Skip to main content

Team/Enterprise License

This section describes how to install Harden-Runner using a commercial license. Private repositories are only supported in this licensing model.

Supported Subscription

Repo VisibilityAvailability
PublicYes logo
PrivateYes logo

Start Free Trial

StepSecurity offers a free trial for Team subscription for private repositories. If you have not used Harden-Runner with a private repository before, the trial will start when Harden-Runner is used for the first time with any GitHub Actions workflows from the repository.

You don't need to sign up or provide credit card details to start your free trial before following the deployment steps described below.

Deployment Steps

The following video demonstrates the installation steps described below:

1. Install StepSecurity App

This is a mandatory step for private repositories. Install the StepSecurity Actions Security GitHub App in your GitHub account. We recommend you install it on the entire GitHub account.

Choose GitHub Account

App Installation Choose Repositories

Complete Order

App Installation Complete Order

Install & Authorize App

App Installation Choose Repositories

2. Update GitHub Actions Workflow Files

Add step-security/harden-runner to your GitHub Actions workflow file as the first step in each job.

steps:
- uses: step-security/harden-runner@v2
with:
egress-policy: audit

You can also use Secure-Workflows to add Harden-Runner GitHub Action to your workflow files. For reference, please take a look this sample pull request.

3. Upgrade to Commercial License

Once your trial starts, you will also receive periodic emails from StepSecurity with license upgrade instructions. If you do not receive the email, check your spam folder, or email us at info@stepsecurity.io.

If the subscription is not upgraded, Harden-Runner will stop working once the trial period is over.