What's there to get under control? It cannot get out of control.
GH Action have a timeout of 60min already. A PR with about 5 jobs running for 5 hrs is nothing to gain for the culprit. The repo owner certainly finds out soon enough, and reports it at GitHub to block him. GitHub doesn't even need to start a mass scan for such losers.
Azure is such a huge server farm, nobody should care about a few 1hr miners, who get eventually thrown out.
But the easiest mitigation
would be up block outbound traffic to the miners IPs. These are well-known.
GH Action have a timeout of 60min already. A PR with about 5 jobs running for 5 hrs is nothing to gain for the culprit. The repo owner certainly finds out soon enough, and reports it at GitHub to block him. GitHub doesn't even need to start a mass scan for such losers. Azure is such a huge server farm, nobody should care about a few 1hr miners, who get eventually thrown out.
But the easiest mitigation would be up block outbound traffic to the miners IPs. These are well-known.