Resources

Blog Harden-Runner GitHub Actions Advisor StepSecurity Maintained Actions

Company

About Case Studies

Pricing Install StepSecurity App Login

Resources

Blog Harden-Runner GitHub Actions Advisor StepSecurity Maintained Actions

Company

About Case Studies Pricing Install StepSecurity App Login

Introduction
Getting Started
- Quickstart (Community Tier)
- Quickstart (Enterprise Tier)
Overview
Harden-Runner
Orchestrate Security
Actions Secret
Actions
Settings
Partnerships
- RunsOn
Who's Using Harden-Runner?

Powered by GitBook

On this page

Was this helpful?

Getting Started

Quickstart (Community Tier)

Getting Started with Secure Workflow

PreviousQuickstart (Community Tier)NextGetting Started with Secure Repo

Last updated 8 days ago

Was this helpful?

Step 1: Navigate to Secure Workflow on your browser

Step 2: Paste Your Workflow File

Copy your GitHub Actions workflow file and paste it into the editor on the StepSecurity tool interface.

Step 3: Click on the “Secure Workflow” Button

Click the “Secure Workflow” button.
The tool will automatically enhance the security of your workflow by applying recommended settings:

Step 4: Review and Apply the Suggested Changes

The tool will show a diff view of your original workflow versus the secure version.
Key enhancements include:
- Adjusted permissions to follow the principle of least privilege.
- Integration of the StepSecurity Harden Runner with an audit egress policy.
- Pinning all GitHub Actions to specific commit SHAs for better security

Step 5: Save and Commit the Changes

After reviewing the updates, copy the secure workflow provided by the platform.
Apply the updated workflow manually to your repository by pasting it into the appropriate file in your project.

StepSecurity Secure Workflow Page

StepSecurity Secure Workflow Page showing the Secure Workflow button

StepSecurity Secure Workflow Page showing the difference in changes in the workflow file