Action Runners#
Github Action Runners are where Action Workflows run. There are two broad categories of Action Runners: Github Hosted and Self-Hosted. Github's documentation on how to use a runner for a job can be found Here. It also contains the official list of runners.
Github Hosted Runners#
These are the recommended runners to use.
Default Runners#
- These runners do NOT have access to on-prem resources.
- How to use github hosted runners
runs-on: ubuntu-latestis standard default and will be the most commonly seen in documentation- Here is the official list of Hosted runners
U of MN VPN connected runners#
- If you need to access an on-prem resource you can use the provided "Github Hosted+VPN" runner that connects the runner to the campus network
- Use the following in your action file:
runs-on: umn-enterprise-vpn - Using this runner incurs an additional cost to the University. For reasonable usage, the cost is covered by OIT. Heavy usage may require setting up a cost center to be tied to an Azure Subscription for billing.
- Also, if your team is using Co-pilot the cost will be lumped in with the Organization billing.
Configure Organization to use Github Hosted+VPN runners#
Follow these steps to ensure an organization has access to the Github Hosted+VPN runners.
- Navigate to the Organization's Settings > Expand Actions (under Code, planning, and automation)
- General
- Policies: Allow enterprise, and select non-enterprise, actions and reusable workflows
- Runners >
All repositories| Artifact/Log Retention 90 days - This should already be set, so verify it is
- Runner Groups
- Under Shared by the Enterprise > Click on "hosted-vpn"
- Repository access > Choose
All repositoriesor select a subset of repositories
Self-hosted Runners#
GitHub does not recommend using public repositories with self-hosted runners. Forks of your public repository enable potentially dangerous code to be run on the self-hosted runners via pull request.
OIT does not recommend using self-hosted runners unless absolutely necessary to avoid security weaknesses
Build your own self-hosted runners#
Self hosted runners are installed on your own hosts and do not include any tools/apps/binaries. Each team would be required to manage the installation and updates on their own.