Comments (2)
I'll close since this seems to have been broader and the dns fixed.
from harden-runner.
Hi @ben-manes, thanks for reporting the issue!
The current logic is that in block
mode, harden-runner tries to resolve each of the allowed domains in the pre
step. It reverts the agent (in the pre
step) if it cannot resolve even one of them (maybe because the domain has a typo and is incorrect, or it cannot be resolved at that time). Once the agent is reverted (maybe uninstalled
would be a better term), the hosted runner handles all DNS calls. So, in this case, the job did not fail because of harden runner. As you mentioned, there was probably a broader DNS issue.
Please let me know if you have feedback on the current logic, and we can improve it.
from harden-runner.
Related Issues (20)
- Support comments in allowed endpoints
- Enable setting allowed-endpoints via insights website HOT 6
- Unexpected blockage of multicast socket HOT 2
- Investigate run statnett/image-scanner-operator - 3953485836 HOT 1
- Support wildcard domains HOT 10
- Do not show `api.snapcraft.io` in insights report HOT 1
- Call to internal domains are blocked when using TestContainers HOT 1
- Docker build fails with update to 2.2.0 HOT 3
- Enable storing harden-runner policy in a separate file
- Logo in build summary is not readable on the Dark Theme HOT 4
- Remove reference to `context.payload.repository` HOT 1
- Surface audit log of changes to policy store
- Harden-Runner step should not fail when the workflow is running in ARC HOT 1
- Add a way to exempt specific files for some workflows for overwrite detection
- Please whitelist *.actions.githubusercontent.com HOT 8
- Tracking: Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20
- Harden Runner breaks `medyagh/setup-minikube` HOT 5
- Feature request: make egress-policy: audit the default HOT 1
- Bug: egress-policy: audit seems to be blocking github status api calls HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from harden-runner.