JarLob
commented
1 year ago There is a post step of the action that runs in the end of the job. You can read more about the GitHub Actions feature here.
However it doesn't do any uninstall because the VM that runs the job is supposed to be disposed and not reused. As far as I know in case of self-hosted runners the responsibility for isolating the execution environment is left to the user. I'm not sure if it a common practice for self-hosted runners to persist any changes to the system between runs. I have a feeling this may lead if not to security issues, then to non reproducible issue at least.
I'm not sure if this is expected, but each time the action is ran, the setup.sh attempts to install but fails upon adding mitmproxyuser since it exists already. Since I don't see any teardown in the code anywhere I assume it's not meant to attempt to install every time? Or should it be used with containers?
Edit for clarity/context: Self-hosted Ubuntu runner, Enterprise server.