You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
You can reference actions stored in the same repository as your workflow file. This is useful for custom actions that are specific to your project. To reference such actions, use a relative path to the action's directory. For example:
181
186
```yml
@@ -184,6 +189,8 @@ When creating workflows in GitHub Actions, you can reference actions from variou
184
189
uses: ./path-to-action
185
190
```
186
191
192
+
For more details, see [security hardening guidance for GitHub Actions](https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#using-third-party-actions).
193
+
187
194
4. **An enterprise marketplace**
188
195
If your organization uses GitHub Enterprise, you can reference actions from your enterprise's private marketplace. These actions are curated and managed by your organization, ensuring compliance with internal standards. For example:
189
196
```yml
@@ -196,7 +203,8 @@ When creating workflows in GitHub Actions, you can reference actions from variou
196
203
- Actions in private repositories can also be referenced, but they require proper authentication and permissions.
197
204
- When referencing actions, always specify a version (Git ref, SHA, or tag) to ensure consistency and avoid unexpected changes.
198
205
199
-
For more information, see [Referencing actions in workflows](https://docs.github.com/actions/using-workflows/referencing-actions-in-workflows?azure-portal=true).
206
+
For more information, see [Referencing actions in workflows](https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions).
0 commit comments