step-security/harden-runner
1
0
Fork 0
mirror of https://github.com/step-security/harden-runner.git synced 2026-06-08 00:17:05 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update dist folder

Browse source
This commit is contained in:
Varun Sharma 2022-04-22 06:04:20 -07:00
commit c13871cb18
6 changed files with 119 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

38
dist/index.js vendored
View file

@ -1699,6 +1699,39 @@ function printInfo(web_url) {
// EXTERNAL MODULE: ./node_modules/@actions/core/lib/core.js
var core = __nccwpck_require__(186);
;// CONCATENATED MODULE: external "node:fs"
const external_node_fs_namespaceObject = require("node:fs");
;// CONCATENATED MODULE: ./node_modules/is-docker/index.js
let isDockerCached;
function hasDockerEnv() {
try {
external_node_fs_namespaceObject.statSync('/.dockerenv');
return true;
} catch {
return false;
}
}
function hasDockerCGroup() {
try {
return external_node_fs_namespaceObject.readFileSync('/proc/self/cgroup', 'utf8').includes('docker');
} catch {
return false;
}
}
function isDocker() {
// TODO: Use `??=` when targeting Node.js 16.
if (isDockerCached === undefined) {
isDockerCached = hasDockerEnv() || hasDockerCGroup();
}
return isDockerCached;
}
;// CONCATENATED MODULE: ./src/index.ts
var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
@ -1711,11 +1744,16 @@ var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _argume
};
(() => __awaiter(void 0, void 0, void 0, function* () {
if (process.platform !== "linux") {
console.log("Only runs on linux");
return;
}
if (isDocker()) {
console.log("StepSecurity Harden Runner does not run inside a Docker container");
return;
}
if (core.getBooleanInput("disable-telemetry") &&
core.getInput("egress-policy") === "block") {
console.log("Telemetry will not be sent to StepSecurity API as disable-telemetry is set to true");

2
dist/index.js.map vendored
View file

File diff suppressed because one or more lines are too long

38
dist/post/index.js vendored
View file

@ -1697,6 +1697,39 @@ var external_fs_ = __nccwpck_require__(747);
const external_child_process_namespaceObject = require("child_process");
// EXTERNAL MODULE: ./node_modules/@actions/core/lib/core.js
var core = __nccwpck_require__(186);
;// CONCATENATED MODULE: external "node:fs"
const external_node_fs_namespaceObject = require("node:fs");
;// CONCATENATED MODULE: ./node_modules/is-docker/index.js
let isDockerCached;
function hasDockerEnv() {
try {
external_node_fs_namespaceObject.statSync('/.dockerenv');
return true;
} catch {
return false;
}
}
function hasDockerCGroup() {
try {
return external_node_fs_namespaceObject.readFileSync('/proc/self/cgroup', 'utf8').includes('docker');
} catch {
return false;
}
}
function isDocker() {
// TODO: Use `??=` when targeting Node.js 16.
if (isDockerCached === undefined) {
isDockerCached = hasDockerEnv() || hasDockerCGroup();
}
return isDockerCached;
}
;// CONCATENATED MODULE: ./src/cleanup.ts
var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
@ -1710,11 +1743,16 @@ var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _argume
(() => __awaiter(void 0, void 0, void 0, function* () {
if (process.platform !== "linux") {
console.log("Only runs on linux");
return;
}
if (isDocker()) {
console.log("StepSecurity Harden Runner does not run inside a Docker container");
return;
}
external_fs_.writeFileSync("/home/agent/post_event.json", JSON.stringify({ event: "post" }));
var doneFile = "/home/agent/done.json";
var counter = 0;

2
dist/post/index.js.map vendored
View file

File diff suppressed because one or more lines are too long

42
dist/pre/index.js vendored
View file

@ -6272,13 +6272,46 @@ function verifyChecksum(downloadPath) {
const checksum = external_crypto_.createHash("sha256")
.update(fileBuffer)
.digest("hex"); // checksum of downloaded file
const expectedChecksum = "8a8d304cb1e413f0fd2c1dffacefc0d91ba693eee2040f4ea7893ef29f3f10b1"; // checksum for v0.9.1
const expectedChecksum = "fe2d9c22b10981aefc694525f2f4529e69bf5c30677e90387c26df7aad3f1b8f"; // checksum for v0.9.2
if (checksum !== expectedChecksum) {
core.setFailed(`Checksum verification failed, expected ${expectedChecksum} instead got ${checksum}`);
}
core.debug("Checksum verification passed.");
}
;// CONCATENATED MODULE: external "node:fs"
const external_node_fs_namespaceObject = require("node:fs");
;// CONCATENATED MODULE: ./node_modules/is-docker/index.js
let isDockerCached;
function hasDockerEnv() {
try {
external_node_fs_namespaceObject.statSync('/.dockerenv');
return true;
} catch {
return false;
}
}
function hasDockerCGroup() {
try {
return external_node_fs_namespaceObject.readFileSync('/proc/self/cgroup', 'utf8').includes('docker');
} catch {
return false;
}
}
function isDocker() {
// TODO: Use `??=` when targeting Node.js 16.
if (isDockerCached === undefined) {
isDockerCached = hasDockerEnv() || hasDockerCGroup();
}
return isDockerCached;
}
;// CONCATENATED MODULE: ./src/setup.ts
var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
@ -6298,12 +6331,17 @@ var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _argume
(() => __awaiter(void 0, void 0, void 0, function* () {
try {
if (process.platform !== "linux") {
console.log("Only runs on linux");
return;
}
if (isDocker()) {
console.log("StepSecurity Harden Runner does not run inside a Docker container");
return;
}
var correlation_id = v4();
var env = "agent";
var api_url = `https://${env}.api.stepsecurity.io/v1`;
@ -6343,7 +6381,7 @@ var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _argume
// Note: to avoid github rate limiting
let token = core.getInput("token");
let auth = `token ${token}`;
const downloadPath = yield tool_cache.downloadTool("https://github.com/step-security/agent/releases/download/v0.9.1/agent_0.9.1_linux_amd64.tar.gz", undefined, auth);
const downloadPath = yield tool_cache.downloadTool("https://github.com/step-security/agent/releases/download/v0.9.2/agent_0.9.2_linux_amd64.tar.gz", undefined, auth);
verifyChecksum(downloadPath); // NOTE: verifying agent's checksum, before extracting
const extractPath = yield tool_cache.extractTar(downloadPath);
console.log(`Step Security Job Correlation ID: ${correlation_id}`);

2
dist/pre/index.js.map vendored
View file

File diff suppressed because one or more lines are too long