Secure Repo

The Secure Repo feature in StepSecurity allows you to apply security best practices across all GitHub Actions workflows in your repository. It automates security improvements by scanning workflows, suggesting fixes, and generating a pull request for seamless integration.

Key Features

  • Automated Security Enhancements: Analyzes and applies security best practices to all workflow files.

  • One-Click PR Creation: Generates a pull request with security fixes for easy review and merging.

  • GitHub Best Practices Compliance: Ensures workflow permissions, dependencies, and secrets follow industry standards.

  • Minimal Manual Intervention: StepSecurity automatically enforces security measures with minimal user effort.

  • Orchestrate Custom Workflows: Define and enforce standardized GitHub Actions workflows across repositories by specifying mandatory template workflows that must be included in every repository. Learn how to use this feature here.

How to Secure Your Repository Using Secure Repo

Step 1: Access the StepSecurity Dashboard

  • Visit StepSecurity Secure Repo or navigate to “Secure Repo” under the Orchestrate Security section in your StepSecurity dashboard.

Step 2: Enter Your GitHub Repository

  • Click on the "Enter Your GitHub Repository" field.

  • Type or paste the URL of your GitHub repository.

StepSecurity Secure Repo page
StepSecurity Secure Repo page

Step 3: Analyze the Repository

  • Click the "Analyze Repository" button.

  • Secure Repo will scan your repository and suggest security improvements.

StepSecurity Secure Repo page
StepSecurity Secure Repo page

Step 4: Preview the Changes

  • Click "Preview Changes" to review the security enhancements.

Step 5: Review commit message

  • Review the commit message generated by Secure Repo.

  • Click "Preview Changes" again to proceed.

StepSecurity Secure Repo page
StepSecurity Secure Repo page

Step 6: Review Read-Only Preview

  • Click on the "read-only preview" to review the proposed changes before creating a pull request

StepSecurity Secure Repo page

Step 7: Inspect the Code Changes

  • Ensure the proposed changes align with your repository’s security need

Preview PR

Step 8: Create a Pull Request

  1. Click "Create Pull Request".

  2. Confirm the pull request details and click "Create Pull Request" again.

StepSecurity Secure Repo page

Step 9: Final Confirmation

  • Secure Repo will generate a confirmation message.

  • Click the provided link to view your pull request on GitHub.

StepSecurity Secure Repo page

Step 10: Merge the Pull Request

  • Once you've reviewed the changes, click the "Merge Pull Request" button to apply the fixes to your repository.

PR page

Step 11: Verify Security Fixes

  • After merging, confirm that the security fixes have been successfully applied by viewing the updated repository.

  • You can also re-analyze the repository in StepSecurity to verify the changes.

PR page

How To Setup Custom Workflow Templates

Workflow templates allow you to define standardized workflows that can be used across all repositories in your organization. Setting up workflow templates is simple—just follow these steps:

Step 1: Access the StepSecurity Dashboard

  • Click on your user profile picture in the StepSecurity dashboard.

  • Select "User Settings" from the dropdown menu.

StepSecurity Overview Dashboard

Step 2: Configure Workflow Templates

  • Navigate to the Workflow Templates section under User Settings.

  • Enter the repository link containing the GitHub workflow templates.

  • Click "Update Templates Repository" to save your changes.

Workflow Templates under User Settings

Step 3: Secure and Analyze a Repository

  • Go to Secure Repo under the Orchestrate Security section.

  • Enter the link to a repository in your organization.

  • Click "Analyze Repository" to review security configurations.

StepSecurity Secure Repo page

Step 4: Apply Workflow Templates to Repositories

  • Review the suggested changes in the repository.

  • The system will automatically apply the specified workflow templates.

StepSecurity Secure Repo page

Last updated

Was this helpful?