From 04cdb1a0022523ba51fd2bef00a6862bae2ce337 Mon Sep 17 00:00:00 2001
From: Mathieu Larose <mathieu@mathieularose.com>
Date: Wed, 3 Jul 2024 19:45:49 -0400
Subject: [PATCH] Trigger publish

---
 .github/workflows/publish.yml      | 25 +++++++++++++++++--------
 .github/workflows/pull_request.yml |  2 +-
 2 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 36373fa..b81e6dd 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -4,6 +4,7 @@ on:
   push:
     branches:
       - master
+      - larose/bullfrog
 
 jobs:
   build-and-check:
@@ -12,10 +13,18 @@ jobs:
       matrix:
         python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"]
     steps:
-      - uses: bullfrogsec/bullfrog@v0.2
+      - name: Bullfrog Secure Runner
+        uses: bullfrogsec/bullfrog@v0
         with:
-            block-dns: false
-            egress-policy: audit
+            egress-policy: block
+            allowed-domains: |
+              auth.docker.io
+              deb.debian.org
+              github.com
+              files.pythonhosted.org
+              production.cloudflare.docker.com
+              pypi.org
+              registry-1.docker.io
       - run: |
           sudo nft list ruleset
       - uses: actions/checkout@v2
@@ -39,7 +48,7 @@ jobs:
     runs-on: ubuntu-22.04
     needs: build-and-check
     steps:
-      - uses: bullfrogsec/bullfrog@v0.2
+      - uses: bullfrogsec/bullfrog@v0
         with:
             egress-policy: block
       - uses: actions/checkout@v2
@@ -61,7 +70,7 @@ jobs:
         with:
           name: dist-3.8
           path: dist
-#      - name: Publish (Test PyPI)
-#        run: make ci.publish.test-pypi
-      - name: Publish
-        run: make ci.publish.pypi
+      - name: Publish (Test PyPI)
+        run: make ci.publish.test-pypi
+#      - name: Publish
+#        run: make ci.publish.pypi
diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml
index b98e16a..d957689 100644
--- a/.github/workflows/pull_request.yml
+++ b/.github/workflows/pull_request.yml
@@ -20,6 +20,7 @@ jobs:
       - name: Bullfrog Secure Runner
         uses: bullfrogsec/bullfrog@v0
         with:
+            egress-policy: block
             allowed-domains: |
               auth.docker.io
               deb.debian.org
@@ -28,7 +29,6 @@ jobs:
               production.cloudflare.docker.com
               pypi.org
               registry-1.docker.io
-            egress-policy: block
       - uses: actions/checkout@v2
       - name: Setup python
         uses: actions/setup-python@v1