extern/zabbix-docker
1
0
Fork 0
mirror of https://github.com/zabbix/zabbix-docker.git synced 2025-05-31 23:26:16 +02:00
Code Issues Packages Projects Releases Wiki Activity

Prepare universal workflow

Browse Source
This commit is contained in:
Alexey Pustovalov 2024-02-09 03:12:25 +09:00
parent 7563ef8f61
commit 524dc39215
1 changed files with 1 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
.github/workflows/images_build.yml vendored
View File

@ -462,8 +462,7 @@ jobs:
permissions: permissions:
contents: read contents: read
steps: steps:
- name: Block egress traffic (alpine) - name: Block egress traffic
if: ${{ matrix.os == 'alpine' }}
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with: with:
disable-sudo: true disable-sudo: true
@ -480,14 +479,6 @@ jobs:
objects.githubusercontent.com:443 objects.githubusercontent.com:443
tuf-repo-cdn.sigstore.dev:443 tuf-repo-cdn.sigstore.dev:443
rekor.sigstore.dev:443 rekor.sigstore.dev:443
- name: Block egress traffic (centos)
if: ${{ matrix.os == 'centos' }}
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443 api.github.com:443
atl.mirrors.knownhost.com:443 atl.mirrors.knownhost.com:443
atl.mirrors.knownhost.com:80 atl.mirrors.knownhost.com:80
@ -559,14 +550,6 @@ jobs:
objects.githubusercontent.com:443 objects.githubusercontent.com:443
tuf-repo-cdn.sigstore.dev:443 tuf-repo-cdn.sigstore.dev:443
rekor.sigstore.dev:443 rekor.sigstore.dev:443
- name: Block egress traffic (ol)
if: ${{ matrix.os == 'ol' }}
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443 api.github.com:443
auth.docker.io:443 auth.docker.io:443
github.com:443 github.com:443
@ -578,14 +561,6 @@ jobs:
objects.githubusercontent.com:443 objects.githubusercontent.com:443
tuf-repo-cdn.sigstore.dev:443 tuf-repo-cdn.sigstore.dev:443
rekor.sigstore.dev:443 rekor.sigstore.dev:443
- name: Block egress traffic (ubuntu)
if: ${{ matrix.os == 'ubuntu' }}
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443 api.github.com:443
archive.ubuntu.com:80 archive.ubuntu.com:80
auth.docker.io:443 auth.docker.io:443