Skip to main content

此版本的 GitHub Enterprise 已停止服务 2022-10-12. 即使针对重大安全问题,也不会发布补丁。 为了获得更好的性能、更高的安全性和新功能,请升级到最新版本的 GitHub Enterprise。 如需升级帮助,请联系 GitHub Enterprise 支持

Enabling automatic access to GitHub.com actions using GitHub Connect

To allow GitHub Actions in your enterprise to use actions from GitHub.com, you can connect your enterprise instance to GitHub Enterprise Cloud.

Who can use this feature

Enterprise owners can enable access to all GitHub.com actions.

注意:GitHub Enterprise Server 目前不支持 GitHub 托管的运行器。 可以在 GitHub public roadmap 上查看有关未来支持计划的更多信息。

About automatic access to GitHub.com actions

By default, GitHub Actions workflows on GitHub Enterprise Server cannot use actions directly from GitHub.com or GitHub Marketplace. To make all actions from GitHub.com available on your enterprise instance, you can use GitHub Connect to integrate GitHub Enterprise Server with GitHub Enterprise Cloud.

To use actions from GitHub.com, both your GitHub Enterprise Server instance and your self-hosted runners must be able to make outbound connections to GitHub.com. No inbound connections from GitHub.com are required. For more information. For more information, see "About self-hosted runners."

Alternatively, if you want stricter control over which actions are allowed in your enterprise, you can manually download and sync actions onto your enterprise instance using the actions-sync tool. For more information, see "Manually syncing actions from GitHub.com."

About resolution for actions using GitHub Connect

When a workflow uses an action by referencing the repository where the action is stored, GitHub Actions will first try to find the repository on your GitHub Enterprise Server instance. If the repository does not exist on your GitHub Enterprise Server instance, and if you have automatic access to GitHub.com enabled, GitHub Actions will try to find the repository on GitHub.com.

If a user has already created an organization and repository in your enterprise that matches an organization and repository name on GitHub.com, the repository on your enterprise will be used instead of the GitHub.com repository. A malicious user could take advantage of this behavior to run code as part of a workflow

Enabling automatic access to all GitHub.com actions

Before enabling access to all actions from GitHub.com for your enterprise, you must:

  1. 在 GitHub Enterprise Server 的右上角,单击� 的个人资料照片,然后单击“企业设置”。 GitHub Enterprise Server 上个人资料照片下拉菜单中的“企业设置”
  2. 在企业帐户边� �中,单击 “GitHub Connect”。 企业帐户边� �中的 GitHub Connect 选项卡
  3. Under "Users can utilize actions from GitHub.com in workflow runs", use the drop-down menu and select Enabled. Drop-down menu to actions from GitHub.com in workflows runs
  4. 在启用 GitHub Connect 后,您可以使用策略限制哪些公共操作可用于您企业的仓库中。 有关详细信息,请参阅“为企业强制实施 GitHub Actions 策略”。