Skip to main content

This version of GitHub Enterprise Server was discontinued on 2024-09-25. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.

Enabling GitHub Actions with MinIO storage

You can enable GitHub Actions on GitHub Enterprise Server and use MinIO storage to store data generated by workflow runs.

Who can use this feature?

Site administrators can enable GitHub Actions and configure enterprise settings.

About external storage for GitHub Actions

GitHub Actions uses external blob storage to store data generated by workflow runs. Stored data includes workflow logs, caches, and user-uploaded build artifacts. For more information, see "Getting started with GitHub Actions for GitHub Enterprise Server."

Prerequisites

Before enabling GitHub Actions, make sure you have completed the following steps:

  • Create your MinIO bucket for storing data generated by workflow runs. For more information about installing and configuring MinIO, see "MinIO High Performance Object Storage" and "mc mb" in the MinIO documentation.

    To avoid resource contention on the appliance, we recommend that MinIO be hosted separately from your GitHub Enterprise Server instance.

    GitHub Actions requires the following permissions for the access key that will access the bucket:

    • s3:PutObject
    • s3:GetObject
    • s3:ListBucketMultipartUploads
    • s3:ListMultipartUploadParts
    • s3:AbortMultipartUpload
    • s3:DeleteObject
    • s3:ListBucket
    • kms:GenerateDataKey (if Key Management Service (KMS) encryption has been enabled)
  • Review the hardware requirements for GitHub Actions. For more information, see "Getting started with GitHub Actions for GitHub Enterprise Server."

  • TLS must be configured for GitHub Enterprise Server's domain. For more information, see "Configuring TLS."

    Note: We strongly recommend that you configure TLS on GitHub Enterprise Server with a certificate signed by a trusted authority. Although a self-signed certificate can work, extra configuration is required for your self-hosted runners, and it is not recommended for production environments.

  • If you have an HTTP Proxy Server configured on GitHub:

  • You must add .localhost, 127.0.0.1, and ::1 to the HTTP Proxy Exclusion list (in this order).

  • If your external storage location is not routable, then you must also add your external storage URL to the exclusion list.

For more information on changing your proxy settings, see "Configuring an outbound web proxy server."

Enabling GitHub Actions with MinIO storage

  1. From an administrative account on GitHub Enterprise Server, in the upper-right corner of any page, click .

  2. If you're not already on the "Site admin" page, in the upper-left corner, click Site admin.

  3. In the " Site admin" sidebar, click Management Console.

  4. In the "Settings"" sidebar, click Actions.

  5. Under "GitHub Actions", select Enable GitHub Actions.

  6. Under "Artifact & Log Storage", next to "Amazon S3", click Setup.

  7. Under "Authentication", select Credentials-based, and enter your storage bucket's details:

    Note

    For MinIO, you cannot use OpenID Connect (OIDC) authentication. You must use credentials-based authentication.

    • AWS Service URL: The URL to your MinIO service. For example, https://my-minio.example:9000.
    • AWS S3 Bucket: The name of your S3 bucket.
    • AWS S3 Access Key and AWS S3 Secret Key: The MINIO_ACCESS_KEY and MINIO_SECRET_KEY used for your MinIO instance.
  8. Under "Artifact & Log Storage", select Force path style.

  9. Click the Test storage settings button to validate your storage settings.

    If there are any errors validating the storage settings, check the settings with your storage provider and try again.

  10. Under the "Settings" sidebar, click Save settings.

    Note: Saving settings in the Management Console restarts system services, which could result in user-visible downtime.

  11. Wait for the configuration run to complete.

Next steps

After the configuration run has successfully completed, GitHub Actions will be enabled on GitHub. For your next steps, such as managing GitHub Actions access permissions and adding self-hosted runners, return to "Getting started with GitHub Actions for GitHub Enterprise Server."