Community License
This section describes how to install Harden-Runner using Community license. Please note that this license only supports public repositories.
Supported Repositories
| Repo Visibility | Availability |
|---|---|
| Public |  |
| Private |  |
Community license will forever remain free for public repositories.
Get Started
To get started with Community license for public repositories, simply add the harden-runner action into your GitHub Actions workflow files as described below. No need to sign up explicitly before/after updating your workflow files.
1. Update GitHub Actions Workflow Files
Add step-security/harden-runner to your GitHub Actions workflow file as the first step in each job.
steps:
- uses: step-security/harden-runner@v2
with:
egress-policy: audit
You can also visit Secure-Workflows to add Harden-Runner GitHub Action to your workflow files. For reference, please take a look this sample pull request.
2. (Optional) Install StepSecurity App
To enable additional Harden-Runner features, install the Harden Runner App. You can find instructions on how to install the App here.