Re-enable the GitHubSecurityLab/actions-permissions/monitor action

With the merge of GitHubSecurityLab/actions-permissions#34, this proxy no longer interferes with AWS API or boto3 calls.
cisagov · Jan 17, 2025 · d166c85 · d166c85
1 parent 71d7c62
commit d166c85
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 18 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -245,12 +245,10 @@ jobs:
           # - arm64
           - x86_64
     steps:
-      # If we use this proxy then the calls to the AWS API on
-      # localhost fail.
-      # - uses: GitHubSecurityLab/actions-permissions/monitor@v1
-      #   with:
-      #     # Uses the organization variable unless overridden
-      #     config: ${{ vars.ACTIONS_PERMISSIONS_CONFIG }}
+      - uses: GitHubSecurityLab/actions-permissions/monitor@v1
+        with:
+          # Uses the organization variable unless overridden
+          config: ${{ vars.ACTIONS_PERMISSIONS_CONFIG }}
       - id: harden-runner
         name: Harden the runner
         uses: step-security/harden-runner@v2

diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml
@@ -52,12 +52,10 @@ jobs:
           # - arm64
           - x86_64
     steps:
-      # If we use this proxy then the calls to the AWS API on
-      # localhost fail.
-      # - uses: GitHubSecurityLab/actions-permissions/monitor@v1
-      #   with:
-      #     # Uses the organization variable unless overridden
-      #     config: ${{ vars.ACTIONS_PERMISSIONS_CONFIG }}
+      - uses: GitHubSecurityLab/actions-permissions/monitor@v1
+        with:
+          # Uses the organization variable unless overridden
+          config: ${{ vars.ACTIONS_PERMISSIONS_CONFIG }}
       - id: harden-runner
         name: Harden the runner
         uses: step-security/harden-runner@v2

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -59,12 +59,10 @@ jobs:
           # - arm64
           - x86_64
     steps:
-      # If we use this proxy then the calls to the AWS API on
-      # localhost fail.
-      # - uses: GitHubSecurityLab/actions-permissions/monitor@v1
-      #   with:
-      #     # Uses the organization variable unless overridden
-      #     config: ${{ vars.ACTIONS_PERMISSIONS_CONFIG }}
+      - uses: GitHubSecurityLab/actions-permissions/monitor@v1
+        with:
+          # Uses the organization variable unless overridden
+          config: ${{ vars.ACTIONS_PERMISSIONS_CONFIG }}
       - id: harden-runner
         name: Harden the runner
         uses: step-security/harden-runner@v2