Thanks to visit codestin.com
Credit goes to github.com

Skip to content

chore: integrate step-security/harden-runner in workflows #15099

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 16, 2024
Merged

chore: integrate step-security/harden-runner in workflows #15099

merged 2 commits into from
Oct 16, 2024

Conversation

matifali
Copy link
Member

@matifali matifali commented Oct 15, 2024
edited
Loading

Redoing #15097
Part of #14879

@matifali matifali force-pushed the atif/best-practives branch from 77a5ac9 to a16230d Compare October 15, 2024 22:34
@coder coder deleted a comment from github-actions bot Oct 15, 2024
@matifali matifali changed the title chore: apply security best practices chore: integrate step-security/harden-runner in workflows Oct 16, 2024
@matifali matifali requested a review from coadler October 16, 2024 12:38
coadler
coadler approved these changes Oct 16, 2024
View reviewed changes
Copy link
Contributor

@coadler coadler left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do they have an action to validate that all workflows have this enabled? Seems easy to miss in the future when more workflows are added.

@matifali
Copy link
Member Author

I will check if there are any.
But it can be checked manually from
https://app.stepsecurity.io/securerepo?repo=https://github.com/coder/coder

@matifali matifali merged commit 8e254cb into main Oct 16, 2024
35 checks passed
@matifali matifali deleted the atif/best-practives branch October 16, 2024 18:23
@github-actions github-actions bot locked and limited conversation to collaborators Oct 16, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@coadler coadler coadler approved these changes

Assignees

@matifali matifali

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@matifali @coadler