step-security/harden-runner
1
0
Fork 0
mirror of synced 2026-06-05 14:28:19 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #622 from step-security/feature/custom-property-skip

Browse source 
Feature/custom property skip
This commit is contained in:
Varun Sharma 2025-12-09 11:28:11 -08:00 committed by GitHub
commit 20cf305ff2
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
9 changed files with 8736 additions and 117 deletions
Download patch file Download diff file Expand all files Collapse all files

4288
dist/index.js vendored
View file

File diff suppressed because it is too large Load diff

2
dist/index.js.map vendored
View file

File diff suppressed because one or more lines are too long

4292
dist/post/index.js vendored
View file

File diff suppressed because it is too large Load diff

2
dist/post/index.js.map vendored
View file

File diff suppressed because one or more lines are too long

13
dist/pre/index.js vendored
View file

@ -85609,9 +85609,14 @@ var setup_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _ar
(() => setup_awaiter(void 0, void 0, void 0, function* () {
var _a, _b;
var _a, _b, _c, _d;
try {
console.log("[harden-runner] pre-step");
const customProperties = ((_b = (_a = github.context === null || github.context === void 0 ? void 0 : github.context.payload) === null || _a === void 0 ? void 0 : _a.repository) === null || _b === void 0 ? void 0 : _b.custom_properties) || {};
if (customProperties["skip-harden-runner"] === "true") {
console.log("Skipping harden-runner: custom property 'skip-harden-runner' is set to 'true'");
return;
}
if (process.platform !== "linux") {
console.log(UBUNTU_MESSAGE);
return;
@ -85635,7 +85640,7 @@ var setup_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _ar
disable_sudo: lib_core.getBooleanInput("disable-sudo"),
disable_sudo_and_containers: lib_core.getBooleanInput("disable-sudo-and-containers"),
disable_file_monitoring: lib_core.getBooleanInput("disable-file-monitoring"),
private: ((_b = (_a = github.context === null || github.context === void 0 ? void 0 : github.context.payload) === null || _a === void 0 ? void 0 : _a.repository) === null || _b === void 0 ? void 0 : _b.private) || false,
private: ((_d = (_c = github.context === null || github.context === void 0 ? void 0 : github.context.payload) === null || _c === void 0 ? void 0 : _c.repository) === null || _d === void 0 ? void 0 : _d.private) || false,
is_github_hosted: isGithubHosted(),
is_debug: lib_core.isDebug(),
one_time_key: "",
@ -85775,6 +85780,10 @@ var setup_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _ar
}
return;
}
if (isGithubHosted() && external_fs_.existsSync("/home/agent/agent.status")) {
console.log("Agent already installed, skipping installation");
return;
}
let _http = new lib.HttpClient();
let statusCode;
_http.requestOptions = { socketTimeout: 3 * 1000 };

2
dist/pre/index.js.map vendored
View file

File diff suppressed because one or more lines are too long

12
src/cleanup.ts
View file

@ -4,9 +4,16 @@ import * as common from "./common";
import isDocker from "is-docker";
import { isARCRunner } from "./arc-runner";
import { isGithubHosted } from "./tls-inspect";
import { context } from "@actions/github";
(async () => {
console.log("[harden-runner] post-step");
const customProperties = context?.payload?.repository?.custom_properties || {};
if (customProperties["skip-harden-runner"] === "true") {
console.log("Skipping harden-runner: custom property 'skip-harden-runner' is set to 'true'");
return;
}
if (process.platform !== "linux") {
console.log(common.UBUNTU_MESSAGE);
return;
@ -41,6 +48,11 @@ import { isGithubHosted } from "./tls-inspect";
return;
}
if (isGithubHosted() && fs.existsSync("/home/agent/post_event.json")) {
console.log("Post step already executed, skipping");
return;
}
fs.writeFileSync(
"/home/agent/post_event.json",
JSON.stringify({ event: "post" })

7
src/index.ts
View file

@ -3,9 +3,16 @@ import * as core from "@actions/core";
import isDocker from "is-docker";
import { STEPSECURITY_WEB_URL } from "./configs";
import { isGithubHosted } from "./tls-inspect";
import { context } from "@actions/github";
(async () => {
console.log("[harden-runner] main-step");
const customProperties = context?.payload?.repository?.custom_properties || {};
if (customProperties["skip-harden-runner"] === "true") {
console.log("Skipping harden-runner: custom property 'skip-harden-runner' is set to 'true'");
return;
}
if (process.platform !== "linux") {
console.log(common.UBUNTU_MESSAGE);
return;

11
src/setup.ts
View file

@ -39,6 +39,12 @@ interface MonitorResponse {
try {
console.log("[harden-runner] pre-step");
const customProperties = context?.payload?.repository?.custom_properties || {};
if (customProperties["skip-harden-runner"] === "true") {
console.log("Skipping harden-runner: custom property 'skip-harden-runner' is set to 'true'");
return;
}
if (process.platform !== "linux") {
console.log(common.UBUNTU_MESSAGE);
return;
@ -257,6 +263,11 @@ interface MonitorResponse {
return;
}
if (isGithubHosted() && fs.existsSync("/home/agent/agent.status")) {
console.log("Agent already installed, skipping installation");
return;
}
let _http = new httpm.HttpClient();
let statusCode: number | undefined;
_http.requestOptions = { socketTimeout: 3 * 1000 };