step-security/harden-runner
1
0
Fork 0
mirror of https://github.com/step-security/harden-runner.git synced 2026-06-06 13:47:06 +00:00
Code Issues Projects Releases Packages Wiki Activity
Pull-mirror of github.com/step-security/harden-runner
61 commits 87 branches 69 tags 56 MiB
  • TypeScript 100%
Find a file
Varun Sharma efd7939c45 Update release.yml
2021-12-21 15:18:48 -08:00
.github/workflows Update release.yml 2021-12-21 15:18:48 -08:00
dist Print as string 2021-11-30 15:24:00 -08:00
src Print as string 2021-11-30 15:24:00 -08:00
.gitignore Add code for GH action 2021-10-28 10:16:48 -07:00
action.yml Update metadata 2021-11-19 07:21:14 -08:00
LICENSE Initial commit 2021-10-28 09:58:47 -07:00
package-lock.json Call monitor run 2021-11-30 14:16:09 -08:00
package.json Call monitor run 2021-11-30 14:16:09 -08:00
README.md Update README.md 2021-12-10 12:31:06 -08:00
SECURITY.md Create SECURITY.md 2021-11-19 13:19:40 -08:00
tsconfig.json Add code for GH action 2021-10-28 10:16:48 -07:00

README.md

Step Security Logo

Policy-based Runtime Security for GitHub Actions

First-of-its-kind patent-pending technology that automatically correlates outbound traffic with each step of a workflow.

  1. Add this code to your GitHub Actions workflow file as the first step.
steps:
  - uses: step-security/harden-runner@v1
      with:
        egress-policy: audit
  - uses: actions/checkout@v2
  1. In the workflow logs, you will see a link to security insights and recommendations.

Link in build log

  1. Click on the link (example link).

Step Security Logo

Step Security Logo

  1. Add the recommended outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed.
steps:
      - uses: step-security/harden-runner@v1
        with:
          allowed-endpoints:
            github.com:443
            nodejs.org:443
            registry.npmjs.org:443
      - uses: actions/checkout@v2