Skip to main content

About using actions in your enterprise

GitHub AE includes most GitHub-authored actions, and has options for enabling access to other actions from GitHub.com and GitHub Marketplace.

About actions on GitHub AE

GitHub Actions workflows can use actions, which are individual tasks that you can combine to create jobs and customize your workflow. You can create your own actions, or use and customize actions shared by the GitHub community.

GitHub AE 上的 GitHub Actions 设计为在无法完全访问互联网的环境中工作。 默认情况下,工作流不能使用直接来自 GitHub.com 和 GitHub Marketplace 的操作。 You can restrict your developers to using actions that are stored on your enterprise, which includes most official GitHub-authored actions, as well as any actions your developers create. Alternatively, to allow your developers to benefit from the full ecosystem of actions built by industry leaders and the open source community, you can configure access to other actions from GitHub.com.

We recommend allowing automatic access to all actions from GitHub.com. If you want to have greater control over which actions are used on your enterprise, you can manually sync specific actions from GitHub.com.

Official actions bundled with your enterprise instance

大多数 GitHub 编写的官方操作都会自动与 GitHub AE 捆绑,并且会在某个时间点从 GitHub Marketplace 捕获。

The bundled official actions include the following, among others.

  • actions/checkout
  • actions/upload-artifact
  • actions/download-artifact
  • actions/labeler
  • Various actions/setup- actions

To see all the official actions included on your enterprise instance, browse to the actions organization on your instance: https://HOSTNAME/actions.

There is no connection required between your enterprise and GitHub.com to use these actions.

Each action is a repository in the actions organization, and each action repository includes the necessary tags, branches, and commit SHAs that your workflows can use to reference the action. For information on how to update the bundled official actions, see "Using the latest version of the official bundled actions."

Notes:

  • When using setup actions (such as actions/setup-LANGUAGE) on GitHub AE with self-hosted runners, you might need to set up the tools cache on runners that do not have internet access. For more information, see "Setting up the tool cache on self-hosted runners without internet access."
  • When GitHub AE is updated, bundled actions are automatically replaced with default versions in the upgrade package.

Configuring access to actions on GitHub.com

如果企业中的用户需要访问来自 GitHub.com 或 GitHub Marketplace 的其他操作,有几个配置选项。

The recommended approach is to enable automatic access to all actions from GitHub.com. You can do this by using GitHub Connect to integrate GitHub AE with GitHub Enterprise Cloud. For more information, see "Enabling automatic access to GitHub.com actions using GitHub Connect".

To use actions from GitHub.com, your self-hosted runners must be able to make outbound connections to GitHub.com. No inbound connections from GitHub.com are required. For more information. For more information, see "About self-hosted runners."

在启用 GitHub Connect 后,您可以使用策略限制哪些公共操作可用于您企业的仓库中。 有关详细信息,请参阅“为企业强制实施 GitHub Actions 策略”。

Alternatively, if you want stricter control over which actions are allowed in your enterprise, or you do not want to allow outbound connections to GitHub.com, you can manually download and sync actions onto your enterprise instance using the actions-sync tool. For more information, see "Manually syncing actions from GitHub.com."