Open tippmar-nr opened 1 month ago
@tippmar-nr thanks for reporting this and using harden-runner! I will look at the workflow run and investigate.
@tippmar-nr I noticed the https://github.com/tippmar-nr/testing repo no longer exists. Can you please share the workflows you used? Thanks!
@varunsh-coder Sorry about that - my testing repo was set to private instead of public. You should be able to access it now. Thanks for taking a look!
This is because harden-runner is unable to resolve domain: host.docker.internal
https://github.com/tippmar-nr/testing/actions/runs/9210727454/job/25338401257#step:12:56
This will need a fix to resolve domains that point to internal IP addresses.
Thanks for the update. I probably should have looked through the workflow output a bit more to identify that specific issue.
I'm not sure where the problem lies, but there's some odd interaction between the
harden-runner
action and medyagh/setup-minikube.If I add harden-runner with
egress-policy: audit
, thesetup-minikube
step doesn't fully install and configure Minikube.A sample workflow run showing the with and without behavior is available here: https://github.com/tippmar-nr/testing/actions/runs/9210727454 -- with harden-runner, the job runs for several minutes and emits a lot of odd messages, before finally failing because Minikube isn't running correctly. Without harden-runner, the job runs for just a couple of minutes and behaves exactly as it should.
Would appreciate any guidance or troubleshooting tips. Thanks!