fix(policy): add protocol/enforcement/tls to GitHub endpoints

latenighthackathon · latenighthackathon · commit 3bb9d175fda9 · 2026-04-02T12:22:40.000-05:00
Replace access: full on github.com and api.github.com with L7-enforced REST policies. Without protocol: rest the proxy treats these as L4-only connections and method/path rules cannot be evaluated. github.com: POST scoped to git-upload-pack/git-receive-pack only. api.github.com: writes scoped to PR/issue workflows and git ref/content operations. DELETE excluded to block destructive ops. Closes #1111 Signed-off-by: latenighthackathon <latenighthackathon@users.noreply.github.com>
diff --git a/nemoclaw-blueprint/policies/openclaw-sandbox.yaml b/nemoclaw-blueprint/policies/openclaw-sandbox.yaml
@@ -94,12 +94,42 @@ network_policies:
   github:
     name: github
     endpoints:
+      # git transport (clone, fetch, push) over smart HTTP.
+      # POST scoped to git-upload-pack / git-receive-pack only.
       - host: github.com
         port: 443
-        access: full
+        protocol: rest
+        enforcement: enforce
+        tls: terminate
+        rules:
+          - allow: { method: GET, path: "/**" }
+          - allow: { method: POST, path: "/**/git-upload-pack" }
+          - allow: { method: POST, path: "/**/git-receive-pack" }
+      # REST API: GET is unrestricted; writes scoped to PR/issue
+      # workflows and git ref/content operations. DELETE excluded to
+      # block destructive ops (repo deletion, branch force-delete,
+      # org membership changes).
       - host: api.github.com
         port: 443
-        access: full
+        protocol: rest
+        enforcement: enforce
+        tls: terminate
+        rules:
+          - allow: { method: GET, path: "/**" }
+          # PR workflow
+          - allow: { method: POST, path: "/repos/*/*/pulls" }
+          - allow: { method: PATCH, path: "/repos/*/*/pulls/*" }
+          - allow: { method: PUT, path: "/repos/*/*/pulls/*/merge" }
+          - allow: { method: POST, path: "/repos/*/*/pulls/*/reviews" }
+          - allow: { method: POST, path: "/repos/*/*/pulls/*/requested_reviewers" }
+          # Issues
+          - allow: { method: POST, path: "/repos/*/*/issues" }
+          - allow: { method: PATCH, path: "/repos/*/*/issues/*" }
+          - allow: { method: POST, path: "/repos/*/*/issues/*/comments" }
+          # Branch creation and file commits via API
+          - allow: { method: POST, path: "/repos/*/*/git/refs" }
+          - allow: { method: PATCH, path: "/repos/*/*/git/refs/**" }
+          - allow: { method: PUT, path: "/repos/*/*/contents/**" }
     binaries:
       - { path: /usr/bin/gh }
       - { path: /usr/bin/git }
