Skip to content

try using harden-runner#504

Closed
srinivasugithub wants to merge 5 commits into
eclipse-score:mainfrom
bgsw-contrib:main
Closed

try using harden-runner#504
srinivasugithub wants to merge 5 commits into
eclipse-score:mainfrom
bgsw-contrib:main

Conversation

@srinivasugithub
Copy link
Copy Markdown
Contributor

@srinivasugithub srinivasugithub commented Apr 21, 2026
edited
Loading

his PR adds the step-security/harden-runner@v2.18.0 action to 6 GitHub workflows to improve the security posture of the Eclipse SCORE project. The hardening runner monitors and audits egress (outbound) network traffic from CI/CD jobs, helping to detect and prevent unauthorized or suspicious network activity.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 21, 2026
edited
Loading

License Check Results

🚀 The license check job ran with the Bazel command:

bazel run --lockfile_mode=error //src:license-check

Status: ⚠️ Needs Review

Click to expand output 
[License Check Output]
Extracting Bazel installation...
Starting local Bazel server (8.4.2) and connecting to it...
INFO: Invocation ID: b1bae90e-ebb1-4dbf-93f3-e9f87cafaa30
Computing main repo mapping: 
Loading: 
Loading: 0 packages loaded
Loading: 0 packages loaded
WARNING: Target pattern parsing failed.
ERROR: Skipping '//src:license-check': no such target '//src:license-check': target 'license-check' not declared in package 'src' defined by /home/runner/work/docs-as-code/docs-as-code/src/BUILD
ERROR: no such target '//src:license-check': target 'license-check' not declared in package 'src' defined by /home/runner/work/docs-as-code/docs-as-code/src/BUILD
INFO: Elapsed time: 4.677s
INFO: 0 processes.
ERROR: Build did NOT complete successfully
ERROR: Build failed. Not running target

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 21, 2026

The created documentation from the pull request is available at: docu-html

MaximilianSoerenPollak
MaximilianSoerenPollak reviewed Apr 22, 2026
View reviewed changes
Comment thread .github/workflows/consumer_test.yml
@@ -27,7 +27,14 @@ jobs:
matrix:
Copy link
Copy Markdown
Contributor

@MaximilianSoerenPollak MaximilianSoerenPollak Apr 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall this seems good.
What I'm missing a bit is some explanation / documentation.
Just inside the PR/Commit body would be fine or so.
Cause it's a bit unclear to me (without reading through all the docs) why this egrees-policy is and what it exactly does (beyond 'monitoring outgoig trafic').

Copy link
Copy Markdown
Contributor Author

@srinivasugithub srinivasugithub Apr 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updated the PR description in short

AlexanderLanin
AlexanderLanin previously approved these changes Apr 27, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@AlexanderLanin AlexanderLanin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Merging now, so we can have a look at it in the #infrastructure meeting later today

@AlexanderLanin
Copy link
Copy Markdown
Member

AlexanderLanin commented Apr 27, 2026

Nope, not merging. The author is a mess.

We have:

Can you please recreate the commit with one clear author information?

@AlexanderLanin AlexanderLanin dismissed their stale review April 27, 2026 11:37

author cleanup requested

@bgsw-contrib bgsw-contrib closed this by deleting the head repository Apr 27, 2026
@srinivasugithub srinivasugithub mentioned this pull request Apr 27, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MaximilianSoerenPollak MaximilianSoerenPollak MaximilianSoerenPollak left review comments

@AlexanderLanin AlexanderLanin AlexanderLanin left review comments

@dcalavrezo-qorix dcalavrezo-qorix Awaiting requested review from dcalavrezo-qorix dcalavrezo-qorix is a code owner

@nradakovic nradakovic Awaiting requested review from nradakovic nradakovic is a code owner

Assignees

No one assigned

Labels

None yet

Projects

INF - Infrastructure Community
Status: Backlog

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@srinivasugithub @AlexanderLanin @MaximilianSoerenPollak @bgsw-contrib @kandukurisrinivasu