Skip to content

Commit

Permalink
added default domains
Browse files Browse the repository at this point in the history
  • Loading branch information
raianand committed Feb 14, 2024
1 parent 4cb2493 commit 838972a
Show file tree
Hide file tree
Showing 2 changed files with 104 additions and 2 deletions.
53 changes: 52 additions & 1 deletion dist/index.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

53 changes: 52 additions & 1 deletion src/intercept.js
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,55 @@ import ruamel.yaml
FILE_WORKERS = 5
default_egress_rules_yaml = """
- name: 'Reqd by Github Action - Needed for essential operations'
domain: 'github.com'
action: 'allow'
- name: 'Reqd by Github Action - Needed for essential operations'
domain: 'api.github.com'
action: 'allow'
- name: 'Reqd by Github Action - Needed for essential operations'
domain: '*.actions.githubusercontent.com'
action: 'allow'
- name: 'Reqd by Github Action - Needed for downloading actions'
domain: 'codeload.github.com'
action: 'allow'
- name: 'Reqd by Github Action - Needed for uploading/downloading job summaries, logs, workflow artifacts, and caches'
domain: 'results-receiver.actions.githubusercontent.com'
action: 'allow'
- name: 'Reqd by Github Action - Needed for uploading/downloading job summaries, logs, workflow artifacts, and caches'
domain: '*.blob.core.windows.net'
action: 'allow'
- name: 'Reqd by Github Action - Needed for runner version updates'
domain: 'objects.githubusercontent.com'
action: 'allow'
- name: 'Reqd by Github Action - Needed for runner version updates'
domain: 'objects-origin.githubusercontent.com'
action: 'allow'
- name: 'Reqd by Github Action - Needed for runner version updates'
domain: 'github-releases.githubusercontent.com'
action: 'allow'
- name: 'Reqd by Github Action - Needed for runner version updates'
domain: 'github-registry-files.githubusercontent.com'
action: 'allow'
- name: 'Reqd by Github Action - Needed for retrieving OIDC tokens'
domain: '*.actions.githubusercontent.com'
action: 'allow'
- name : 'Reqd by Github Action - Needed for downloading or publishing packages or containers to GitHub Packages'
domain: '*.pkg.github.com'
action: 'allow'
- name : 'Reqd by Github Action - Needed for downloading or publishing packages or containers to GitHub Packages'
domain: 'ghcr.io'
action: 'allow'
- name: 'Reqd by Github Action - Needed for Git Large File Storage'
domain: 'github-cloud.githubusercontent.com'
action: 'allow'
- name: 'Reqd by Github Action - Needed for Git Large File Storage'
domain: 'github-cloud.s3.amazonaws.com'
action: 'allow'
"""
class Interceptor:
def __init__(self):
self.outfile = None
Expand All @@ -33,7 +82,9 @@ class Interceptor:
with open('/home/${boltUser}/egress_rules.yaml', 'r') as file:
yaml = ruamel.yaml.YAML(typ="safe", pure=True)
self.egress_rules = yaml.load(file)
default_egress_rules = yaml.load(default_egress_rules_yaml)
self.egress_rules = self.egress_rules + default_egress_rules
def done(self):
self.queue.join()
if self.outfile:
Expand Down

0 comments on commit 838972a

Please sign in to comment.