GitHub Checks
This feature integrates Harden Runner insights into the GitHub Checks UI so developers can get immediate feedback and get notified of anomalous outbound network calls in the Checks UI and do not need to subscrible to Email/ Slack notifications or visit the StepSecurity dashboard.
When a pull request is created, the StepSecurity Harden Runner Check will show the network monitoring status for all workflow runs associated with the pull request.
When all the workflow runs associated with the pull request are completed, the status check with be either Pass or Fail.
✅ If the check passes, it means no anomalous outbound call was detected
❌ If the check fails, it means at least one anomalous outbound call was detected
Clicking on the Details link next to the check will show the list of workflow runs monitored, link to the insights pages for each run, and if the check has failed, the list of anomalous outbound calls.
Enable GitHub Checks
To enable StepSecurity GitHub Checks, go to Settings in the bottom-left corner in the appv2 dashboard and click on GitHub Checks. Opt-in specific repositories where you want to enable the StepSecurity Harden Runner GitHub Check and click on Save.
