Runners are the machines that execute jobs in a GitHub Actions workflow. For example, a runner can clone your repository locally, install testing software, and then run commands that evaluate your code.
GitHub provides runners that you can use to run your jobs, or you can host your own runners. Each GitHub-hosted runner is a new virtual machine (VM) hosted by GitHub with the runner application and other tools preinstalled, and is available with Ubuntu Linux, Windows, or macOS operating systems. When you use a GitHub-hosted runner, machine maintenance and upgrades are taken care of for you.
To use a GitHub-hosted runner, create a job and use
runs-on to specify the type of runner that will process the job, such as
macos-latest. For the full list of runner types, see "Using GitHub-hosted runners." If you have
repo: write access to a repository, you can view a list of the runners available to use in workflows in the repository. For more information, see "Viewing available runners for a repository."
When the job begins, GitHub automatically provisions a new VM for that job. All steps in the job execute on the VM, allowing the steps in that job to share information using the runner's filesystem. You can run workflows directly on the VM or in a Docker container. When the job has finished, the VM is automatically decommissioned.
The following diagram demonstrates how two jobs in a workflow are executed on two different GitHub-hosted runners.
The following example workflow has two jobs, named
Run-PSScriptAnalyzer-on-Windows. When this workflow is triggered, GitHub provisions a new virtual machine for each job.
- The job named
Run-npm-on-Ubuntuis executed on a Linux VM, because the job's
- The job named
Run-PSScriptAnalyzer-on-Windowsis executed on a Windows VM, because the job's
name: Run commands on different operating systems on: push: branches: [ main ] pull_request: branches: [ main ] jobs: Run-npm-on-Ubuntu: name: Run npm on Ubuntu runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v3 with: node-version: '14' - run: npm help Run-PSScriptAnalyzer-on-Windows: name: Run PSScriptAnalyzer on Windows runs-on: windows-latest steps: - uses: actions/checkout@v4 - name: Install PSScriptAnalyzer module shell: pwsh run: | Set-PSRepository PSGallery -InstallationPolicy Trusted Install-Module PSScriptAnalyzer -ErrorAction Stop - name: Get list of rules shell: pwsh run: | Get-ScriptAnalyzerRule
While the job runs, the logs and output can be viewed in the GitHub UI:
The GitHub Actions runner application is open source. You can contribute and file issues in the runner repository.
Note: This feature is currently in beta and subject to change.
If you have
repo: write access to a repository, you can view a list of the runners available to the repository.
On GitHub.com, navigate to the main page of the repository.
Under your repository name, click Actions.
In the left sidebar, under the "Management" section, click Runners.
Review the list of available GitHub-hosted runners for the repository.
Optionally, to copy a runner's label to use it in a workflow, click to the right of the runner, then click Copy label.
Note: Enterprise and organization owners with privileges to create runners have the option to create new runners from this page. If you are an enterprise or organization owner, click New runner at the top right of the list of runners to add runners to the repository. For more information, see "Managing larger runners" and "Adding self-hosted runners."
Note: GitHub also offers larger runners, which are available in larger configurations for Linux, Windows, and macOS virtual machines. Autoscaling is enabled by default and optional dedicated IP addresses are available for Linux and Windows. For more information, see "About larger runners."
|Virtual Machine||Processor (CPU)||Memory (RAM)||Storage (SSD)||OS (YAML workflow label)||Notes|
|Linux||2||7 GB||14 GB||
|Windows||2||7 GB||14 GB||
|macOS||3||14 GB||14 GB||
|macOS||4||14 GB||14 GB||
-latest runner images are the latest stable images that GitHub provides, and might not be the most recent version of the operating system available from the operating system vendor.
Warning: Beta and Deprecated Images are provided "as-is", "with all faults" and "as available" and are excluded from the service level agreement and warranty. Beta Images may not be covered by customer support.
Workflow logs list the runner used to run a job. For more information, see "Viewing workflow run history."
In addition to the standard GitHub-hosted runners, GitHub offers customers on GitHub Team and GitHub Enterprise Cloud plans a range of managed virtual machines with more RAM, CPU, and disk space. These runners are hosted by GitHub and have the runner application and other tools preinstalled.
For more information, see "About larger runners."
The software tools included in GitHub-hosted runners are updated weekly. The update process takes several days, and the list of preinstalled software on the
main branch is updated after the whole deployment ends.
Workflow logs include a link to the preinstalled tools on the exact runner. To find this information in the workflow log, expand the
Set up job section. Under that section, expand the
Runner Image section. The link following
Included Software will describe the preinstalled tools on the runner that ran the workflow.
GitHub-hosted runners include the operating system's default built-in tools, in addition to the packages listed in the above references. For example, Ubuntu and macOS runners include
which, among other default tools.
You can also view a software bill of materials (SBOM) for each build of the Windows and Ubuntu runner images. For more information, see "Security hardening for GitHub Actions."
We recommend using actions to interact with the software installed on runners. This approach has several benefits:
- Usually, actions provide more flexible functionality like versions selection, ability to pass arguments, and parameters
- It ensures the tool versions used in your workflow will remain the same regardless of software updates
If there is a tool that you'd like to request, please open an issue at actions/runner-images. This repository also contains announcements about all major software updates on runners.
You can install additional software on GitHub-hosted runners. For more information, see "Customizing GitHub-hosted runners".
GitHub hosts Linux and Windows runners on
Standard_DS2_v2 virtual machines in Microsoft Azure with the GitHub Actions runner application installed. The GitHub-hosted runner application is a fork of the Azure Pipelines Agent. Inbound ICMP packets are blocked for all Azure virtual machines, so ping or traceroute commands might not work. For more information about the
Standard_DS2_v2 resources, see "Dv2 and DSv2-series" in the Microsoft Azure documentation. GitHub hosts macOS runners in Azure data centers.
If GitHub Actions services are temporarily unavailable, then a workflow run is discarded if it has not been queued within 30 minutes of being triggered. For example, if a workflow is triggered and the GitHub Actions services are unavailable for 31 minutes or longer, then the workflow run will not be processed.
In addition, if the workflow run has been successfully queued, but has not been processed by a GitHub-hosted runner within 45 minutes, then the queued workflow run is discarded.
The Linux and macOS virtual machines both run using passwordless
sudo. When you need to execute commands or install tools that require more privileges than the current user, you can use
sudo without needing to provide a password. For more information, see the "Sudo Manual."
Windows virtual machines are configured to run as administrators with User Account Control (UAC) disabled. For more information, see "How User Account Control works" in the Windows documentation.
To get a list of IP address ranges that GitHub Actions uses for GitHub-hosted runners, you can use the GitHub REST API. For more information, see the
actions key in the response of the "Meta" endpoint.
Windows and Ubuntu runners are hosted in Azure and subsequently have the same IP address ranges as the Azure datacenters. macOS runners are hosted in GitHub's own macOS cloud.
Since there are so many IP address ranges for GitHub-hosted runners, we do not recommend that you use these as allowlists for your internal resources. Instead, we recommend you use larger runners with a static IP address range, or self-hosted runners. For more information, see "About larger runners" or "About self-hosted runners."
The list of GitHub Actions IP addresses returned by the API is updated once a week.
GitHub-hosted runners are provisioned with an
etc/hosts file that blocks network access to various cryptocurrency mining pools and malicious sites. Hosts such as MiningMadness.com and cpu-pool.com are rerouted to localhost so that they do not present a significant security risk.
GitHub executes actions and shell commands in specific directories on the virtual machine. The file paths on virtual machines are not static. Use the environment variables GitHub provides to construct file paths for the
|Contains user-related data. For example, this directory could contain credentials from a login attempt.|
|Actions and shell commands execute in this directory. An action can modify the contents of this directory, which subsequent actions can access.|
For a list of the environment variables GitHub creates for each workflow, see "Variables."
Actions that run in Docker containers have static directories under the
/github path. However, we strongly recommend using the default environment variables to construct file paths in Docker containers.
GitHub reserves the
/github path prefix and creates three directories for actions.
/github/workspace- Note: GitHub Actions must be run by the default Docker user (root). Ensure your Dockerfile does not set the
USERinstruction, otherwise you will not be able to access