Please familiarize yourself with the security considerations of this plugin before deploying it.

• Allowing unauthorized users to dispatch CI workflows is a security risk. For example, an attacker could attempt to poison the CI cache to induce side effects.

  We therefore recommend:

  • Configure the "Allow-CI" label to be not satisfied by default. This will force an authorized user to selectively approve CI runs
  • Sparingly use override conditions to exempt trusted users from this rule.

• Ensure that the "Allow-CI" and "CI-Result" labels are reset if a new revision is pushed to a review (copyCondition: false).

• This plugin exposes a public HTTP API on your Gerrit server for GitHub webhooks.

  • Follow general web hosting best practices (e.g. deploy a web application firewall).
  • Since anyone could call this API, a secret token is used to authenticate that the source of requests is indeed GitHub. For more info, refer to GitHub: Securing your webhooks.

Please responsibly disclose any further security concerns at firedancer-devs [AT] jumptrading [DOT] com.