Checks
The Checks section lists all StepSecurity check runs across your organization. From here, you can see why a check failed, review security findings, and approve checks when appropriate.

You can refine the list of checks by applying filters:
Filter by Conclusion (Success or Failure)
Filter by Repository
Filter by Status(Approved or Pending)
Approving a Failed StepSecurity GitHub Check
This guide explains how to approve a failed StepSecurity GitHub check when an alert is triggered due to unexpected network calls from CI/CD runners.
There are two ways to do this:
From the GitHub Pull Request (PR)
From the StepSecurity dashboard
Option 1: Approve From the PR
Step 1: Navigate to the Pull Request
Open the Pull Request (PR) that contains the failed StepSecurity check.

Step 2: Click on the Failed Check
Locate the StepSecurity Harden-Runner check under the failed checks section.
Click on the failed check to view more details.

Step 3: Review the Failure Details and Approve
The check failure page will display details about unexpected network calls detected from the Harden-Runner.
Identify the endpoint and the workflow that triggered the alert.
If you want to approve the check run, click the approval link provided in the failure details.

Step 4: Approve the Check Run
On the approval page, review the detected outbound network calls.
Click “Approve” to confirm that you are aware of the anomalous call.

Step 5: Verify Approval Status
Return to the check run status tab in GitHub.
You will now see that the check has been approved by your GitHub username.

Step 6: Confirm the StepSecurity Check Passed
After approval, the StepSecurity check should now be successful.
The PR is now ready for merging.

Option 2: Approve from the StepSecurity Dashboard
Step 1: Navigate to the Dashboard
Open the StepSecurity dashboard.

Step 2: Filter Failed Check Runs
Use the filters to show only Failed check runs.

Step 3: Open the Failed Run
Locate the failed check run that is pending approval.
Expand it by clicking the > arrow.

Step 4: Review and Approve
Review details of the detected outbound network calls.
If legitimate, click Approve to allow the run.

Step 5: Verify and Confirm
The status will update to Approved in the dashboard.
The corresponding GitHub check will re-run and pass.

Last updated
Was this helpful?