From a7a010c125fdfb65a6cf875005ab12208a74cb9c Mon Sep 17 00:00:00 2001 From: Luke Cheung Engle <99493186+luke-engle@users.noreply.github.com> Date: Tue, 20 Sep 2022 15:23:49 -0700 Subject: [PATCH] Update circle_ci/2-audit.md Co-authored-by: Ethan Dennis --- circle_ci/2-audit.md | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/circle_ci/2-audit.md b/circle_ci/2-audit.md index 367c84b..f19fa9f 100644 --- a/circle_ci/2-audit.md +++ b/circle_ci/2-audit.md @@ -217,16 +217,12 @@ Each pipeline will have a variety of files written that include: Pipeline,Runner,File path ``` +The contents of this file can be useful in answering questions similar to the following: -### Review workflow usage csv file - -#### Actions section - -The actions section contains a list of all actions that are used by each converted pipeline. This will enable you to perform strict security reviews to know exactly which repo will need access to a third-party action. - -#### Secrets and Runners sections - -The secrets and runners sections contain a list of all secrets and runners that are used by each converted pipeline. This will enable you to have a holistic view of what secrets and runners are used across all of your pipelines. +- What workflows will depend on which actions? +- What workflows use an action that must go through a security review? +- What workflows use specific secrets? +- What workflows use specific runners? ### Next lab