step-security/harden-runner
1
0
Fork 0
mirror of https://github.com/step-security/harden-runner.git synced 2026-06-08 15:17:09 +00:00
Code Issues Projects Releases Packages Wiki Activity
harden-runner/README.md
Varun Sharma 804d376dcb
 Update README.md
2021-12-06 17:15:13 -08:00

1.3 KiB
Raw Blame History

Step Security Logo

Harden Runner

First-of-its-kind technology that automatically discovers and correlates outbound traffic with each step of a GitHub Actions workflow.

To use this GitHub Action, add the following code to your GitHub Actions workflow file as the first step.

steps:
    - uses: step-security/harden-runner@v1
      with:
        egress-policy: audit

In the workflow logs, you should see a link to security insights and recommendations.

Link in build log

Click on the link (example link) to view security insights and recommended egress policy (example below).

Step Security Logo

Step Security Logo

You can then add the correlated outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed, thereby reducing risk from software supply chain attacks.