step-security/harden-runner
1
0
Fork 0
mirror of https://github.com/step-security/harden-runner.git synced 2026-06-07 04:47:05 +00:00
Code Issues Projects Releases Packages Wiki Activity
harden-runner/README.md
Varun Sharma 97cc62aa05 Update README.md
2021-12-10 12:31:06 -08:00

1.4 KiB
Raw Blame History

Step Security Logo

Policy-based Runtime Security for GitHub Actions

First-of-its-kind patent-pending technology that automatically correlates outbound traffic with each step of a workflow.

  1. Add this code to your GitHub Actions workflow file as the first step.
steps:
  - uses: step-security/harden-runner@v1
      with:
        egress-policy: audit
  - uses: actions/checkout@v2
  1. In the workflow logs, you will see a link to security insights and recommendations.

Link in build log

  1. Click on the link (example link).

Step Security Logo

Step Security Logo

  1. Add the recommended outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed.
steps:
      - uses: step-security/harden-runner@v1
        with:
          allowed-endpoints:
            github.com:443
            nodejs.org:443
            registry.npmjs.org:443
      - uses: actions/checkout@v2