From 0a2f83ef0be01544bedf580a803aaf136b6d7086 Mon Sep 17 00:00:00 2001
From: Mathieu Larose <mathieu@mathieularose.com>
Date: Fri, 21 Jun 2024 15:00:44 -0400
Subject: [PATCH] Add bullfrog

---
 .github/workflows/publish.yml      | 6 ++++++
 .github/workflows/pull_request.yml | 9 +++++++++
 2 files changed, 15 insertions(+)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index dd95716..8fde56b 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -12,6 +12,9 @@ jobs:
       matrix:
         python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"]
     steps:
+      - uses: bullfrogsec/bullfrog@v0.2
+        with:
+            egress-policy: block
       - uses: actions/checkout@v2
       - name: Setup python
         uses: actions/setup-python@v1
@@ -33,6 +36,9 @@ jobs:
     runs-on: ubuntu-22.04
     needs: build-and-check
     steps:
+      - uses: bullfrogsec/bullfrog@v0.2
+        with:
+            egress-policy: block
       - uses: actions/checkout@v2
       - name: Setup python
         uses: actions/setup-python@v1
diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml
index be5e690..25885a9 100644
--- a/.github/workflows/pull_request.yml
+++ b/.github/workflows/pull_request.yml
@@ -4,14 +4,23 @@ on:
   pull_request:
     branches:
       - master
+  push:
+    branches:
+      - master
+      - larose/bullfrog
 
 jobs:
   build-and-check:
     runs-on: ubuntu-22.04
     strategy:
+      fail-fast: false
       matrix:
         python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"]
     steps:
+      - name: Bullfrog Secure Runner
+        uses: bullfrogsec/bullfrog@larose/fix-tetragon-install
+        with:
+            egress-policy: block
       - uses: actions/checkout@v2
       - name: Setup python
         uses: actions/setup-python@v1