step-security/harden-runner
1
0
Fork 0
mirror of https://github.com/step-security/harden-runner.git synced 2026-06-07 12:17:08 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #90 from arjundashrath/main

Browse source 
Improve Harden Runner screenshots
This commit is contained in:
Varun Sharma 2022-02-07 19:29:37 -08:00 committed by GitHub
commit c5e47cae48
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

7
README.md
View file

@ -23,16 +23,17 @@ First-of-its-kind patent-pending technology that automatically correlates outbou
2. In the workflow logs, you will see a link to security insights and recommendations.
<p align="left">
<img src="https://step-security-images.s3.us-west-2.amazonaws.com/build_log_link1.png" alt="Link in build log" >
<img src="https://github.com/step-security/supply-chain-goat/blob/main/images/harden-runner/ActionLog.png" alt="Link in build log" >
</p>
3. Click on the link ([example link](https://app.stepsecurity.io/github/jauderho/dockerfiles/actions/runs/1736506434)). You will see outbound traffic made by each step.
<p align="left">
<img src="https://step-security-images.s3.us-west-2.amazonaws.com/insights3.png" alt="Insights from harden-runner" >
<img src="https://github.com/step-security/supply-chain-goat/blob/main/images/harden-runner/OutboundCall.png" alt="Insights from harden-runner" >
</p>
Below the insights, you will see the recommended policy.
<p align="left">
<img src="https://step-security-images.s3.us-west-2.amazonaws.com/recommended-policy.png" alt="Policy recommended by harden-runner" >
<img src="https://github.com/step-security/supply-chain-goat/blob/main/images/harden-runner/RecomPolicy.png" alt="Policy recommended by harden-runner" >
</p>
4. Add the recommended outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed.