step-security/harden-runner
1
0
Fork 0
mirror of https://github.com/step-security/harden-runner.git synced 2026-06-06 01:47:05 +00:00
Code Issues Projects Releases Packages Wiki Activity

Mask api-key in logs and print policy name when found

Browse source
This commit is contained in:
Varun Sharma 2026-04-03 22:20:59 -07:00
commit 74e0b3a07e
4 changed files with 11 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
dist/pre/index.js vendored
View file

@ -85728,6 +85728,9 @@ var setup_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _ar
api_key: lib_core.getInput("api-key"),
use_policy_store: lib_core.getBooleanInput("use-policy-store"),
};
if (confg.api_key !== "") {
lib_core.setSecret(confg.api_key);
}
let policyName = lib_core.getInput("policy");
if (confg.use_policy_store) {
console.log(`Fetching policy from policy store`);
@ -85740,6 +85743,7 @@ var setup_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _ar
const workflow = process.env["GITHUB_WORKFLOW"] || "";
let result = yield fetchPolicyFromStore(github.context.repo.owner, repoName, confg.api_key, workflow, confg.run_id, confg.correlation_id);
if (result !== null) {
lib_core.info(`Policy found: ${result.policy_name || "unnamed"}`);
confg = mergeConfigs(confg, result);
}
else {

2
dist/pre/index.js.map vendored
View file

File diff suppressed because one or more lines are too long

1
src/interfaces.ts
View file

@ -28,4 +28,5 @@ export interface PolicyResponse {
disable_file_monitoring?: boolean;
disable_telemetry?: boolean;
egress_policy?: string;
policy_name?: string;
}

5
src/setup.ts
View file

@ -91,6 +91,10 @@ interface MonitorResponse {
use_policy_store: core.getBooleanInput("use-policy-store"),
};
if (confg.api_key !== "") {
core.setSecret(confg.api_key);
}
let policyName = core.getInput("policy");
if (confg.use_policy_store) {
console.log(`Fetching policy from policy store`);
@ -109,6 +113,7 @@ interface MonitorResponse {
confg.correlation_id
);
if (result !== null) {
core.info(`Policy found: ${result.policy_name || "unnamed"}`);
confg = mergeConfigs(confg, result);
} else {
core.info("No policy found in policy store. Defaulting to audit mode.");