Security in GitHub Actions

Learn about security as a concept in GitHub Actions.

Secrets

Learn about secrets as they are used in GitHub Actions workflows.

Learn what GITHUB_TOKEN is, how it works, and why it matters for secure automation in GitHub Actions workflows.

OpenID Connect allows your workflows to exchange short-lived tokens directly from your cloud provider.

Understand the usage and security benefits of artifact attestations.

Understand the security risks associated with script injections and GitHub Actions workflows.

Understand the security risks associated with compromised GitHub Actions runners.

Understand how you can use an admissions controller to enforce artifact attestations in your Kubernetes cluster.