Skip to content

chore: harden packaging environment to enforce 4-eyes review on signed releases #6

Open
Open
chore: harden packaging environment to enforce 4-eyes review on signed releases#6
Assignees
inureyes
Labels
priority:lowLow prioritystatus:backlogIn the backlog, not yet readytype:choreMaintenance tasks (build, CI, etc.)
@inureyes

Description

@inureyes
inureyes
opened on May 18, 2026

Follow-up to #1 A-section.

The packaging GitHub deployment environment currently has:

  • required_reviewers: inureyes (1 user)
  • prevent_self_review: false
  • can_admins_bypass: true

This means the person who triggers a signing or homebrew-bump deployment can also self-approve it — which provides an "abort window" before the deployment proceeds, but is not a true 4-eyes gate. This was an intentional choice while release tooling was still being automated (see the follow-up note in #1 A-section).

Once the release pipeline is fully automated (manual signing/notarization no longer required, manual homebrew bump no longer required), this configuration should be hardened:

Tasks

  • Decide on the release-manager pool (≥1 additional GitHub user beyond inureyes) — discuss in this issue's comments before applying
  • Register the additional reviewer(s) at https://github.com/lablup/mlxcel/settings/environments/15464823920/edit → "Deployment protection rules" → "Required reviewers"
  • Enable "Prevent self-review" so the trigger-er cannot self-approve
  • (Optional) Disable can_admins_bypass if org admins should not be able to skip the gate
  • Verify via: 
    gh api repos/lablup/mlxcel/environments/packaging \
  --jq '.protection_rules[] | select(.type == "required_reviewers") | {prevent_self_review, reviewer_count: (.reviewers | length)}'
    Expected: prevent_self_review: true, reviewer_count >= 2

Triggering conditions

Open this issue for action when all of the following are true:

  • Release signing and notarization are non-interactive (no manual step inside the workflow)
  • Homebrew formula bump runs end-to-end without manual intervention (verified after the first auto-bump from a real release)
  • There is at least one additional release manager identified and reachable for approvals (otherwise enabling prevent_self_review would block legitimate releases)

Until all three are satisfied, keep the current 1-reviewer + self-approve configuration to avoid blocking releases on a missing second reviewer.

Refs

Metadata

Metadata

Assignees

Labels

priority:lowLow prioritystatus:backlogIn the backlog, not yet readytype:choreMaintenance tasks (build, CI, etc.)

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions