34 lines
1.1 KiB
YAML
34 lines
1.1 KiB
YAML
name: "Harden Runner"
|
|
description: "Security agent for GitHub-hosted runner to monitor the build process"
|
|
inputs:
|
|
allowed-endpoints:
|
|
description: "Only these endpoints will be allowed if egress-policy is set to block"
|
|
required: false
|
|
default: ""
|
|
egress-policy:
|
|
description: "Policy for outbound traffic, can be either audit or block"
|
|
required: false
|
|
default: "block"
|
|
token:
|
|
description: "Used to avoid github rate limiting"
|
|
default: ${{ github.token }}
|
|
disable-telemetry:
|
|
description: "Disable sending telemetry to StepSecurity API, can be set to true or false. This can only be set to true when egress-policy is set to block"
|
|
required: false
|
|
default: "false"
|
|
disable-sudo:
|
|
description: "Disable sudo access for the runner account"
|
|
required: false
|
|
default: "false"
|
|
disable-file-monitoring:
|
|
description: "Disable file monitoring"
|
|
required: false
|
|
default: "false"
|
|
branding:
|
|
icon: "check-square"
|
|
color: "green"
|
|
runs:
|
|
using: "node16"
|
|
pre: "dist/pre/index.js"
|
|
main: "dist/index.js"
|
|
post: "dist/post/index.js"
|