diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2022-11-27 09:12:31 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-11-27 09:12:31 +0100 |
commit | 56ba1d2271ff21d1104943162704c662c7c9004f (patch) | |
tree | d135f63fbe2a5d262f5eff50fbf637ce637a9159 /.github/workflows/build.yml | |
parent | Workflows: Change egress-policy to block (diff) | |
download | firejail-56ba1d2271ff21d1104943162704c662c7c9004f.tar.gz firejail-56ba1d2271ff21d1104943162704c662c7c9004f.tar.zst firejail-56ba1d2271ff21d1104943162704c662c7c9004f.zip |
Workflows: Change egress-policy to block (#5485)
Diffstat (limited to '.github/workflows/build.yml')
-rw-r--r-- | .github/workflows/build.yml | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 3119f59b9..3e556b78d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml | |||
@@ -44,8 +44,16 @@ jobs: | |||
44 | - name: Harden Runner | 44 | - name: Harden Runner |
45 | uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 | 45 | uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 |
46 | with: | 46 | with: |
47 | egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs | 47 | egress-policy: block |
48 | 48 | allowed-endpoints: > | |
49 | azure.archive.ubuntu.com:80 | ||
50 | debian.org:80 | ||
51 | github.com:443 | ||
52 | packages.microsoft.com:443 | ||
53 | ppa.launchpadcontent.net:443 | ||
54 | www.debian.org:443 | ||
55 | www.debian.org:80 | ||
56 | yahoo.com:1025 | ||
49 | - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 | 57 | - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 |
50 | - name: update package information | 58 | - name: update package information |
51 | run: sudo apt-get update | 59 | run: sudo apt-get update |