-
Notifications
You must be signed in to change notification settings - Fork 571
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security Model? #25
Comments
By the way @npalm love the work you do and I am using your GitLab module. The question is around helping me decide if using Actions would suit our security needs and if you guys have figured out a good solution. |
@DavidGamba thanks for creating an issue, I will have a look in the next days. |
@DavidGamba Thanks for the detailed issue. The github action runners are still in active development as it seems. Given that I really like the event based approach, you can hook a workflow to any given event in the GitHub eco system. But comparing to other system you could colude still some nice features are missing. I see no option at the moment limit access to certain branches and protected secrets. I would suggest you create an issue on the action runner repo https://github.com/actions/runner |
Will close the issue, thanks for raising the question. But the questions are in my point of view more question to GitHub. |
Problem to solve
As a project owner I want to limit production runner access to protected branches
Intended users
Repo owners setting up deployment rules
Further details
In GitLab you can tie certain runners to protected branches. This enables us to use runners with production credentials and access levels, separate from the pool of runners available for every other branch.
It provides a security model in which accidental or intentional changes to production are limited to merged code.
Proposal
No proposal, this is a question.
Documentation
Availability & Testing
What does success look like, and how can we measure that?
Other links/references
I asked a similar question in the GitHub Actions community forum:
https://github.community/t5/GitHub-Actions/Limit-self-managed-runners-to-protected-branches/m-p/55943#M9692
The text was updated successfully, but these errors were encountered: