step-security/harden-runner
1
0
Fork 0
mirror of https://github.com/step-security/harden-runner.git synced 2026-06-08 09:17:08 +00:00
Code Issues Projects Releases Packages Wiki Activity
harden-runner/dist/pre
History
Varun Sharma 2f199dceb1
 add monitor call for bravo to populate one_time_key 
The bravo agent authenticates to the backend using a per-job one_time_key
issued by the /monitor endpoint and stored in DynamoDB keyed by
correlation_id. Without it the presigned-URL request (and all telemetry
endpoints via sendApiRequest) get rejected, so detection events never
upload and insights never appear.

For third-party runners, override correlation_id to RUNNER_NAME before
the monitor call so the key stored in DDB matches the one the bravo
agent will use when requesting presigned URLs. Drop the random api_key
and customer field — when OneTimeKey is present the agent uses
x-one-time-key header, not vm-api-key.
2026-04-19 07:10:45 -07:00
..
agent.service Code refactor 2022-02-12 15:40:44 -08:00
cache.txt Release v2.6.1 (#356) 2023-11-16 12:43:19 -08:00
index.js add monitor call for bravo to populate one_time_key 2026-04-19 07:10:45 -07:00
index.js.map add monitor call for bravo to populate one_time_key 2026-04-19 07:10:45 -07:00
sourcemap-register.js update dependencies 2025-09-06 11:46:22 -07:00