Task 60832491671
security: harden CI actions and subprocess calls
2026-01-19 14:41:09 completed security-hardening-ci-scripts a89391d6a6cfa53067b21566857eae8f6312905e- build_duration:
21s - ccache_hitrate:
1m36s - docker_build_cached:
true - docker_build_duration:
16s
Commands that took longer than 1 second (total 45m55s)
| line | duration | percentage | command |
|---|---|---|---|
| 948 | 16s | 0% | docker buildx build --file=/home/admin/actions-runner/_work/bitcoin/bitcoin/ci/test_imagefile --build-arg=CI_IMAGE_NAME_TAG=mirror.gcr.io/ubuntu:24.04 --build-arg=FILE_ENV=./ci/test/00_setup_env_native_fuzz.sh --build-arg=BASE_ROOT_DIR=/home/admin/actions-runner/_work/_temp --platform=linux --label=bitcoin-ci-test --tag=ci_native_fuzz --cache-from type=gha,url=http://127.0.0.1:12321/,url_v2=http://127.0.0.1:12321/,scope=ci_native_fuzz --load /home/admin/actions-runner/_work/bitcoin/bitcoin |
| 1031 | 1s | 0% | docker run --rm --interactive --detach --tty --cap-add=LINUX_IMMUTABLE --cap-add SYS_PTRACE --mount=type=bind,src=/home/admin/actions-runner/_work/bitcoin/bitcoin,dst=/home/admin/actions-runner/_work/bitcoin/bitcoin,readonly --mount=type=bind,src=/home/admin/actions-runner/_work/_temp/ccache_dir,dst=/home/admin/actions-runner/_work/_temp/ccache_dir --mount=type=bind,src=/home/admin/actions-runner/_work/_temp/depends/built,dst=/home/admin/actions-runner/_work/_temp/depends/built --mount=type=bind,src=/home/admin/actions-runner/_work/_temp/depends/sources,dst=/home/admin/actions-runner/_work/_temp/depends/sources --mount=type=bind,src=/home/admin/actions-runner/_work/_temp/previous_releases,dst=/home/admin/actions-runner/_work/_temp/previous_releases --mount=type=bind,src=/home/admin/actions-runner/_work/_temp/build,dst=/home/admin/actions-runner/_work/_temp/build --env-file=/tmp/env-admin-cinativefuzz --name=ci_native_fuzz --network=ci-ip6net --platform=linux ci_native_fuzz |
| 1210 | 57s | 2% | 1].Add(stats); |
| 1356 | 10s | 0% | - skipped |
| 1678 | 21s | 0% | cmake --build /home/admin/actions-runner/_work/_temp/build -j16 --target all |
| 2212 | 43m29s | 94% | /home/admin/actions-runner/_work/_temp/build/test/fuzz/test_runner.py -j16 -l DEBUG /home/admin/actions-runner/_work/_temp/ci/scratch/qa-assets/fuzz_corpora/ --empty_min_time=60 |
| 5163 | 9s | 0% | docker container kill a194a2ed344861f0936e3918bd27481336ff11a34f18b37d9b024a5d1384187d |