Checks

The Checks section lists all StepSecurity check runs across your organization. From here, you can see why a check failed, review security findings, and approve checks when appropriate.

You can refine the list of checks by applying filters:

• Filter by Conclusion (Success or Failure)

• Filter by Repository

• Filter by Status(Approved or Pending)

• Filter by Time Range

Approving a Failed StepSecurity GitHub Check

This guide explains how to approve a failed StepSecurity GitHub check when an alert is triggered due to unexpected network calls from CI/CD runners.

There are two ways to do this:

1. From the GitHub Pull Request (PR)

2. From the StepSecurity dashboard

Option 1: Approve From the PR

Step 1: Navigate to the Pull Request

• Open the Pull Request (PR) that contains the failed StepSecurity check.

Step 2: Click on the Failed Check

• Locate the StepSecurity Harden-Runner check under the failed checks section.

• Click on the failed check to view more details.

Step 3: Review the Failure Details and Approve

• The check failure page will display details about unexpected network calls detected from the Harden-Runner.

• Identify the endpoint and the workflow that triggered the alert.

• If you want to approve the check run, click the approval link provided in the failure details.

Step 4: Approve the Check Run

• On the approval page, review the detected outbound network calls.

• Click “Approve” to confirm that you are aware of the anomalous call.

Step 5: Verify Approval Status

• Return to the check run status tab in GitHub.

• You will now see that the check has been approved by your GitHub username.

Step 6: Confirm the StepSecurity Check Passed

• After approval, the StepSecurity check should now be successful.

• The PR is now ready for merging.

Option 2: Approve from the StepSecurity Dashboard

Step 1: Navigate to the Dashboard

• Open the StepSecurity dashboard.

Step 2: Filter Failed Check Runs

• Use the filters to show only Failed check runs.

Step 3: Open the Failed Run

• Locate the failed check run that is pending approval.

• Expand it by clicking the > arrow.

Step 4: Review and Approve

• Review details of the detected outbound network calls.

• If legitimate, click Approve to allow the run.

Step 5: Verify and Confirm

• The status will update to Approved in the dashboard.

• The corresponding GitHub check will re-run and pass.

Re-running StepSecurity Checks from a Pull Request

Customers can re-run StepSecurity checks directly from a Pull Request (PR) by leaving a comment.

To trigger a re-run, comment the following in the PR thread:

Once the comment is added, the StepSecurity app will automatically re-run all associated checks for that PR. This is useful when you’ve fixed workflow issues or adjusted configurations and want to validate the updated behavior without creating a new commit.