Community License
This section describes how to install Harden-Runner using Community
license. Please note that this license only supports public repositories.
Supported Repositories
Repo Visibility | Availability |
---|---|
Public | |
Private |
Community
license will forever remain free for public repositories.
Get Started
To get started with Community
license for public repositories, simply add the harden-runner action into your GitHub Actions workflow files as described below. No need to sign up explicitly before/after updating your workflow files.
1. Update GitHub Actions Workflow Files
Add step-security/harden-runner
to your GitHub Actions workflow file as the first step in each job.
steps:
- uses: step-security/harden-runner@v2
with:
egress-policy: audit
You can also visit Secure-Workflows to add Harden-Runner
GitHub Action to your workflow files. For reference, please take a look this sample pull request.
2. (Optional) Install StepSecurity App
To enable additional Harden-Runner features, install the Harden Runner App. You can find instructions on how to install the App here.