From 9ee1183842f2a9fd50a2675dfe300c322e8732f0 Mon Sep 17 00:00:00 2001
From: Danny Rorabaugh <imnasnainaec@gmail.com>
Date: Thu, 14 Nov 2024 13:49:49 -0500
Subject: [PATCH] Add endpoints to deploy_ workflows

---
 .github/workflows/deploy_qa.yml      | 2 ++
 .github/workflows/deploy_release.yml | 1 +
 2 files changed, 3 insertions(+)

diff --git a/.github/workflows/deploy_qa.yml b/.github/workflows/deploy_qa.yml
index 652295bae1..7bad7dd654 100644
--- a/.github/workflows/deploy_qa.yml
+++ b/.github/workflows/deploy_qa.yml
@@ -26,6 +26,7 @@ jobs:
           egress-policy: block
           allowed-endpoints: >
             *.actions.githubusercontent.com:443
+            *.cloudfront.net:443
             *.data.mcr.microsoft.com:443
             ${{ secrets.AWS_ACCOUNT }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com
             api.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com:443
@@ -42,6 +43,7 @@ jobs:
             github.com:443
             mcr.microsoft.com:443
             production.cloudflare.docker.com:443
+            public.ecr.aws:443
             pypi.org:443
             registry-1.docker.io:443
             registry.npmjs.org:443
diff --git a/.github/workflows/deploy_release.yml b/.github/workflows/deploy_release.yml
index f364747637..494f54d065 100644
--- a/.github/workflows/deploy_release.yml
+++ b/.github/workflows/deploy_release.yml
@@ -25,6 +25,7 @@ jobs:
           egress-policy: block
           allowed-endpoints: >
             *.actions.githubusercontent.com:443
+            *.cloudfront.net:443
             *.data.mcr.microsoft.com:443
             api.ecr-public.us-east-1.amazonaws.com:443
             api.github.com:443