GitHub Actions 的安全性
将安全最佳做法与 GitHub Actions 联合使用,并使用 GitHub Actions 来提高软件供应链的安全性。
安全指南
GitHub Actions 的安全强化和良好实践。
Using artifact attestations
Use artifact attestations to establish build provenance for the software you produce and to verify the software you consume.
Security hardening your deployments
Use OpenID Connect within your workflows to authenticate with your cloud provider.