From Greptile review of #365: the mcp_deploy Cloud Build trigger runs as the default Compute Engine SA (broad permissions). iam.tf already provisions build_system_sa described as the CI/CD identity, but it is unused by this trigger.
Unit of work (least-privilege rollout, needs testing — not a drive-by):
- Grant
build_system_sa: roles/artifactregistry.writer on cloud-run-source-deploy, roles/run.developer on thoughtbox-mcp, roles/iam.serviceAccountUser on agent-runner-sa (runtime SA), roles/logging.logWriter.
- Switch
google_cloudbuild_trigger.mcp_deploy.service_account to google_service_account.build_system.id.
- Verify a push-to-main build deploys end-to-end, then confirm no residual grants needed.
Context: infra/gcp/mcp-service.tf (SPEC-V1-INITIATIVE Phase 1.1); the trigger config notes this with a comment.
🤖 Generated with Claude Code
From Greptile review of #365: the
mcp_deployCloud Build trigger runs as the default Compute Engine SA (broad permissions).iam.tfalready provisionsbuild_system_sadescribed as the CI/CD identity, but it is unused by this trigger.Unit of work (least-privilege rollout, needs testing — not a drive-by):
build_system_sa:roles/artifactregistry.writeroncloud-run-source-deploy,roles/run.developeronthoughtbox-mcp,roles/iam.serviceAccountUseronagent-runner-sa(runtime SA),roles/logging.logWriter.google_cloudbuild_trigger.mcp_deploy.service_accounttogoogle_service_account.build_system.id.Context:
infra/gcp/mcp-service.tf(SPEC-V1-INITIATIVE Phase 1.1); the trigger config notes this with a comment.🤖 Generated with Claude Code