Harden Runner breaks medyagh/setup-minikube

[tippmar-nr]

I'm not sure where the problem lies, but there's some odd interaction between the harden-runner action and medyagh/setup-minikube.

If I add harden-runner with egress-policy: audit, the setup-minikube step doesn't fully install and configure Minikube.

A sample workflow run showing the with and without behavior is available here: https://github.com/tippmar-nr/testing/actions/runs/9210727454 -- with harden-runner, the job runs for several minutes and emits a lot of odd messages, before finally failing because Minikube isn't running correctly. Without harden-runner, the job runs for just a couple of minutes and behaves exactly as it should.

Would appreciate any guidance or troubleshooting tips. Thanks!

[varunsh-coder]

@tippmar-nr thanks for reporting this and using harden-runner! I will look at the workflow run and investigate.

[varunsh-coder]

@tippmar-nr I noticed the https://github.com/tippmar-nr/testing repo no longer exists. Can you please share the workflows you used? Thanks!

[tippmar-nr]

@varunsh-coder Sorry about that - my testing repo was set to private instead of public. You should be able to access it now. Thanks for taking a look!

[varunsh-coder]

This is because harden-runner is unable to resolve domain: host.docker.internal
https://github.com/tippmar-nr/testing/actions/runs/9210727454/job/25338401257#step:12:56

This will need a fix to resolve domains that point to internal IP addresses.

[tippmar-nr]

Thanks for the update. I probably should have looked through the workflow output a bit more to identify that specific issue.