Task 60521891690
security: harden CI actions and subprocess calls
2026-01-15 13:30:39 completed security-hardening-ci-scripts cb4f2b3b5b8d1a4c1acd46a5434c018e3af34975- build_duration:
21s - ccache_hitrate:
1m34s - docker_build_cached:
true - docker_build_duration:
21s
Commands that took longer than 1 second (total 54m1s)
| line | duration | percentage | command |
|---|---|---|---|
| 987 | 21s | 0% | docker buildx build --file=/home/admin/actions-runner/_work/bitcoin/bitcoin/ci/test_imagefile --build-arg=CI_IMAGE_NAME_TAG=mirror.gcr.io/ubuntu:24.04 --build-arg=FILE_ENV=./ci/test/00_setup_env_native_fuzz_with_msan.sh --build-arg=BASE_ROOT_DIR=/home/admin/actions-runner/_work/_temp --platform=linux --label=bitcoin-ci-test --tag=ci_native_fuzz_msan --cache-from type=gha,url=http://127.0.0.1:12321/,url_v2=http://127.0.0.1:12321/,scope=ci_native_fuzz_msan --load /home/admin/actions-runner/_work/bitcoin/bitcoin |
| 1075 | 1s | 0% | docker run --rm --interactive --detach --tty --cap-add=LINUX_IMMUTABLE --mount=type=bind,src=/home/admin/actions-runner/_work/bitcoin/bitcoin,dst=/home/admin/actions-runner/_work/bitcoin/bitcoin,readonly --mount=type=bind,src=/home/admin/actions-runner/_work/_temp/ccache_dir,dst=/home/admin/actions-runner/_work/_temp/ccache_dir --mount=type=bind,src=/home/admin/actions-runner/_work/_temp/depends/built,dst=/home/admin/actions-runner/_work/_temp/depends/built --mount=type=bind,src=/home/admin/actions-runner/_work/_temp/depends/sources,dst=/home/admin/actions-runner/_work/_temp/depends/sources --mount=type=bind,src=/home/admin/actions-runner/_work/_temp/previous_releases,dst=/home/admin/actions-runner/_work/_temp/previous_releases --mount=type=bind,src=/home/admin/actions-runner/_work/_temp/build,dst=/home/admin/actions-runner/_work/_temp/build --env-file=/tmp/env-admin-cinativefuzzmsan --name=ci_native_fuzz_msan --network=ci-ip6net --platform=linux ci_native_fuzz_msan |
| 1256 | 33s | 1% | 1].Add(stats); |
| 1644 | 4s | 0% | - |
| 1729 | 12s | 0% | - skipped |
| 2045 | 21s | 0% | cmake --build /home/admin/actions-runner/_work/_temp/build -j8 --target all |
| 2582 | 51m41s | 95% | /home/admin/actions-runner/_work/_temp/build/test/fuzz/test_runner.py -j8 -l DEBUG /home/admin/actions-runner/_work/_temp/ci/scratch/qa-assets/fuzz_corpora/ --empty_min_time=60 |
| 3035 | 8s | 0% | docker container kill 95e38be8eee53acf33a149a518fce5afbd1f4fd6c2df195d42f72ee721fa61ea |