-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathaction.yml
42 lines (33 loc) · 1.31 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
name: Bullfrog Secure Runner
description: "Block unauthorized outbound traffic (egress) in your Github workflows"
inputs:
allowed-ips:
description: "List of allowed IP addresses for outbound connections."
allowed-domains:
description: "List of allowed domains for outbound connections."
dns-policy:
description: "DNS policy to enforce when egress-policy is set to 'block'. Options: 'allowed-domains-only' (default) or 'any'."
default: "allowed-domains-only"
egress-policy:
description: "The egress policy to enforce. Options: 'audit' (default) or 'block'."
type: string
default: "audit"
enable-sudo:
description: "Enable this option to allow steps to execute commands with sudo. Options: 'true' (default) or 'false'."
type: boolean
default: true
_agent-download-base-url:
description: "(Internal) Base URL for fetching the agent binary. This is useful for testing changes in a fork. The URL should end with a slash."
type: string
default: "https://github.com/bullfrogsec/bullfrog/releases/download/"
_log-directory:
description: "(Internal) Directory to store log files."
type: string
default: ${{ runner.temp }}/agent-logs
runs:
using: "node20"
main: "action/dist/main.js"
post: "action/dist/post.js"
branding:
icon: "shield"
color: "green"