diff --git a/README.md b/README.md index 8ba22a3..2f4e127 100644 --- a/README.md +++ b/README.md @@ -500,22 +500,41 @@ For enhanced security, you can restrict Claude's network access to specific doma - Preventing access to external services - Limiting Claude to only your internal APIs and services -When `allowed_domains` is set, Claude can only access: +When `allowed_domains` is set, Claude can only access the domains you explicitly list. You'll need to include the appropriate provider domains based on your authentication method. -1. The domains you explicitly list -2. Auto-detected provider domains (based on your authentication method) +#### Provider-Specific Examples -#### Basic Example +##### If using Anthropic API or subscription ```yaml - uses: anthropics/claude-code-action@beta with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} + # Or: claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} allowed_domains: | - .github.com - .githubusercontent.com - ghcr.io - .blob.core.windows.net + .anthropic.com +``` + +##### If using AWS Bedrock + +```yaml +- uses: anthropics/claude-code-action@beta + with: + use_bedrock: "true" + allowed_domains: | + bedrock.*.amazonaws.com + bedrock-runtime.*.amazonaws.com +``` + +##### If using Google Vertex AI + +```yaml +- uses: anthropics/claude-code-action@beta + with: + use_vertex: "true" + allowed_domains: | + *.googleapis.com + vertexai.googleapis.com ``` #### GitHub Enterprise Example diff --git a/action.yml b/action.yml index dc67f31..5282bfd 100644 --- a/action.yml +++ b/action.yml @@ -153,26 +153,12 @@ runs: # Install and configure Squid proxy sudo apt-get update && sudo apt-get install -y squid - echo "${{ inputs.allowed_domains }}" > /tmp/whitelist.txt - - if [[ -n "${{ inputs.anthropic_api_key }}" ]]; then - echo ".anthropic.com" >> /tmp/whitelist.txt - fi - - if [[ "${{ inputs.use_bedrock }}" == "true" ]]; then - echo "bedrock.*.amazonaws.com" >> /tmp/whitelist.txt - echo "bedrock-runtime.*.amazonaws.com" >> /tmp/whitelist.txt - fi - - if [[ "${{ inputs.use_vertex }}" == "true" ]]; then - echo "*.googleapis.com" >> /tmp/whitelist.txt - echo "vertexai.googleapis.com" >> /tmp/whitelist.txt - fi + echo "${{ inputs.allowed_domains }}" > $RUNNER_TEMP/whitelist.txt # Configure Squid sudo tee /etc/squid/squid.conf << 'EOF' http_port 127.0.0.1:3128 - acl whitelist dstdomain "/tmp/whitelist.txt" + acl whitelist dstdomain "$RUNNER_TEMP/whitelist.txt" acl localhost src 127.0.0.1/32 http_access allow localhost whitelist http_access deny all diff --git a/test/network-restrictions.test.ts b/test/network-restrictions.test.ts deleted file mode 100644 index 9902bc0..0000000 --- a/test/network-restrictions.test.ts +++ /dev/null @@ -1,44 +0,0 @@ -import { describe, test, expect } from "bun:test"; - -describe("Network Restrictions", () => { - test("should block access to unauthorized domains", async () => { - const url = "https://example.com/api/data"; - - try { - const controller = new AbortController(); - const timeoutId = setTimeout(() => controller.abort(), 5000); - - const response = await fetch(url, { - signal: controller.signal, - }); - - clearTimeout(timeoutId); - expect(response.ok).toBe(false); - throw new Error(`Unauthorized domain ${url} was not blocked by proxy`); - } catch (error) { - expect(error).toBeDefined(); - console.log(`Successfully blocked: ${url}`); - } - }); - - test("should allow access to whitelisted domains", async () => { - const url = "https://api.github.com/zen"; - - try { - const controller = new AbortController(); - const timeoutId = setTimeout(() => controller.abort(), 5000); - - const response = await fetch(url, { - signal: controller.signal, - }); - - clearTimeout(timeoutId); - expect(response.ok).toBe(true); - console.log(`Successfully allowed: ${url}`); - } catch (error: any) { - throw new Error( - `Whitelisted domain ${url} was blocked: ${error.message}`, - ); - } - }); -});