step-security/harden-runner
1
0
Fork 0
mirror of https://github.com/step-security/harden-runner.git synced 2026-06-08 21:17:05 +00:00
Code Issues Projects Releases Packages Wiki Activity
harden-runner/README.md
Varun Sharma e93f996c29 Update README.md
2021-12-10 12:26:08 -08:00

1.3 KiB
Raw Blame History

Step Security Logo

Policy-based Runtime Security for GitHub Actions

First-of-its-kind patent-pending technology that automatically discovers and correlates outbound traffic with each step of a GitHub Actions workflow.

  1. Add this code to your GitHub Actions workflow file as the first step.
steps:
  - uses: step-security/harden-runner@v1
    with:
      egress-policy: audit
  1. In the workflow logs, you will see a link to security insights and recommendations.

Link in build log

  1. Click on the link (example link) to view security insights and recommended egress policy (example below).

Step Security Logo

Step Security Logo

  1. Add the recommended outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed.