Checks

The Checks section lists all StepSecurity check runs across your organization. From here, you can see why a check failed, review security findings, and approve checks when appropriate.

You can refine the list of checks by applying filters:

  • Filter by Conclusion (Success or Failure)

  • Filter by Repository

  • Filter by Status(Approved or Pending)

Approving a Failed StepSecurity GitHub Check

This guide explains how to approve a failed StepSecurity GitHub check when an alert is triggered due to unexpected network calls from CI/CD runners.

There are two ways to do this:

  1. From the GitHub Pull Request (PR)

  2. From the StepSecurity dashboard

Option 1: Approve From the PR

Step 1: Navigate to the Pull Request

  • Open the Pull Request (PR) that contains the failed StepSecurity check.

StepSecurity Harden-Runner Check failing in a PR
StepSecurity Harden-Runner Check failing in a PR

Step 2: Click on the Failed Check

  • Locate the StepSecurity Harden-Runner check under the failed checks section.

  • Click on the failed check to view more details.

StepSecurity Harden-Runner Check failing in a PR
StepSecurity Harden-Runner Check failing in a PR

Step 3: Review the Failure Details and Approve

  • The check failure page will display details about unexpected network calls detected from the Harden-Runner.

  • Identify the endpoint and the workflow that triggered the alert.

  • If you want to approve the check run, click the approval link provided in the failure details.

StepSecurity Harden-Runner failed check
StepSecurity Harden-Runner failed check

Step 4: Approve the Check Run

  • On the approval page, review the detected outbound network calls.

  • Click “Approve” to confirm that you are aware of the anomalous call.

StepSecurity Insights page
StepSecurity Insights page

Step 5: Verify Approval Status

  • Return to the check run status tab in GitHub.

  • You will now see that the check has been approved by your GitHub username.

StepSecurity Harden-Runner check
StepSecurity Harden-Runner check

Step 6: Confirm the StepSecurity Check Passed

  • After approval, the StepSecurity check should now be successful.

  • The PR is now ready for merging.

StepSecurity Harden-Runner check successful
StepSecurity Harden-Runner check successful

Option 2: Approve from the StepSecurity Dashboard

Step 1: Navigate to the Dashboard

  • Open the StepSecurity dashboard.

Step 2: Filter Failed Check Runs

  • Use the filters to show only Failed check runs.

Step 3: Open the Failed Run

  • Locate the failed check run that is pending approval.

  • Expand it by clicking the > arrow.

Step 4: Review and Approve

  • Review details of the detected outbound network calls.

  • If legitimate, click Approve to allow the run.

Step 5: Verify and Confirm

  • The status will update to Approved in the dashboard.

  • The corresponding GitHub check will re-run and pass.

Last updated

Was this helpful?