From 5b3ce5ec6dd244f99c7ac463460fc5eeaf3c841d Mon Sep 17 00:00:00 2001
From: km-anthropic <km-anthropic@users.noreply.github.com>
Date: Mon, 14 Jul 2025 12:21:13 -0700
Subject: [PATCH] refactor: make network restrictions opt-in and move to
 examples
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Removed network restrictions from .github/workflows/claude.yml
- Added network restrictions to examples/claude.yml as opt-in feature
- Changed from DISABLE_NETWORK_RESTRICTIONS to ENABLE_NETWORK_RESTRICTIONS
- Added support for CUSTOM_ALLOWED_DOMAINS repository variable
- Organized whitelist by provider (Anthropic, Bedrock, Vertex AI)
- Removed package registries from whitelist (already in NO_PROXY)

Users can now enable network restrictions by setting ENABLE_NETWORK_RESTRICTIONS=true
and configure additional domains via CUSTOM_ALLOWED_DOMAINS.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .github/workflows/claude.yml | 54 ---------------------------------
 examples/claude.yml          | 59 ++++++++++++++++++++++++++++++++++++
 2 files changed, 59 insertions(+), 54 deletions(-)

diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml
index 685234c0..35d9fe3d 100644
--- a/.github/workflows/claude.yml
+++ b/.github/workflows/claude.yml
@@ -29,60 +29,6 @@ jobs:
         with:
           fetch-depth: 1
 
-      - name: Setup Network Restrictions
-        if: ${{ vars.DISABLE_NETWORK_RESTRICTIONS != 'true' }}
-        run: |
-          # Install and configure Squid proxy
-          sudo apt-get update && sudo apt-get install -y squid
-
-          # Create whitelist for allowed domains
-          cat > /tmp/whitelist.txt << 'EOF'
-          # Claude API
-          .anthropic.com
-
-          # GitHub (covers github.com, api.github.com, gist.github.com, etc.)
-          .github.com
-
-          # GitHub raw content and user uploads
-          .githubusercontent.com
-
-          # GitHub Container Registry
-          ghcr.io
-
-          # Package registries
-          registry.npmjs.org
-          bun.sh
-
-          # Azure storage for GitHub Actions cache
-          .blob.core.windows.net
-          EOF
-
-          # Configure Squid
-          sudo tee /etc/squid/squid.conf << 'EOF'
-          http_port 127.0.0.1:3128
-          acl whitelist dstdomain "/tmp/whitelist.txt"
-          acl localhost src 127.0.0.1/32
-          http_access allow localhost whitelist
-          http_access deny all
-          cache deny all
-          EOF
-
-          # Stop any existing squid instance and start with our config
-          sudo squid -k shutdown || true
-          sleep 2
-          sudo rm -f /run/squid.pid
-          sudo squid -N -d 1 &
-          sleep 5
-
-          # Set proxy environment variables
-          echo "http_proxy=http://127.0.0.1:3128" >> $GITHUB_ENV
-          echo "https_proxy=http://127.0.0.1:3128" >> $GITHUB_ENV
-          echo "HTTP_PROXY=http://127.0.0.1:3128" >> $GITHUB_ENV
-          echo "HTTPS_PROXY=http://127.0.0.1:3128" >> $GITHUB_ENV
-          # Bypass proxy for package registries to avoid integrity check issues
-          echo "NO_PROXY=localhost,127.0.0.1,registry.npmjs.org,registry.yarnpkg.com" >> $GITHUB_ENV
-          echo "no_proxy=localhost,127.0.0.1,registry.npmjs.org,registry.yarnpkg.com" >> $GITHUB_ENV
-
       - name: Run Claude Code
         id: claude
         uses: anthropics/claude-code-action@beta
diff --git a/examples/claude.yml b/examples/claude.yml
index 23f91f05..4a06275c 100644
--- a/examples/claude.yml
+++ b/examples/claude.yml
@@ -29,6 +29,65 @@ jobs:
         with:
           fetch-depth: 1
 
+      - name: Setup Network Restrictions
+        if: ${{ vars.ENABLE_NETWORK_RESTRICTIONS == 'true' }}
+        run: |
+          # Install and configure Squid proxy
+          sudo apt-get update && sudo apt-get install -y squid
+
+          # Create whitelist for allowed domains
+          cat > /tmp/whitelist.txt << 'EOF'
+          # Provider APIs - Choose one:
+          # Anthropic (1P)
+          .anthropic.com
+          
+          # AWS Bedrock:
+          #   bedrock.*.amazonaws.com
+          #   bedrock-runtime.*.amazonaws.com
+          
+          # Google Vertex AI:
+          #   *.googleapis.com
+          #   vertexai.googleapis.com
+
+          # GitHub (required for all setups)
+          .github.com
+          .githubusercontent.com
+          ghcr.io
+
+          # Azure storage for GitHub Actions cache
+          .blob.core.windows.net
+          
+          # Additional custom domains (newline-separated)
+          # Set via CUSTOM_ALLOWED_DOMAINS repository variable
+          ${{ vars.CUSTOM_ALLOWED_DOMAINS || '' }}
+          EOF
+
+          # Configure Squid
+          sudo tee /etc/squid/squid.conf << 'EOF'
+          http_port 127.0.0.1:3128
+          acl whitelist dstdomain "/tmp/whitelist.txt"
+          acl localhost src 127.0.0.1/32
+          http_access allow localhost whitelist
+          http_access deny all
+          cache deny all
+          EOF
+
+          # Stop any existing squid instance and start with our config
+          sudo squid -k shutdown || true
+          sleep 2
+          sudo rm -f /run/squid.pid
+          sudo squid -N -d 1 &
+          sleep 5
+
+          # Set proxy environment variables
+          echo "http_proxy=http://127.0.0.1:3128" >> $GITHUB_ENV
+          echo "https_proxy=http://127.0.0.1:3128" >> $GITHUB_ENV
+          echo "HTTP_PROXY=http://127.0.0.1:3128" >> $GITHUB_ENV
+          echo "HTTPS_PROXY=http://127.0.0.1:3128" >> $GITHUB_ENV
+          # Bypass proxy for package registries to avoid integrity check issues
+          echo "NO_PROXY=localhost,127.0.0.1,registry.npmjs.org,registry.yarnpkg.com" >> $GITHUB_ENV
+          echo "no_proxy=localhost,127.0.0.1,registry.npmjs.org,registry.yarnpkg.com" >> $GITHUB_ENV
+
       - name: Run Claude PR Action
         uses: anthropics/claude-code-action@beta
         with: