Simplify network restrictions -- Move it to actions, remove extended examples in claude.yml and move them to readme

README.md

@@ -110,6 +110,7 @@ jobs:
 | `branch_prefix`           | The prefix to use for Claude branches (defaults to 'claude/', use 'claude-' for dash format)                         | No       | `claude/` |
 | `claude_env`              | Custom environment variables to pass to Claude Code execution (YAML format)                                          | No       | ""        |
 | `additional_permissions`  | Additional permissions to enable. Currently supports 'actions: read' for viewing workflow results                    | No       | ""        |
+| `allowed_domains`         | Restrict network access to these domains only (newline-separated). Provider domains are auto-detected.               | No       | ""        |
 
 \*Required when using direct Anthropic API (default and when not using Bedrock or Vertex)
 
@@ -491,6 +492,64 @@ Use a specific Claude model:
     # ... other inputs
 ```
 
+### Network Restrictions
+
+For enhanced security, you can restrict Claude's network access to specific domains only. This feature is particularly useful for:
+
+- Enterprise environments with strict security policies
+- Preventing access to external services
+- Limiting Claude to only your internal APIs and services
+
+When `allowed_domains` is set, Claude can only access:
+
+1. The domains you explicitly list
+2. Auto-detected provider domains (based on your authentication method)
+
+#### Basic Example
+
+```yaml
+- uses: anthropics/claude-code-action@beta
+  with:
+    anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+    allowed_domains: |
+      .github.com
+      .githubusercontent.com
+      ghcr.io
+      .blob.core.windows.net
+```
+
+#### GitHub Enterprise Example
+
+For GitHub Enterprise users, replace the GitHub domains with your own:
+
+```yaml
+- uses: anthropics/claude-code-action@beta
+  with:
+    anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+    allowed_domains: |
+      .github.company.com
+      packages.company.com
+      .blob.core.windows.net
+      # Add any other internal services Claude needs access to
+      internal-api.company.com
+```
+
+#### Custom LLM Proxy Example
+
+If you're using a custom LLM proxy instead of the standard providers:
+
+```yaml
+- uses: anthropics/claude-code-action@beta
+  with:
+    anthropic_api_key: ${{ secrets.PROXY_API_KEY }}
+    allowed_domains: |
+      llm-proxy.company.com
+      github.com
+      api.github.com
+      raw.githubusercontent.com
+      .githubusercontent.com
+```
+
 ## Cloud Providers
 
 You can authenticate with Claude using any of these three methods:

action.yml

@@ -96,12 +96,8 @@ inputs:
     description: "Enable commit signing using GitHub's commit signature verification. When false, Claude uses standard git commands"
     required: false
     default: "false"
-  enable_network_restrictions:
-    description: "Enable network restrictions to limit Claude's internet access to approved domains"
-    required: false
-    default: "false"
   allowed_domains:
-    description: "Additional domains to allow when network restrictions are enabled (newline-separated)"
+    description: "Restrict network access to these domains only (newline-separated). If not set, no restrictions are applied. Provider domains are auto-detected."
     required: false
     default: ""
 
@@ -151,41 +147,28 @@ runs:
         USE_COMMIT_SIGNING: ${{ inputs.use_commit_signing }}
 
     - name: Setup Network Restrictions
-      if: steps.prepare.outputs.contains_trigger == 'true' && inputs.enable_network_restrictions == 'true'
+      if: steps.prepare.outputs.contains_trigger == 'true' && inputs.allowed_domains != ''
       shell: bash
       run: |
         # Install and configure Squid proxy
         sudo apt-get update && sudo apt-get install -y squid
 
-        # Create whitelist for allowed domains
-        cat > /tmp/whitelist.txt << 'EOF'
-        # Core domains (always needed)
-        .anthropic.com
-        .github.com
-        .githubusercontent.com
-        ghcr.io
-        .blob.core.windows.net
-        EOF
+        echo "${{ inputs.allowed_domains }}" > /tmp/whitelist.txt
+
+        if [[ -n "${{ inputs.anthropic_api_key }}" ]]; then
+          echo ".anthropic.com" >> /tmp/whitelist.txt
+        fi
 
-        # Auto-detect and add provider-specific domains
         if [[ "${{ inputs.use_bedrock }}" == "true" ]]; then
-          echo "# AWS Bedrock domains" >> /tmp/whitelist.txt
           echo "bedrock.*.amazonaws.com" >> /tmp/whitelist.txt
           echo "bedrock-runtime.*.amazonaws.com" >> /tmp/whitelist.txt
         fi
 
         if [[ "${{ inputs.use_vertex }}" == "true" ]]; then
-          echo "# Google Vertex AI domains" >> /tmp/whitelist.txt
           echo "*.googleapis.com" >> /tmp/whitelist.txt
           echo "vertexai.googleapis.com" >> /tmp/whitelist.txt
         fi
 
-        # Add any custom domains provided by user
-        if [[ -n "${{ inputs.allowed_domains }}" ]]; then
-          echo "# User-provided custom domains" >> /tmp/whitelist.txt
-          echo "${{ inputs.allowed_domains }}" >> /tmp/whitelist.txt
-        fi
-
         # Configure Squid
         sudo tee /etc/squid/squid.conf << 'EOF'
         http_port 127.0.0.1:3128

examples/claude.yml

@@ -36,13 +36,4 @@ jobs:
           # Or use OAuth token instead:
           # claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
           timeout_minutes: "60"
-
-          # Optional: Enable network restrictions
-          # This limits Claude's internet access to approved domains only
-          # enable_network_restrictions: true
-
-          # Optional: Add custom domains (when network restrictions are enabled)
-          # These are in addition to core domains and auto-detected provider domains
-          # allowed_domains: |
-          #   api.mycompany.com
-          #   internal-service.example.com
+          # allowed_domains: "github.com\napi.github.com\nraw.githubusercontent.com"  # Optional: Restrict network access