Update agent to v1.8.3

2026-06-05 18:38:19 +00:00 · 2026-04-29 09:17:25 -07:00
11 changed files with 17 additions and 45 deletions
--- a/dist/index.js
+++ b/dist/index.js
@ -32046,7 +32046,6 @@ const HARDEN_RUNNER_UNAVAILABLE_MESSAGE = "Sorry, we are currently experiencing
 const ARC_RUNNER_MESSAGE = "Workflow is currently being executed in ARC based runner.";
 const ARM64_RUNNER_MESSAGE = "ARM runners are not supported in the Harden-Runner community tier.";
 const ARM64_WINDOWS_RUNNER_MESSAGE = "Windows ARM runners are not yet supported by Harden-Runner.";
-const UBUNTU_SLIM_MESSAGE = "This job is running on an ubuntu-slim runner. Harden Runner is not supported on ubuntu-slim runners. This job will not be monitored.";

 ;// CONCATENATED MODULE: external "node:fs"
 const external_node_fs_namespaceObject = require("node:fs");
--- a/dist/index.js.map
+++ b/dist/index.js.map
--- a/dist/post/index.js
+++ b/dist/post/index.js
@ -32052,7 +32052,6 @@ const HARDEN_RUNNER_UNAVAILABLE_MESSAGE = "Sorry, we are currently experiencing
 const ARC_RUNNER_MESSAGE = "Workflow is currently being executed in ARC based runner.";
 const ARM64_RUNNER_MESSAGE = "ARM runners are not supported in the Harden-Runner community tier.";
 const ARM64_WINDOWS_RUNNER_MESSAGE = "Windows ARM runners are not yet supported by Harden-Runner.";
-const UBUNTU_SLIM_MESSAGE = "This job is running on an ubuntu-slim runner. Harden Runner is not supported on ubuntu-slim runners. This job will not be monitored.";

 // EXTERNAL MODULE: external "path"
 var external_path_ = __nccwpck_require__(6928);
@ -32215,10 +32214,6 @@ var cleanup_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _
        console.log(CONTAINER_MESSAGE);
        return;
    }
-    if (isGithubHosted() && process.platform === "linux" && !process.env.USER) {
-        console.log(UBUNTU_SLIM_MESSAGE);
-        return;
-    }
    if (isARCRunner()) {
        console.log(`[!] ${ARC_RUNNER_MESSAGE}`);
        return;
--- a/dist/post/index.js.map
+++ b/dist/post/index.js.map
--- a/dist/pre/index.js
+++ b/dist/pre/index.js
@ -85171,7 +85171,6 @@ const HARDEN_RUNNER_UNAVAILABLE_MESSAGE = "Sorry, we are currently experiencing
 const ARC_RUNNER_MESSAGE = "Workflow is currently being executed in ARC based runner.";
 const ARM64_RUNNER_MESSAGE = "ARM runners are not supported in the Harden-Runner community tier.";
 const ARM64_WINDOWS_RUNNER_MESSAGE = "Windows ARM runners are not yet supported by Harden-Runner.";
-const UBUNTU_SLIM_MESSAGE = "This job is running on an ubuntu-slim runner. Harden Runner is not supported on ubuntu-slim runners. This job will not be monitored.";

 ;// CONCATENATED MODULE: external "node:fs"
 const external_node_fs_namespaceObject = require("node:fs");
@ -85456,15 +85455,15 @@ var external_crypto_ = __nccwpck_require__(6982);

 const CHECKSUMS = {
    tls: {
-        amd64: "d58a9c1c5245155ce4c71507a61e213a29925a7c39c0d20bfd00bef0d281bdbb",
-        arm64: "084fa95e74d17321dd1c37c93abeb8577e53ddf5266410e19f52aa79a02ae33e",
+        amd64: "27a3740c707b29dc3927e491543b9c10aa34fce714a608b7a3c4bc214f321170",
+        arm64: "d97ff4219f8f1f322ac9a886efcee3af73280927802a8552d0e8d3dba0a045e7",
    },
    non_tls: {
        amd64: "e38de61e1afd98dd339bb9acce4996183875d482be1638fb198ab02b3e25bbef", // v0.16.0
    },
    bravo: {
-        amd64: "495f607a891d89f12214849301f247bdca565afe67deb170fe7e5d6d361852ca",
-        arm64: "f96f66ab946097aae1fc887e12fe1cefcc5d510bce179221c7185374e4adf538",
+        amd64: "cac3e57d82837587949cf7c460443775150fb54fb380675c9754e21b2536d867",
+        arm64: "296ef00ba15c5fd6249d46380d213e729ed8980af7b71217999d4b6811ab2b9f",
    },
    darwin: "fe26a1f6af4afe9f1a854d8633832f5d18ab542827003cae445b3a64021d612c",
    windows: {
@ -85537,7 +85536,7 @@ function installAgent(isTLS, configStr) {
            encoding: "utf8",
        });
        if (isTLS) {
-            downloadPath = yield tool_cache.downloadTool(`https://github.com/step-security/agent-ebpf/releases/download/v1.8.6/harden-runner_1.8.6_linux_${variant}.tar.gz`, undefined, auth);
+            downloadPath = yield tool_cache.downloadTool(`https://github.com/step-security/agent-ebpf/releases/download/v1.8.3/harden-runner_1.8.3_linux_${variant}.tar.gz`, undefined, auth);
        }
        else {
            if (variant === "arm64") {
@ -85572,7 +85571,7 @@ function installAgentBravo(configStr) {
        const token = lib_core.getInput("token", { required: true });
        const auth = `token ${token}`;
        const variant = process.arch === "x64" ? "amd64" : "arm64";
-        const downloadPath = yield tool_cache.downloadTool(`https://github.com/step-security/agent-ebpf/releases/download/v1.8.6/harden-runner-bravo_1.8.6_linux_${variant}.tar.gz`, undefined, auth);
+        const downloadPath = yield tool_cache.downloadTool(`https://github.com/step-security/agent-ebpf/releases/download/v1.8.3/harden-runner-bravo_1.8.3_linux_${variant}.tar.gz`, undefined, auth);
        if (!verifyChecksum(downloadPath, true, variant, "linux", "bravo")) {
            return false;
        }
@ -85813,10 +85812,6 @@ var __rest = (undefined && undefined.__rest) || function (s, e) {
            console.log(CONTAINER_MESSAGE);
            return;
        }
-        if (isGithubHosted() && process.platform === "linux" && !process.env.USER) {
-            console.log(UBUNTU_SLIM_MESSAGE);
-            return;
-        }
        var correlation_id = v4();
        var api_url = configs_STEPSECURITY_API_URL;
        var web_url = STEPSECURITY_WEB_URL;
@ -85848,8 +85843,7 @@ var __rest = (undefined && undefined.__rest) || function (s, e) {
        if (confg.use_policy_store) {
            console.log(`Fetching policy from policy store`);
            if (confg.api_key === "") {
-                lib_core.warning("api-key is not set while use-policy-store is true. Defaulting to audit mode.");
-                confg.egress_policy = "audit";
+                lib_core.setFailed("api-key is required when use-policy-store is set to true");
            }
            else {
                try {
--- a/dist/pre/index.js.map
+++ b/dist/pre/index.js.map
--- a/src/checksum.ts
+++ b/src/checksum.ts
@ -4,15 +4,15 @@ import * as fs from "fs";

 export const CHECKSUMS = {
  tls: {
-    amd64: "d58a9c1c5245155ce4c71507a61e213a29925a7c39c0d20bfd00bef0d281bdbb", // v1.8.6
-    arm64: "084fa95e74d17321dd1c37c93abeb8577e53ddf5266410e19f52aa79a02ae33e",
+    amd64: "27a3740c707b29dc3927e491543b9c10aa34fce714a608b7a3c4bc214f321170", // v1.8.3
+    arm64: "d97ff4219f8f1f322ac9a886efcee3af73280927802a8552d0e8d3dba0a045e7",
  },
  non_tls: {
    amd64: "e38de61e1afd98dd339bb9acce4996183875d482be1638fb198ab02b3e25bbef", // v0.16.0
  },
  bravo: {
-    amd64: "495f607a891d89f12214849301f247bdca565afe67deb170fe7e5d6d361852ca", // v1.8.6
-    arm64: "f96f66ab946097aae1fc887e12fe1cefcc5d510bce179221c7185374e4adf538",
+    amd64: "cac3e57d82837587949cf7c460443775150fb54fb380675c9754e21b2536d867", // v1.8.3
+    arm64: "296ef00ba15c5fd6249d46380d213e729ed8980af7b71217999d4b6811ab2b9f",
  },
  darwin: "fe26a1f6af4afe9f1a854d8633832f5d18ab542827003cae445b3a64021d612c", // v0.0.5
  windows: {
--- a/src/cleanup.ts
+++ b/src/cleanup.ts
@ -26,11 +26,6 @@ import { isPlatformSupported, isAgentInstalled, detectThirdPartyRunnerProvider }
    return;
  }

-  if (isGithubHosted() && process.platform === "linux" && !process.env.USER) {
-    console.log(common.UBUNTU_SLIM_MESSAGE);
-    return;
-  }
-
  if (isARCRunner()) {
    console.log(`[!] ${common.ARC_RUNNER_MESSAGE}`);
    return;
--- a/src/common.ts
+++ b/src/common.ts
@ -148,6 +148,3 @@ export const ARM64_RUNNER_MESSAGE =

 export const ARM64_WINDOWS_RUNNER_MESSAGE =
  "Windows ARM runners are not yet supported by Harden-Runner.";
-
-export const UBUNTU_SLIM_MESSAGE =
-  "This job is running on an ubuntu-slim runner. Harden Runner is not supported on ubuntu-slim runners. This job will not be monitored.";
--- a/src/install-agent.ts
+++ b/src/install-agent.ts
@ -26,7 +26,7 @@ export async function installAgent(

  if (isTLS) {
    downloadPath = await tc.downloadTool(
-      `https://github.com/step-security/agent-ebpf/releases/download/v1.8.6/harden-runner_1.8.6_linux_${variant}.tar.gz`,
+      `https://github.com/step-security/agent-ebpf/releases/download/v1.8.3/harden-runner_1.8.3_linux_${variant}.tar.gz`,
      undefined,
      auth
    );
@ -76,7 +76,7 @@ export async function installAgentBravo(configStr: string): Promise<boolean> {

  const variant = process.arch === "x64" ? "amd64" : "arm64";
  const downloadPath = await tc.downloadTool(
-    `https://github.com/step-security/agent-ebpf/releases/download/v1.8.6/harden-runner-bravo_1.8.6_linux_${variant}.tar.gz`,
+    `https://github.com/step-security/agent-ebpf/releases/download/v1.8.3/harden-runner-bravo_1.8.3_linux_${variant}.tar.gz`,
    undefined,
    auth
  );
--- a/src/setup.ts
+++ b/src/setup.ts
@ -66,11 +66,6 @@ interface MonitorResponse {
      return;
    }

-    if (isGithubHosted() && process.platform === "linux" && !process.env.USER) {
-      console.log(common.UBUNTU_SLIM_MESSAGE);
-      return;
-    }
-
    var correlation_id = uuidv4();
    var api_url = STEPSECURITY_API_URL;
    var web_url = STEPSECURITY_WEB_URL;
@ -107,10 +102,7 @@ interface MonitorResponse {
    if (confg.use_policy_store) {
      console.log(`Fetching policy from policy store`);
      if (confg.api_key === "") {
-        core.warning(
-          "api-key is not set while use-policy-store is true. Defaulting to audit mode."
-        );
-        confg.egress_policy = "audit";
+        core.setFailed("api-key is required when use-policy-store is set to true");
      } else {
        try {
          const repoName = (process.env["GITHUB_REPOSITORY"] || "").split("/")[1] || "";