StepSecurity
ResourcesCompanyPricingInstall StepSecurity AppLogin
  • Introduction
  • Getting Started
    • Quickstart (Community Tier)
      • Getting Started with Secure Workflow
      • Getting Started with Secure Repo
      • Getting Started with Harden Runner
    • Quickstart (Enterprise Tier)
  • Guides
    • How to enable network and runtime monitoring (Harden-Runner) for runners
    • How to restrict network connections to explicitly allowed endpoints
    • How do I authenticate with the StepSecurity app
    • How should I improve the security of third-party actions in my organization
    • How should I reduce the number of Harden-Runner anomalous endpoint alerts
    • How can developers see and fix StepSecurity findings without security’s help?
  • Overview
  • Harden-Runner
    • Workflow Runs
    • All Destinations
    • Detections
    • GitHub Checks
    • Suppression Rules
    • Policy Store
    • Self-Hosted Runners
    • Runbooks
      • Anomalous Outbound Network Calls
      • How to Determine Minimum Token Permissions
  • Orchestrate Security
    • Policy Driven PRs
    • Secure Workflow
    • Secure Repo
    • Pull Requests
  • Run Policies
    • Policies
    • Policy Evaluations
  • Artifact Monitor
  • Actions Secret
  • Actions
    • GitHub Actions In Use
    • Reusable Workflows
    • GitHub Actions Score
    • StepSecurity Maintained Actions
  • Settings
    • Notifications
    • Self-Hosted Runners
    • API Key
    • GitHub Checks
    • Control Evaluation
  • Admin Console
    • Resources
    • S3 Integration
    • Members
    • Security & Auth
      • Setting Up Google SSO
      • Setting Up Okta SSO
      • Setting Up Microsoft Entra (Azure AD)
    • Audit Logs
  • Partnerships
    • RunsOn
  • Who's Using Harden-Runner?
  • Enterprise Readiness
Powered by GitBook
On this page
  • How It Works
  • Approving a Failed StepSecurity GitHub Check
  • View past GitHub Checks

Was this helpful?

Export as PDF
  1. Harden-Runner

GitHub Checks

PreviousDetectionsNextSuppression Rules

Last updated 1 month ago

Was this helpful?

This is a new feature. If you installed the StepSecurity Actions Security GitHub App before January 10th, 2025, you will need to accept two new permissions to enable GitHub Checks:

  • pull_requests: read

  • checks: write

These permissions are required for StepSecurity App to write checks within GitHub.

This feature integrates Harden-Runner insights into the GitHub Checks UI, providing developers with immediate feedback on outbound network activity.

With this integration, developers no longer need to rely on email or Slack notifications or visit the StepSecurity dashboard to monitor anomalous network calls.

How It Works

To enable GitHub Check for your repositories, follow the instructions provided in this

  1. Pull Request Creation:

When a pull request is created, the StepSecurity Harden Runner Check will display the network monitoring status for all associated workflow runs.

  1. Completion of Workflow Runs:

Once all workflow runs linked to the pull request are completed, the status check will indicate either Pass or Fail:

✅ Pass: No anomalous outbound calls detected.

❌ Fail: At least one anomalous outbound call detected.

  1. Clicking the Details link next to the check provides:

  • A list of monitored workflow runs.

  • Links to insights pages for each run.

  • If the check has failed, a list of anomalous outbound calls detected.

Approving a Failed StepSecurity GitHub Check

This guide explains how to approve a failed StepSecurity GitHub check when an alert is triggered due to unexpected network calls from CI/CD runners.

Step 1: Navigate to the Pull Request

  • Open the Pull Request (PR) that contains the failed StepSecurity check.

Step 2: Click on the Failed Check

  • Locate the StepSecurity Harden-Runner check under the failed checks section.

  • Click on the failed check to view more details.

Step 3: Review the Failure Details and Approve

  • The check failure page will display details about unexpected network calls detected from the Harden-Runner.

  • Identify the endpoint and the workflow that triggered the alert.

  • If you want to approve the check run, click the approval link provided in the failure details.

Step 4: Approve the Check Run

  • On the approval page, review the detected outbound network calls.

  • Click “Approve” to confirm that you are aware of the anomalous call.

Step 5: Verify Approval Status

  • Return to the check run status tab in GitHub.

  • You will now see that the check has been approved by your GitHub username.

Step 6: Confirm the StepSecurity Check Passed

  • After approval, the StepSecurity check should now be successful.

  • The PR is now ready for merging.

View past GitHub Checks

This guide walks you through how to view past GitHub Actions workflow checks using StepSecurity Harden-Runner

Step 1: Navigate to the GitHub Checks Section

  • Open StepSecurity and go to the Harden Runner section.

  • Click on GitHub Checks to view a list of all past workflow runs in your organization.

Step 2: View a Specific Check

  • Locate the workflow check you want to inspect.

  • Click View Check next to it.

Step 3: Review Check Details

  • On the Check details page, look for any security alerts or anomalous network activity.

  • If necessary, approve the Check or take additional security actions.

Step 4: Apply Filters to Find Specific Checks

You can refine the list of checks by applying filters:

  1. Filter by Conclusion (Success or Failure)

  • Click the Conclusion dropdown.

  • Select:

    • Success to view successful runs.

    • Failure to see failed checks.

    • All to view everything.

  1. Filter by Repository

  • Click the Select Repository dropdown.

  • Choose a specific repository to view only its checks.

StepSecurity Harden-Runner Check failing in a PR
StepSecurity Harden-Runner Check failing in a PR
StepSecurity Harden-Runner failed check
StepSecurity Insights page
StepSecurity Harden-Runner check
StepSecurity Harden-Runner check successful
StepSecurity GitHub Checks page
StepSecurity GitHub Checks page
StepSecurity Harden-Runner check page
StepSecurity Harden-Runner Check failing in a PR
StepSecurity Harden-Runner check
StepSecurity Insights page
StepSecurity Harden-Runner Check failing in a PR
StepSecurity Harden-Runner failed check
StepSecurity Harden-Runner check successful
StepSecurity GitHub Checks page
StepSecurity GitHub Checks page
StepSecurity Harden-Runner check page
guide
List of GitHub Checks including StepSecurity Harden-Runner check
StepSecurity Harden-Runner Check
StepSecurity GitHub Checks page showing different conclusions
StepSecurity GitHub Checks page showing all the repositories
List of GitHub Checks including StepSecurity Harden-Runner check
StepSecurity Harden-Runner Check showing the report
StepSecurity GitHub Checks page showing different conclusions
StepSecurity GitHub Checks page showing all the repositories