Yes - especially when you are building on GitHub hosted runners.
Enterprises who build within their own network typically have numerous safeguards on network egress. There is cost associated with that effort though and more friction to getting reliable, fast and repeatable build environments.
This eBPF firewall helps you lockdown that network egress on GitHub's cloud and gives you observability on what each build is reaching out to.
Feels like CI/CD is still operating on a pretty optimistic threat model.
Yes - especially when you are building on GitHub hosted runners.
Enterprises who build within their own network typically have numerous safeguards on network egress. There is cost associated with that effort though and more friction to getting reliable, fast and repeatable build environments.
This eBPF firewall helps you lockdown that network egress on GitHub's cloud and gives you observability on what each build is reaching out to.