From 2047030c41554747c12e637af306d8e6da385114 Mon Sep 17 00:00:00 2001
From: Ulises Gascon <ulisesgascongonzalez@gmail.com>
Date: Tue, 21 Nov 2023 12:47:40 +0100
Subject: [PATCH] chore: change egress-policy in harden-runner to audit mode

---
 .github/workflows/cd.yml | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index bff3bae..9c359ef 100644
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -18,19 +18,19 @@ jobs:
         uses: step-security/harden-runner@03bee3930647ebbf994244c21ddbc0d4933aab4f # v2.3.0
         with:
           disable-sudo: true
-          egress-policy: block
-          allowed-endpoints: >
-            api.github.com:443
-            fulcio.sigstore.dev:443
-            rekor.sigstore.dev:443
-            github.com:443
-            nodejs.org:443
-            registry.npmjs.org:443
-            nodejs.org:443
-            *.actions.githubusercontent.com:443
-            actions.githubusercontent.com:443
-            *.githubapp.com:443
-            githubapp.com:443
+          egress-policy: audit
+          # allowed-endpoints: >
+          #   api.github.com:443
+          #   fulcio.sigstore.dev:443
+          #   rekor.sigstore.dev:443
+          #   github.com:443
+          #   nodejs.org:443
+          #   registry.npmjs.org:443
+          #   nodejs.org:443
+          #   *.actions.githubusercontent.com:443
+          #   actions.githubusercontent.com:443
+          #   *.githubapp.com:443
+          #   githubapp.com:443
       - name: ⚙️ Git Checkout
         uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
       - name: ⚙️ Install Node@20