By default, it restricts DNS traffic which causes failure during VM setup:
Setting up VM
exec ssh: mkdir -p /home/runner/work && ln -s /home/runner/work/ work
/usr/bin/bash /home/runner/work/_actions/vmactions/freebsd-vm/v1.0.4/run.sh execSSH
Config file: freebsd-14.0.conf
Pseudo-terminal will not be allocated because stdin is not a terminal.
exec shell: bash run.sh installRsyncInVM
/usr/bin/bash
Config file: freebsd-14.0.conf
Updating FreeBSD repository catalogue...
pkg: No SRV record found for the repo 'FreeBSD'
pkg: packagesite URL error for pkg+http://pkg.freebsd.org/FreeBSD:14:amd64/quarterly/packagesite.pkg -- pkg+:// implies SRV mirror type
pkg: packagesite URL error for pkg+http://pkg.freebsd.org/FreeBSD:14:amd64/quarterly/packagesite.txz -- pkg+:// implies SRV mirror type
Unable to update repository FreeBSD
Error updating repositories!
exec shell: bash run.sh showDebugInfo
Action step-security/harden-runner helps prevent known security breaches in CI/CD environments.
By default, it restricts DNS traffic which causes failure during VM setup:
I've found, that changing
mirror_type
and URL format in package repos config should help, but I didn't verify it.Steps to reproduce
Minimal reproducible example: