Release v2.9.0 (#435)

Author: varunsh-coder

README.md

@@ -10,11 +10,11 @@ export function verifyChecksum(downloadPath: string, is_tls: boolean) {
     .digest("hex"); // checksum of downloaded file
 
   let expectedChecksum: string =
-    "ceb925c78e5c79af4f344f08f59bbdcf3376d20d15930a315f9b24b6c4d0328a"; // checksum for v0.13.5
+    "a9f1842e3d7f3d38c143dbe8ffe1948e6c8173cd04da072d9f9d128bb400844a"; // checksum for v0.13.7
 
   if (is_tls) {
     expectedChecksum =
-      "846ae66c6cfab958fe61736cec0b58bdb7651b36af04c279405c7114675d7033"; // checksum for tls_agent
+      "e45b85e29216eb1d217aad368bdb056bbd868a308925e7b2cf9133b06ab435d0"; // checksum for tls_agent
   }
 
   if (checksum !== expectedChecksum) {

dist/pre/index.js

@@ -12,6 +12,7 @@ export interface Configuration {
   is_github_hosted: boolean;
   private: string;
   is_debug: boolean;
+  one_time_key: string;
 }
 
 export interface PolicyResponse {

dist/pre/index.js.map

@@ -40,6 +40,7 @@ test("merge configs", async () => {
     private: "true",
     is_github_hosted: true,
     is_debug: false,
+    one_time_key: "",
   };
   let policyResponse: PolicyResponse = {
     owner: "h0x0er",
@@ -65,6 +66,7 @@ test("merge configs", async () => {
     private: "true",
     is_github_hosted: true,
     is_debug: false,
+    one_time_key: "",
   };
 
   localConfig = mergeConfigs(localConfig, policyResponse);

images/org-level.png

@@ -28,6 +28,7 @@ import { isGithubHosted, isTLSEnabled } from "./tls-inspect";
 
 interface MonitorResponse {
   runner_ip_address?: string;
+  one_time_key?: string;
   monitoring_started?: boolean;
 }
 
@@ -60,6 +61,7 @@ interface MonitorResponse {
       private: context?.payload?.repository?.private || false,
       is_github_hosted: isGithubHosted(),
       is_debug: core.isDebug(),
+      one_time_key: "",
     };
 
     let policyName = core.getInput("policy");
@@ -200,6 +202,7 @@ interface MonitorResponse {
 
       if (statusCode === 200 && responseData) {
         console.log(`Runner IP Address: ${responseData.runner_ip_address}`);
+        confg.one_time_key = responseData.one_time_key;
         addSummary = responseData.monitoring_started ? "true" : "false";
       }
     } catch (e) {
@@ -231,12 +234,12 @@ interface MonitorResponse {
 
     if (await isTLSEnabled(context.repo.owner)) {
       downloadPath = await tc.downloadTool(
-        "https://packages.stepsecurity.io/github-hosted/harden-runner_1.2.0_linux_amd64.tar.gz"
+        "https://packages.stepsecurity.io/github-hosted/harden-runner_1.2.2_linux_amd64.tar.gz"
       );
       verifyChecksum(downloadPath, true); // NOTE: verifying tls_agent's checksum, before extracting
     } else {
       downloadPath = await tc.downloadTool(
-        "https://github.com/step-security/agent/releases/download/v0.13.5/agent_0.13.5_linux_amd64.tar.gz",
+        "https://github.com/step-security/agent/releases/download/v0.13.7/agent_0.13.7_linux_amd64.tar.gz",
         undefined,
         auth
       );