From 4270ae068e231a4f0ea3a5b415aa46ddee54cd11 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 12 Feb 2024 01:11:17 +0900 Subject: [PATCH] Prepare universal workflow --- .github/workflows/images_build.yml | 130 +++++++++++++++++++---------- 1 file changed, 86 insertions(+), 44 deletions(-) diff --git a/.github/workflows/images_build.yml b/.github/workflows/images_build.yml index b68c53bb8..1a792109e 100644 --- a/.github/workflows/images_build.yml +++ b/.github/workflows/images_build.yml @@ -184,16 +184,20 @@ jobs: egress-policy: block allowed-endpoints: > api.github.com:443 + archive.ubuntu.com:443 archive.ubuntu.com:80 atl.mirrors.knownhost.com:443 atl.mirrors.knownhost.com:80 auth.docker.io:443 cdn03.quay.io:443 + centos-distro.1gservers.com:80 centos-stream-distro.1gservers.com:443 centos-stream-distro.1gservers.com:80 + centos.mirror.shastacoe.net:80 dfw.mirror.rackspace.com:443 dfw.mirror.rackspace.com:80 dl-cdn.alpinelinux.org:443 + dl.google.com:443 download.cf.centos.org:443 download.cf.centos.org:80 epel.mirror.constant.com:443 @@ -201,6 +205,8 @@ jobs: ftp-nyc.osuosl.org:80 ftp-osl.osuosl.org:443 ftp-osl.osuosl.org:80 + ftp.agdsn.de:443 + ftp.osuosl.org:80 ftp.plusline.net:443 ftp.plusline.net:80 ftpmirror.your.org:80 @@ -209,18 +215,23 @@ jobs: iad.mirror.rackspace.com:443 iad.mirror.rackspace.com:80 index.docker.io:443 + keyserver.ubuntu.com:11371 lesnet.mm.fcix.net:443 mirror-mci.yuki.net.uk:443 mirror-mci.yuki.net.uk:80 mirror.arizona.edu:443 mirror.arizona.edu:80 + mirror.ash.fastserv.com:80 mirror.dogado.de:443 mirror.dogado.de:80 + mirror.ette.biz:80 mirror.facebook.net:443 mirror.facebook.net:80 mirror.fcix.net:443 mirror.hoobly.com:443 + mirror.hoobly.com:80 mirror.math.princeton.edu:443 + mirror.metrocast.net:80 mirror.netzwerge.de:443 mirror.pilotfiber.com:443 mirror.pilotfiber.com:80 @@ -230,12 +241,14 @@ jobs: mirror.scaleuptech.com:80 mirror.servaxnet.com:443 mirror.servaxnet.com:80 + mirror.sfo12.us.leaseweb.net:80 mirror.siena.edu:80 mirror.stream.centos.org:443 mirror.stream.centos.org:80 mirror.team-cymru.com:443 mirror.team-cymru.com:80 mirror1.hs-esslingen.de:443 + mirrorlist.centos.org:80 mirrors.centos.org:443 mirrors.fedoraproject.org:443 mirrors.fedoraproject.org:80 @@ -246,24 +259,35 @@ jobs: mirrors.sonic.net:443 mirrors.wcupa.edu:443 mirrors.wcupa.edu:80 + mirrors.xtom.com:80 + mirrors.xtom.de:443 mirrors.xtom.de:80 na.edge.kernel.org:443 nocix.mm.fcix.net:443 oauth2.sigstore.dev:443 objects.githubusercontent.com:443 + ports.ubuntu.com:443 ports.ubuntu.com:80 production.cloudflare.docker.com:443 quay.io:443 registry-1.docker.io:443 rekor.sigstore.dev:443 repo.ialab.dsu.edu:443 + repo1.sea.innoscale.net:80 repos.eggycrew.com:443 repos.eggycrew.com:80 + scientificlinux.physik.uni-muenchen.de:80 + security.ubuntu.com:443 security.ubuntu.com:80 + southfront.mm.fcix.net:80 tuf-repo-cdn.sigstore.dev:443 + tx-mirror.tier.net:80 uvermont.mm.fcix.net:443 + volico.mm.fcix.net:80 + www.gtlib.gatech.edu:80 yum.oracle.com:443 ziply.mm.fcix.net:443 + ziply.mm.fcix.net:80 - name: Checkout repository uses: actions/checkout@v4 @@ -611,45 +635,63 @@ jobs: egress-policy: block allowed-endpoints: > api.github.com:443 - auth.docker.io:443 - dl-cdn.alpinelinux.org:443 - github.com:443 - index.docker.io:443 - production.cloudflare.docker.com:443 - registry-1.docker.io:443 - fulcio.sigstore.dev:443 - objects.githubusercontent.com:443 - tuf-repo-cdn.sigstore.dev:443 - rekor.sigstore.dev:443 - api.github.com:443 + archive.ubuntu.com:443 + archive.ubuntu.com:80 atl.mirrors.knownhost.com:443 atl.mirrors.knownhost.com:80 auth.docker.io:443 cdn03.quay.io:443 + centos-distro.1gservers.com:80 centos-stream-distro.1gservers.com:443 centos-stream-distro.1gservers.com:80 + centos.mirror.shastacoe.net:80 d2lzkl7pfhq30w.cloudfront.net:443 + deb.debian.org:80 + dfw.mirror.rackspace.com:443 + dfw.mirror.rackspace.com:80 + dl-cdn.alpinelinux.org:443 + dl.google.com:443 + download.cf.centos.org:443 + download.cf.centos.org:80 + epel.mirror.constant.com:443 epel.mirror.constant.com:80 forksystems.mm.fcix.net:80 ftp-nyc.osuosl.org:443 ftp-nyc.osuosl.org:80 ftp-osl.osuosl.org:443 ftp-osl.osuosl.org:80 + ftp.agdsn.de:443 + ftp.osuosl.org:80 + ftp.plusline.net:443 ftp.plusline.net:80 ftpmirror.your.org:80 + fulcio.sigstore.dev:443 github.com:443 iad.mirror.rackspace.com:443 + iad.mirror.rackspace.com:80 index.docker.io:443 ix-denver.mm.fcix.net:443 + keyserver.ubuntu.com:11371 + lesnet.mm.fcix.net:443 mirror-mci.yuki.net.uk:443 + mirror-mci.yuki.net.uk:80 mirror.23m.com:80 + mirror.arizona.edu:443 mirror.arizona.edu:80 + mirror.ash.fastserv.com:80 mirror.dal.nexril.net:80 mirror.de.leaseweb.net:80 + mirror.dogado.de:443 mirror.dogado.de:80 + mirror.ette.biz:80 + mirror.facebook.net:443 mirror.facebook.net:80 + mirror.fcix.net:443 + mirror.hoobly.com:443 mirror.hoobly.com:80 + mirror.math.princeton.edu:443 mirror.math.princeton.edu:80 + mirror.metrocast.net:80 mirror.netcologne.de:443 mirror.netzwerge.de:443 mirror.pilotfiber.com:443 @@ -657,70 +699,70 @@ jobs: mirror.rackspace.com:443 mirror.rackspace.com:80 mirror.scaleuptech.com:443 + mirror.scaleuptech.com:80 mirror.servaxnet.com:443 mirror.servaxnet.com:80 mirror.sfo12.us.leaseweb.net:80 mirror.siena.edu:80 mirror.steadfastnet.com:80 + mirror.stream.centos.org:443 + mirror.stream.centos.org:80 mirror.team-cymru.com:443 mirror.team-cymru.com:80 mirror.umd.edu:443 mirror1.hs-esslingen.de:443 + mirrorlist.centos.org:80 mirrors.centos.org:443 mirrors.fedoraproject.org:443 + mirrors.fedoraproject.org:80 mirrors.iu13.net:443 mirrors.iu13.net:80 + mirrors.mit.edu:443 mirrors.ocf.berkeley.edu:443 + mirrors.ocf.berkeley.edu:80 + mirrors.sonic.net:443 mirrors.sonic.net:80 mirrors.syringanetworks.net:80 mirrors.vcea.wsu.edu:80 + mirrors.wcupa.edu:443 mirrors.wcupa.edu:80 + mirrors.xtom.com:80 + mirrors.xtom.de:443 mirrors.xtom.de:80 na.edge.kernel.org:443 + nginx.org:443 + nginx.org:80 nnenix.mm.fcix.net:80 + nocix.mm.fcix.net:443 + oauth2.sigstore.dev:443 + objects.githubusercontent.com:443 ohioix.mm.fcix.net:80 + ports.ubuntu.com:443 + ports.ubuntu.com:80 production.cloudflare.docker.com:443 pubmirror1.math.uh.edu:443 pubmirror3.math.uh.edu:80 quay.io:443 registry-1.docker.io:443 + rekor.sigstore.dev:443 + repo.ialab.dsu.edu:443 repo.ialab.dsu.edu:80 + repo1.sea.innoscale.net:80 + repos.eggycrew.com:443 repos.eggycrew.com:80 - uvermont.mm.fcix.net:80 - ziply.mm.fcix.net:443 - fulcio.sigstore.dev:443 - objects.githubusercontent.com:443 - tuf-repo-cdn.sigstore.dev:443 - rekor.sigstore.dev:443 - oauth2.sigstore.dev:443 - api.github.com:443 - auth.docker.io:443 - github.com:443 - index.docker.io:443 - production.cloudflare.docker.com:443 - registry-1.docker.io:443 - yum.oracle.com:443 - fulcio.sigstore.dev:443 - objects.githubusercontent.com:443 - tuf-repo-cdn.sigstore.dev:443 - rekor.sigstore.dev:443 - api.github.com:443 - archive.ubuntu.com:80 - auth.docker.io:443 - deb.debian.org:80 - github.com:443 - index.docker.io:443 - keyserver.ubuntu.com:11371 - nginx.org:443 - nginx.org:80 - ports.ubuntu.com:80 - production.cloudflare.docker.com:443 - registry-1.docker.io:443 + scientificlinux.physik.uni-muenchen.de:80 + security.ubuntu.com:443 security.ubuntu.com:80 - fulcio.sigstore.dev:443 - objects.githubusercontent.com:443 + southfront.mm.fcix.net:80 tuf-repo-cdn.sigstore.dev:443 - rekor.sigstore.dev:443 + tx-mirror.tier.net:80 + uvermont.mm.fcix.net:443 + uvermont.mm.fcix.net:80 + volico.mm.fcix.net:80 + www.gtlib.gatech.edu:80 + yum.oracle.com:443 + ziply.mm.fcix.net:443 + ziply.mm.fcix.net:80 - name: Checkout repository uses: actions/checkout@v4