Merge branch 'rc-v2.6.1' into markdown

Update markdown
2026-06-06 09:17:06 +00:00 · 2023-10-27 15:26:34 -07:00 · 2023-10-27 13:37:20 -07:00 · 2023-10-27 13:19:55 -07:00 · 2023-10-27 12:58:37 -07:00
8 changed files with 77 additions and 45 deletions
--- a/dist/index.js
+++ b/dist/index.js
@ -2913,8 +2913,8 @@ function addSummary() {
        if (tableEntries.length === 0) {
            return;
        }
-        const insightsRow = `<h4><a href="${insights_url}">View Full Runtime Security Report & Recommended Policy</a></h4>`;
-        yield core.summary.addSeparator().addRaw(`<h2>StepSecurity Report</h2>`);
+        const insightsRow = `<p><b><a href="${insights_url}">📄 View Full Runtime Security Report & Recommended Policy</a></b></p>`;
+        yield core.summary.addSeparator().addRaw(`<h2>🛡 StepSecurity Report</h2>`);
        tableEntries.sort((a, b) => {
            if (a.status === "❌ Blocked" && b.status !== "❌ Blocked") {
                return -1;
@ -2928,8 +2928,9 @@ function addSummary() {
        });
        tableEntries = tableEntries.slice(0, 3);
        yield core.summary.addRaw(`
-  <p>Preview of the network events that occurred on the GitHub-hosted runner during this workflow run.</p>
-  <h3>🌐 Network Events</h3>
+  <blockquote>
+  <p>Preview of the outbound network calls during this workflow run.</p></blockquote>
+  <h3>Network Events</h3>
  <table>
    <thead>
      <tr>
@ -2941,22 +2942,22 @@ function addSummary() {
    <tbody>
      ${tableEntries
            .map((entry) => `<tr>
-          <td>${entry.process}</td>
+          <td><code>${entry.process}</code></td>
          <td>${entry.domain.replace(/\.$/, "")}</td>
          <td>${entry.status}</td>
        </tr>`)
            .join("")}
      <tr>
-        <td>...</td>
-        <td>...</td>
-        <td>...</td>
+        <td><code>...</code></td>
+        <td><code>...</code></td>
+        <td><code>...</code></td>
      </tr>
    </tbody>
  </table>
  ${insightsRow}
 `);
        yield core.summary
-            .addRaw(`<p>Markdown generated by the <a href="https://github.com/step-security/harden-runner">Harden-Runner GitHub Action</a></p>`)
+            .addRaw(`<p><i>Markdown generated by the <a href="https://github.com/step-security/harden-runner">Harden-Runner GitHub Action</a>.</i></p>`)
            .addSeparator()
            .write();
    });
--- a/dist/index.js.map
+++ b/dist/index.js.map
--- a/dist/post/index.js
+++ b/dist/post/index.js
@ -61211,8 +61211,8 @@ function addSummary() {
        if (tableEntries.length === 0) {
            return;
        }
-        const insightsRow = `<h4><a href="${insights_url}">View Full Runtime Security Report & Recommended Policy</a></h4>`;
-        yield core.summary.addSeparator().addRaw(`<h2>StepSecurity Report</h2>`);
+        const insightsRow = `<p><b><a href="${insights_url}">📄 View Full Runtime Security Report & Recommended Policy</a></b></p>`;
+        yield core.summary.addSeparator().addRaw(`<h2>🛡 StepSecurity Report</h2>`);
        tableEntries.sort((a, b) => {
            if (a.status === "❌ Blocked" && b.status !== "❌ Blocked") {
                return -1;
@ -61226,8 +61226,9 @@ function addSummary() {
        });
        tableEntries = tableEntries.slice(0, 3);
        yield core.summary.addRaw(`
-  <p>Preview of the network events that occurred on the GitHub-hosted runner during this workflow run.</p>
-  <h3>🌐 Network Events</h3>
+  <blockquote>
+  <p>Preview of the outbound network calls during this workflow run.</p></blockquote>
+  <h3>Network Events</h3>
  <table>
    <thead>
      <tr>
@ -61239,21 +61240,21 @@ function addSummary() {
    <tbody>
      ${tableEntries
            .map((entry) => `<tr>
-          <td>${entry.process}</td>
+          <td><code>${entry.process}</code></td>
          <td>${entry.domain.replace(/\.$/, "")}</td>
          <td>${entry.status}</td>
        </tr>`)
            .join("")}
      <tr>
-        <td>...</td>
-        <td>...</td>
-        <td>...</td>
+        <td><code>...</code></td>
+        <td><code>...</code></td>
+        <td><code>...</code></td>
      </tr>
    </tbody>
  </table>
  ${insightsRow}
 `);
-        yield core.summary.addRaw(`<p>Markdown generated by the <a href="https://github.com/step-security/harden-runner">Harden-Runner GitHub Action</a></p>`)
+        yield core.summary.addRaw(`<p><i>Markdown generated by the <a href="https://github.com/step-security/harden-runner">Harden-Runner GitHub Action</a>.</i></p>`)
            .addSeparator()
            .write();
    });
@ -61322,12 +61323,21 @@ var external_path_ = __nccwpck_require__(5622);
 var external_path_default = /*#__PURE__*/__nccwpck_require__.n(external_path_);
 ;// CONCATENATED MODULE: ./src/arc-runner.ts

+
 function isArcRunner() {
    const runnerUserAgent = process.env["GITHUB_ACTIONS_RUNNER_EXTRA_USER_AGENT"];
+    let isARC = false;
    if (!runnerUserAgent) {
-        return false;
+        isARC = false;
    }
-    return runnerUserAgent.includes("actions-runner-controller/");
+    else {
+        isARC = runnerUserAgent.includes("actions-runner-controller/");
+    }
+    return isARC || isSecondaryPod();
+}
+function isSecondaryPod() {
+    const workDir = "/__w";
+    return external_fs_.existsSync(workDir);
 }
 function getRunnerTempDir() {
    const isTest = process.env["isTest"];
--- a/dist/post/index.js.map
+++ b/dist/post/index.js.map
--- a/dist/pre/index.js
+++ b/dist/pre/index.js
@ -69085,8 +69085,8 @@ function addSummary() {
        if (tableEntries.length === 0) {
            return;
        }
-        const insightsRow = `<h4><a href="${insights_url}">View Full Runtime Security Report & Recommended Policy</a></h4>`;
-        yield core.summary.addSeparator().addRaw(`<h2>StepSecurity Report</h2>`);
+        const insightsRow = `<p><b><a href="${insights_url}">📄 View Full Runtime Security Report & Recommended Policy</a></b></p>`;
+        yield core.summary.addSeparator().addRaw(`<h2>🛡 StepSecurity Report</h2>`);
        tableEntries.sort((a, b) => {
            if (a.status === "❌ Blocked" && b.status !== "❌ Blocked") {
                return -1;
@ -69100,8 +69100,9 @@ function addSummary() {
        });
        tableEntries = tableEntries.slice(0, 3);
        yield core.summary.addRaw(`
-  <p>Preview of the network events that occurred on the GitHub-hosted runner during this workflow run.</p>
-  <h3>🌐 Network Events</h3>
+  <blockquote>
+  <p>Preview of the outbound network calls during this workflow run.</p></blockquote>
+  <h3>Network Events</h3>
  <table>
    <thead>
      <tr>
@ -69113,22 +69114,22 @@ function addSummary() {
    <tbody>
      ${tableEntries
            .map((entry) => `<tr>
-          <td>${entry.process}</td>
+          <td><code>${entry.process}</code></td>
          <td>${entry.domain.replace(/\.$/, "")}</td>
          <td>${entry.status}</td>
        </tr>`)
            .join("")}
      <tr>
-        <td>...</td>
-        <td>...</td>
-        <td>...</td>
+        <td><code>...</code></td>
+        <td><code>...</code></td>
+        <td><code>...</code></td>
      </tr>
    </tbody>
  </table>
  ${insightsRow}
 `);
        yield core.summary
-            .addRaw(`<p>Markdown generated by the <a href="https://github.com/step-security/harden-runner">Harden-Runner GitHub Action</a></p>`)
+            .addRaw(`<p><i>Markdown generated by the <a href="https://github.com/step-security/harden-runner">Harden-Runner GitHub Action</a>.</i></p>`)
            .addSeparator()
            .write();
    });
@ -69286,12 +69287,21 @@ var cacheHttpClient = __nccwpck_require__(8245);
 var cacheUtils = __nccwpck_require__(1518);
 ;// CONCATENATED MODULE: ./src/arc-runner.ts

+
 function isArcRunner() {
    const runnerUserAgent = process.env["GITHUB_ACTIONS_RUNNER_EXTRA_USER_AGENT"];
+    let isARC = false;
    if (!runnerUserAgent) {
-        return false;
+        isARC = false;
    }
-    return runnerUserAgent.includes("actions-runner-controller/");
+    else {
+        isARC = runnerUserAgent.includes("actions-runner-controller/");
+    }
+    return isARC || isSecondaryPod();
+}
+function isSecondaryPod() {
+    const workDir = "/__w";
+    return external_fs_.existsSync(workDir);
 }
 function getRunnerTempDir() {
    const isTest = process.env["isTest"];
--- a/dist/pre/index.js.map
+++ b/dist/pre/index.js.map
--- a/src/arc-runner.ts
+++ b/src/arc-runner.ts
@ -1,14 +1,24 @@
 import * as cp from "child_process";
+import * as fs from "fs";
 import { sleep } from "./setup";

 export function isArcRunner(): boolean {
  const runnerUserAgent = process.env["GITHUB_ACTIONS_RUNNER_EXTRA_USER_AGENT"];

+  let isARC = false;
+
  if (!runnerUserAgent) {
-    return false;
+    isARC = false;
+  } else {
+    isARC = runnerUserAgent.includes("actions-runner-controller/");
  }

-  return runnerUserAgent.includes("actions-runner-controller/");
+  return isARC || isSecondaryPod();
+}
+
+function isSecondaryPod(): boolean {
+  const workDir = "/__w";
+  return fs.existsSync(workDir);
 }

 function getRunnerTempDir(): string {
--- a/src/common.ts
+++ b/src/common.ts
@ -101,9 +101,9 @@ export async function addSummary() {
    return;
  }

-  const insightsRow = `<h4><a href="${insights_url}">View Full Runtime Security Report & Recommended Policy</a></h4>`;
+  const insightsRow = `<p><b><a href="${insights_url}">📄 View Full Runtime Security Report & Recommended Policy</a></b></p>`;

-  await core.summary.addSeparator().addRaw(`<h2>StepSecurity Report</h2>`);
+  await core.summary.addSeparator().addRaw(`<h2>🛡 StepSecurity Report</h2>`);

  tableEntries.sort((a, b) => {
    if (a.status === "❌ Blocked" && b.status !== "❌ Blocked") {
@ -118,8 +118,9 @@ export async function addSummary() {
  tableEntries = tableEntries.slice(0, 3);

  await core.summary.addRaw(`
-  <p>Preview of the network events that occurred on the GitHub-hosted runner during this workflow run.</p>
-  <h3>🌐 Network Events</h3>
+  <blockquote>
+  <p>Preview of the outbound network calls during this workflow run.</p></blockquote>
+  <h3>Network Events</h3>
  <table>
    <thead>
      <tr>
@ -132,16 +133,16 @@ export async function addSummary() {
      ${tableEntries
        .map(
          (entry) => `<tr>
-          <td>${entry.process}</td>
+          <td><code>${entry.process}</code></td>
          <td>${entry.domain.replace(/\.$/, "")}</td>
          <td>${entry.status}</td>
        </tr>`
        )
        .join("")}
      <tr>
-        <td>...</td>
-        <td>...</td>
-        <td>...</td>
+        <td><code>...</code></td>
+        <td><code>...</code></td>
+        <td><code>...</code></td>
      </tr>
    </tbody>
  </table>
@ -150,7 +151,7 @@ export async function addSummary() {

  await core.summary
    .addRaw(
-      `<p>Markdown generated by the <a href="https://github.com/step-security/harden-runner">Harden-Runner GitHub Action</a></p>`
+      `<p><i>Markdown generated by the <a href="https://github.com/step-security/harden-runner">Harden-Runner GitHub Action</a>.</i></p>`
    )
    .addSeparator()
    .write();
Author	SHA1	Message	Date
Varun Sharma	fc9d972ad4	Merge branch 'rc-v2.6.1' into markdown	2023-10-27 15:26:34 -07:00
Varun Sharma	0827586e44	Update markdown	2023-10-27 13:37:20 -07:00
Varun Sharma	f5cfd3fe85	Update markdown	2023-10-27 13:19:55 -07:00
jatin	abb3730f28	Add k8s-mode detection (#345 )	2023-10-27 12:58:37 -07:00