Repository to test github actions.
-
Add self-hosted runner to an organization
- profile icon > your organizations > settings > actions > runners >
new runner select OS and architecture (Linux, x64) follow instructions and commands in self-hosted machine
- profile icon > your organizations > settings > actions > runners >
-
Configure the self-hosted runner application as a service:
- source
- Automatically starts the runner application when the machine starts
- Steps:
- Stop the runner applications if it is running
- Install service:
sudo ./svc.sh install
- Start the service:
sudo ./svc.sh start
- Check the service:
sudo ./svc.sh status
- Stop the service:
sudo ./svc.sh stop
- Uninstall the service:
sudo ./svc.sh uninstall
-
Require approval to run workflows from other repositories: source
- profile icon > your organizations > settings > actions > general >
Fork pull requests workflows from outside collaborators > Require approval for all outside collaborators
- profile icon > your organizations > settings > actions > general >
- Instructions
sources
- go to organization page > settings > actions > runners >
choose runner that you want to remove Remove Follow recommended instructions to remove self-hosted runner
- go to organization page > settings > actions > runners >
- Extra installation (but simple)
- Better integration with github tools
- Simpler workflows (don't need to manage secrets and ssh connections from github's runners, etc
From Github actions documentation: Warning: We recommend that you only use self-hosted runners with private repositories. This is because forks of your repository can potentially run dangerous code on your self-hosted runner machine by creating a pull request that executes the code in a workflow.
This is potentially problematic if we allow pull requests to run, since anyone can create a PR, anyone can trigger an arbitrary workflow in our systems.
- Standard option is to require approval to run workflows from other repositories check this page for more information.
- Option 2: Don't trigger workflows in pull requests automatically.
- Option 3: Allow organization members to trigger workflows.
- This way, the organization members can trigger workflows for their PR's, while other people's PR's need manual review before triggering workflows.
- Other Problem: manual triggered workflows do not update commit status
- Option 4: Check for changes in
.github/workflows
- this is not as robust, since they can change any other script already run
by the current workflow. For example changing what
make test
does
- this is not as robust, since they can change any other script already run
by the current workflow. For example changing what