Note: GitHub Actions was available for GitHub Enterprise Server 2.22 as a limited beta. The beta has ended. GitHub Actions is now generally available in GitHub Enterprise Server 3.0 or later. For more information, see the GitHub Enterprise Server 3.0 release notes.
- For more information about upgrading to GitHub Enterprise Server 3.0 or later, see "Upgrading GitHub Enterprise Server."
- For more information about configuring GitHub Actions after you upgrade, see the documentation for GitHub Enterprise Server 3.0.
Note: GitHub-hosted runners are not currently supported on GitHub Enterprise Server. You can see more information about planned future support on the GitHub public roadmap.
About self-hosted runner groups
Self-hosted runner groups are used to control access to self-hosted runners at the organization and enterprise level. Enterprise admins can configure access policies that control which organizations in an enterprise have access to the runner group. Organization admins can configure access policies that control which repositories in an organization have access to the runner group.
When an enterprise admin grants an organization access to a runner group, organization admins can see the runner group listed in the organization's self-hosted runner settings. The organizations admins can then assign additional granular repository access policies to the enterprise runner group.
When new runners are created, they are automatically assigned to the default group. Runners can only be in one group at a time. You can move runners from the default group to another group. For more information, see "Moving a self-hosted runner to a group."
Creating a self-hosted runner group for an organization
All organizations have a single default self-hosted runner group. Organizations within an enterprise account can create additional self-hosted groups. Organization admins can allow individual repositories access to a runner group.
Self-hosted runners are automatically assigned to the default group when created, and can only be members of one group at a time. You can move a runner from the default group to any group you create.
When creating a group, you must choose a policy that defines which repositories have access to the runner group.
-
Navigiere auf GitHub Enterprise Server zur Hauptseite der Organisation.
-
Klicken Sie unter dem Namen Ihrer Organisation auf Settings.
-
In the left sidebar, click Actions.
-
In the "Self-hosted runners" section, click Add new, and then New group.
-
Enter a name for your runner group, and assign a policy for repository access.
You can configure a runner group to be accessible to a specific list of repositories, all private repositories, or all repositories in the organization.
Warnung
We recommend that you only use self-hosted runners with private repositories. This is because forks of your repository can potentially run dangerous code on your self-hosted runner machine by creating a pull request that executes the code in a workflow.
Weitere Informationen findest Du unter „Informationen zu selbst-gehosteten Runnern“.
-
Click Save group to create the group and apply the policy.
Creating a self-hosted runner group for an enterprise
Enterprises can add their self-hosted runners to groups for access management. Enterprises can create groups of self-hosted runners that are accessible to specific organizations in the enterprise account. Organization admins can then assign additional granular repository access policies to the enterprise runner groups.
Self-hosted runners are automatically assigned to the default group when created, and can only be members of one group at a time. You can assign the runner to a specific group during the registration process, or you can later move the runner from the default group to a custom group.
When creating a group, you must choose a policy that defines which organizations have access to the runner group.
-
In the top-right corner of GitHub Enterprise Server, click your profile photo, then click Enterprise settings.
-
Klicke auf der Seitenleiste des Enterprise-Kontos auf Policies (Richtlinien).
-
Under " Policies", click Actions.
-
Click the Self-hosted runners tab.
-
Click Add new, and then New group.
-
Enter a name for your runner group, and assign a policy for organization access.
You can configure a runner group to be accessible to all organizations in the enterprise or choose specific organizations.
Warnung
We recommend that you only use self-hosted runners with private repositories. This is because forks of your repository can potentially run dangerous code on your self-hosted runner machine by creating a pull request that executes the code in a workflow.
Weitere Informationen findest Du unter „Informationen zu selbst-gehosteten Runnern“.
-
Click Save group to create the group and apply the policy.
Changing the access policy of a self-hosted runner group
You can update the access policy of a runner group, or rename a runner group.
-
In the "Self-hosted runners" section of the settings page, click next to the runner group you'd like to configure, then click Edit name and [organization|repository] access.
-
Modify your policy options, or change the runner group name.
Warnung
We recommend that you only use self-hosted runners with private repositories. This is because forks of your repository can potentially run dangerous code on your self-hosted runner machine by creating a pull request that executes the code in a workflow.
Weitere Informationen findest Du unter „Informationen zu selbst-gehosteten Runnern“.
Automatically adding a self-hosted runner to a group
You can use the configuration script to automatically add a new self-hosted runner to a group. For example, this command registers a new self-hosted runner and uses the --runnergroup parameter to add it to a group named rg-runnergroup.
./config.sh --url $org_or_enterprise_url --token $token --runnergroup rg-runnergroup
The command will fail if the runner group doesn't exist:
Could not find any self-hosted runner group named "rg-runnergroup".
Moving a self-hosted runner to a group
If you don't specify a runner group during the registration process, your new self-hosted runners are automatically assigned to the default group, and can then be moved to another group.
- In the "Self-hosted runners" section of the settings page, locate the current group of the runner you want to move and expand the list of group members.
- Select the checkbox next to the self-hosted runner, and then click Move to group to see the available destinations.
- To move the runner, click on the destination group.
Removing a self-hosted runner group
Self-hosted runners are automatically returned to the default group when their group is removed.
-
In the "Self-hosted runners" section of the settings page, locate the group you want to delete, and click the button.
-
To remove the group, click Remove group.
-
Review the confirmation prompts, and click Remove this runner group.