Announcing CI/CD v2 for LiteLLM
The CI/CD v2 is now live for LiteLLM.
Building on the roadmap from our security incident, CI/CD v2 introduces isolated environments, stronger security gates, and safer release separation for LiteLLM.
What changed​
- Security scans and unit tests run in isolated environments.
- Validation and release are separated into different repositories, making it harder for an attacker to reach release credentials.
- Trusted Publishing for PyPI releases - this means no long-lived credentials are used to publish releases.
- Immutable Docker release tags - this means no tampering of Docker release tags after they are published Learn more. Note: work for GHCR docker releases is planned as well.
What's next​
Moving forward, we plan on:
-
Adopting OpenSSF (this is a set of security criteria that projects should meet to demonstrate a strong security posture - Learn more)
- We've added Scorecard and Allstar to our Github
-
Adding SLSA Build Provenance to our CI/CD pipeline - this means we allow users to independently verify that a release came from us and prevent silent modifications of releases after they are published.
We hope that this will mean you can be confident that the releases you are using are safe and from us.
The principle​
The new CI/CD pipeline reflects the principles, outlined below, and is designed to be more secure and reliable:
- Limit what each package can access
- Reduce the number of sensitive environment variables
- Avoid compromised packages
- Prevent release tampering
How to help:​
Help us plan April's stability sprint - https://github.com/BerriAI/litellm/issues/24825