Merge pull request #117 from cisagov/improvement/re-enable-permission…

…s-proxy Re-enable the GitHubSecurityLab/actions-permissions/monitor action
cisagov · Dec 20, 2024 · 2f6d59b · 2f6d59b
2 parents 2cbc15f + a6abcec
commit 2f6d59b
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 18 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -243,12 +243,10 @@ jobs:
           - arm64
           - x86_64
     steps:
-      # If we use this proxy then the calls to the AWS API on
-      # localhost fail.
-      # - uses: GitHubSecurityLab/actions-permissions/monitor@v1
-      #   with:
-      #     # Uses the organization variable unless overridden
-      #     config: ${{ vars.ACTIONS_PERMISSIONS_CONFIG }}
+      - uses: GitHubSecurityLab/actions-permissions/monitor@v1
+        with:
+          # Uses the organization variable unless overridden
+          config: ${{ vars.ACTIONS_PERMISSIONS_CONFIG }}
       - id: harden-runner
         name: Harden the runner
         uses: step-security/harden-runner@v2

diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml
@@ -50,12 +50,10 @@ jobs:
           - arm64
           - x86_64
     steps:
-      # If we use this proxy then the calls to the AWS API on
-      # localhost fail.
-      # - uses: GitHubSecurityLab/actions-permissions/monitor@v1
-      #   with:
-      #     # Uses the organization variable unless overridden
-      #     config: ${{ vars.ACTIONS_PERMISSIONS_CONFIG }}
+      - uses: GitHubSecurityLab/actions-permissions/monitor@v1
+        with:
+          # Uses the organization variable unless overridden
+          config: ${{ vars.ACTIONS_PERMISSIONS_CONFIG }}
       - id: harden-runner
         name: Harden the runner
         uses: step-security/harden-runner@v2

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -57,12 +57,10 @@ jobs:
           - arm64
           - x86_64
     steps:
-      # If we use this proxy then the calls to the AWS API on
-      # localhost fail.
-      # - uses: GitHubSecurityLab/actions-permissions/monitor@v1
-      #   with:
-      #     # Uses the organization variable unless overridden
-      #     config: ${{ vars.ACTIONS_PERMISSIONS_CONFIG }}
+      - uses: GitHubSecurityLab/actions-permissions/monitor@v1
+        with:
+          # Uses the organization variable unless overridden
+          config: ${{ vars.ACTIONS_PERMISSIONS_CONFIG }}
       - id: harden-runner
         name: Harden the runner
         uses: step-security/harden-runner@v2