAGE} |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
# First, locate and examine Dockerfile.thailand
fd -t f "Dockerfile.thailand" --exec cat -n {} \;Repository: EternisAI/agent-sandbox
Length of output: 1704
Avoid mutable :latest for BASE_IMAGE default.
Line 20 uses :latest, which makes local/manual builds non-reproducible and can drift from the intended base. Use an explicit immutable tag (or require the build arg).
Suggested fix
-ARG BASE_IMAGE=ghcr.io/eternisai/agent-sandbox:latest
+ARG BASE_IMAGE
FROM ${BASE_IMAGE}As per coding guidelines, Dockerfile* must use versioned tags and never :latest for Docker images.
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| ARG BASE_IMAGE=ghcr.io/eternisai/agent-sandbox:latest | |
| FROM ${BASE_IMAGE} | |
| ARG BASE_IMAGE | |
| FROM ${BASE_IMAGE} |
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@Dockerfile.thailand` around lines 20 - 21, The BASE_IMAGE default value in
the ARG declaration uses the mutable :latest tag, which compromises
reproducibility of Docker builds. Replace the :latest tag with a specific,
immutable version tag (e.g., :v1.0.0 or a specific SHA digest) in the BASE_IMAGE
default argument to ensure consistent, reproducible builds across all
environments.
Source: Coding guidelines
New image with an additional tool for Thailand government.
Summary by CodeRabbit
New Features
data.go.thandparliament.go.th.Documentation