Add recommendations for runner groups and labels#91
Open
konstruktoid wants to merge 16 commits into
Open
Conversation
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Updates the “Securing GitHub Actions Workflows” guidance by adding runner-segregation recommendations and expanding ruleset guidance, while marking the page as draft.
Changes:
- Set the page to
draft: trueand added an additional author. - Added “Segregate runners” as a top-level recommendation and a dedicated section with implementation details.
- Added a repository ruleset recommendation to require workflows to pass before merging.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
konstruktoid
had a problem deploying
to
development
May 27, 2026 07:23 — with
GitHub Actions
Failure
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
tspascoal
reviewed
May 27, 2026
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
kenmuse
reviewed
May 27, 2026
…ecurity/index.md Co-authored-by: Ken Muse <kenmuse@users.noreply.github.com>
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
* Sync from github/github-well-architected-internal (main) Source Repository: github/github-well-architected-internal Source Branch: main Source SHA: 19df7eb80cb63be9f9f42048ccf315e876108117 * Fix PR HTML proofer by preprocessing content --------- Co-authored-by: well-architected-sync-bot[bot] <235114805+well-architected-sync-bot[bot]@users.noreply.github.com> Co-authored-by: David Kalmin <dkalmin@github.com>
Sync from github/github-well-architected-internal (main) Source Repository: github/github-well-architected-internal Source Branch: main Source SHA: ff52156188feebe7b601a566b5112519172b4714 Co-authored-by: well-architected-sync-bot[bot] <235114805+well-architected-sync-bot[bot]@users.noreply.github.com>
konstruktoid
requested review from
a team and
bot-digital-customer-success
as code owners
June 18, 2026 07:21
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
|
Thanks for raising this PR! To keep the project healthy, we close inactive PRs after some time. There has not been any activity in the last 28 days - if you are still working on this or feel it should remain open, just leave a quick comment in the next 7 days to let us know where things are at. We really appreciate your input! |
Author
|
any descision regarding this? |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request makes several improvements to the documentation on securing GitHub Actions workflows. The most significant updates include adding new recommendations for segregating runners, enhancing repository ruleset guidance, and updating author attribution.
Enhancements to security recommendations:
Documentation and metadata updates:
authorslist in the document metadata to include Thomas Sjögren (konstruktoid).