Security for GitHub Actions
Use security best practices with GitHub Actions, and use GitHub Actions to improve the security of your software supply chain.
Using artifact attestations
Use artifact attestations to establish build provenance for the software you produce and to verify the software you consume.
Security hardening your deployments
Use OpenID Connect within your workflows to authenticate with your cloud provider.