Team/Enterprise License
This section describes how to install Harden-Runner using a commercial license. Private repositories are only supported in this licensing model.
Supported Subscription
| Repo Visibility | Availability |
|---|---|
| Public |  |
| Private | |
Start Free Trial
StepSecurity offers a free trial for Team subscription for private repositories. If you have not used Harden-Runner with a private repository before, the trial will start when Harden-Runner is used for the first time with any GitHub Actions workflows from the repository.
You don't need to sign up or provide credit card details to start your free trial before following the deployment steps described below.
Deployment Steps
The following video demonstrates the installation steps described below:
1. Install StepSecurity App
This is a mandatory step for private repositories. Install the StepSecurity Actions Security GitHub App in your GitHub account. We recommend you install it on the entire GitHub account.
Choose GitHub Account
Complete Order
Install & Authorize App
2. Update GitHub Actions Workflow Files
Add step-security/harden-runner to your GitHub Actions workflow file as the first step in each job.
steps:
- uses: step-security/harden-runner@v2
with:
egress-policy: audit
You can also use Secure-Workflows to add Harden-Runner GitHub Action to your workflow files. For reference, please take a look this sample pull request.
3. Upgrade to Commercial License
Once your trial starts, you will also receive periodic emails from StepSecurity with license upgrade instructions. If you do not receive the email, check your spam folder, or email us at info@stepsecurity.io.
If the subscription is not upgraded, Harden-Runner will stop working once the trial period is over.