fix(policy): add protocol/enforcement/tls to GitHub endpoints

latenighthackathon · latenighthackathon · commit 334be037043c · 2026-04-09T22:18:39.000-05:00
Replace access: full with scoped L7 rules in the github preset (moved from base policy to presets/github.yaml by #1583). github.com gets GET + POST scoped to git-upload-pack / git-receive-pack. api.github.com gets GET + PR/issue/refs/contents writes; DELETE excluded to block destructive ops. Closes #1111 Signed-off-by: latenighthackathon <latenighthackathon@users.noreply.github.com>
diff --git a/nemoclaw-blueprint/policies/presets/github.yaml b/nemoclaw-blueprint/policies/presets/github.yaml
@@ -19,12 +19,44 @@ network_policies:
   github:
     name: github
     endpoints:
+      # git transport (clone, fetch, push) over smart HTTP.
+      # POST scoped to git-upload-pack / git-receive-pack only.
       - host: github.com
         port: 443
-        access: full
+        protocol: rest
+        enforcement: enforce
+        tls: terminate
+        rules:
+          - allow: { method: GET, path: "/**" }
+          - allow: { method: POST, path: "/**/git-upload-pack" }
+          - allow: { method: POST, path: "/**/git-receive-pack" }
+      # REST API: GET is unrestricted; writes scoped to PR/issue
+      # workflows and git ref/content operations. DELETE excluded to
+      # block destructive ops (repo deletion, branch force-delete,
+      # org membership changes).
       - host: api.github.com
         port: 443
-        access: full
+        protocol: rest
+        enforcement: enforce
+        tls: terminate
+        rules:
+          - allow: { method: GET, path: "/**" }
+          # PR workflow
+          - allow: { method: POST, path: "/repos/*/*/pulls" }
+          - allow: { method: PATCH, path: "/repos/*/*/pulls/*" }
+          - allow: { method: PUT, path: "/repos/*/*/pulls/*/merge" }
+          - allow: { method: POST, path: "/repos/*/*/pulls/*/reviews" }
+          - allow: { method: POST, path: "/repos/*/*/pulls/*/requested_reviewers" }
+          # Issues
+          - allow: { method: POST, path: "/repos/*/*/issues" }
+          - allow: { method: PATCH, path: "/repos/*/*/issues/*" }
+          - allow: { method: POST, path: "/repos/*/*/issues/*/comments" }
+          # Branch creation and file commits via API
+          - allow: { method: POST, path: "/repos/*/*/git/refs" }
+          - allow: { method: PATCH, path: "/repos/*/*/git/refs/**" }
+          - allow: { method: PUT, path: "/repos/*/*/contents/**" }
+          # Manual workflow dispatch (gh workflow run)
+          - allow: { method: POST, path: "/repos/*/*/actions/workflows/*/dispatches" }
     binaries:
       - { path: /usr/bin/gh }
       - { path: /usr/bin/git }
