Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
x/build: restrict outbound network access from builds by default #30612
We should make sure our tests never do outbound network requests by default, or that we only hit endpoints that we control.
For instance, the longtest builder is often failing now on:
... because we're hitting some Gerrit quota issue it seems.
I'm going to firewall outbound port 443 and port 22 connections for now and set the GOPROXY to our existing private Athens service on GKE to fix the longtest issue above.
Edit: Another related open issue is #28856.