Security in GitHub Actions

Learn about security as a concept in GitHub Actions.

Links

• Secrets

  Learn about secrets as they are used in GitHub Actions workflows.

• GITHUB_TOKEN

  Learn what GITHUB_TOKEN is, how it works, and why it matters for secure automation in GitHub Actions workflows.

• OpenID Connect

  OpenID Connect allows your workflows to exchange short-lived tokens directly from your cloud provider.

• Artifact attestations

  Understand the usage and security benefits of artifact attestations.

• Script injections

  Understand the security risks associated with script injections and GitHub Actions workflows.

• Compromised runners

  Understand the security risks associated with compromised GitHub Actions runners.

• Kubernetes admissions controller

  Understand how you can use an admissions controller to enforce artifact attestations in your Kubernetes cluster.