step-security/harden-runner
1
0
Fork 0
mirror of https://github.com/step-security/harden-runner.git synced 2026-06-08 06:17:07 +00:00
Code Issues Projects Releases Packages Wiki Activity
harden-runner/README.md
Varun Sharma 97cc62aa05 Update README.md
2021-12-10 12:31:06 -08:00

45 lines
No EOL
1.4 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<p align="left">
<img src="https://step-security-images.s3.us-west-2.amazonaws.com/Final-Logo-06.png" alt="Step Security Logo" width="340">
</p>
# Policy-based Runtime Security for GitHub Actions
First-of-its-kind patent-pending technology that automatically correlates outbound traffic with each step of a workflow.
1. Add this code to your GitHub Actions workflow file as the first step.
```
steps:
- uses: step-security/harden-runner@v1
with:
egress-policy: audit
- uses: actions/checkout@v2
```
2. In the workflow logs, you will see a link to security insights and recommendations.
<p align="left">
<img src="https://step-security-images.s3.us-west-2.amazonaws.com/build_log_link.png" alt="Link in build log" >
</p>
3. Click on the link ([example link](https://app.stepsecurity.io/github/nvm-sh/nvm/actions/runs/1547131792)).
<p align="left">
<img src="https://step-security-images.s3.us-west-2.amazonaws.com/insights.png" alt="Step Security Logo" >
</p>
<p align="left">
<img src="https://step-security-images.s3.us-west-2.amazonaws.com/policy.png" alt="Step Security Logo" >
</p>
4. Add the recommended outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed.
```
steps:
- uses: step-security/harden-runner@v1
with:
allowed-endpoints:
github.com:443
nodejs.org:443
registry.npmjs.org:443
- uses: actions/checkout@v2
```
Reference in a new issue View git blame Copy permalink