About self-hosted runners

About self-hosted runners

A self-hosted runner is a system that you deploy and manage to execute jobs from GitHub Actions on tu instancia de GitHub Enterprise Server. For more information about GitHub Actions, see "Understanding GitHub Actions" and "About GitHub Actions for enterprises."

Con los ejecutores auto-hospedados, puedes crear configuraciones de hardware personalizado que cumplan con tus necesidades con el procesamiento de poder o memoria para ejecutar jobs más grandes, instalar el software disponible en tu red local y elegir un sistema operativo. Los ejecutores auto-hospedados pueden ser físicos, virtuales, estar en un contenedor, en las instalaciones o en la nube.

You can add self-hosted runners at various levels in the management hierarchy:

• Repository-level runners are dedicated to a single repository.
• Organization-level runners can process jobs for multiple repositories in an organization.
• Enterprise-level runners can be assigned to multiple organizations in an enterprise account.

La máquina de tu ejecutor se conecta aGitHub Enterprise Server utilizando la aplicación para ejecutores auto-hospedados de GitHub Actions. La aplicación ejecutora de GitHub Actions es de código abierto. Puedes contribuir y emitir informes de problemas en el repositorio runner. When a new version is released, the runner application automatically updates itself when a job is assigned to the runner, or within a week of release if the runner hasn't been assigned any jobs.

Un ejecutor auto-hospedado se eliminará automáticamente de GitHub Enterprise Server si no se ha conectado a GitHub Actions por más de 30 días.

For more information about installing and using self-hosted runners, see "Adding self-hosted runners" and "Using self-hosted runners in a workflow."

Differences between GitHub-hosted and self-hosted runners

GitHub-hosted runners offer a quicker, simpler way to run your workflows, while self-hosted runners are a highly configurable way to run workflows in your own custom environment.

GitHub-hosted runners:

• Receive automatic updates for the operating system, preinstalled packages and tools, and the self-hosted runner application.
• Are managed and maintained by GitHub.
• Provide a clean instance for every job execution.
• Use free minutes on your GitHub plan, with per-minute rates applied after surpassing the free minutes.

Self-hosted runners:

• Receive automatic updates for the self-hosted runner application only. You are responsible for updating the operating system and all other software.
• Can use cloud services or local machines that you already pay for.
• Are customizable to your hardware, operating system, software, and security requirements.
• Don't need to have a clean instance for every job execution.
• Are free to use with GitHub Actions, but you are responsible for the cost of maintaining your runner machines.
• Can be organized into groups to restrict access to specific organizations and repositories. For more information, see "Managing access to self-hosted runners using groups."

Requirements for self-hosted runner machines

You can use any machine as a self-hosted runner as long at it meets these requirements:

• You can install and run the self-hosted runner application on the machine. For more information, see "Supported architectures and operating systems for self-hosted runners."
• The machine can communicate with GitHub Actions. For more information, see "Communication between self-hosted runners and GitHub Enterprise Server."
• The machine has enough hardware resources for the type of workflows you plan to run. The self-hosted runner application itself only requires minimal resources.
• If you want to run workflows that use Docker container actions or service containers, you must use a Linux machine and Docker must be installed.

Usage limits

There are some limits on GitHub Actions usage when using self-hosted runners. These limits are subject to change.

• Tiempo de ejecución del flujo de trabajo - Cada flujo de trabajo se limita a 72 horas. Si una ejecución de flujo de trabajo llega a este límite, esta se cancelará.
• Job queue time - Each job for self-hosted runners can be queued for a maximum of 24 hours. If a self-hosted runner does not start executing the job within this limit, the job is terminated and fails to complete.
• Solicitudes de la API - Puedes ejecutar hasta 1000 solicitudes de API en una hora en todas las acciones dentro de un repositorio. Si esto se excede, los llamados adicionales a la API fallarán, lo cual puede ocasionar que los jobs fallen también.
• Job matrix - Una matriz de jobs puede generar un máximo de 256 jobs por ejecución de flujo de trabajo. Este límite aplica tanto a los ejecutores hospedados en GitHub Enterprise Server como a los auto-hospedados.
• Lista de ejecución de flujos de trabajo - No se pueden poner en cola más de 500 ejecuciones de flujo de trabajo por intervalo de 10 segundos por repositorio. Si una ejecución de flujo de trabajo lelga a su límite, la ejecución de flujo de trabajo se termina y falla en completarse.

Workflow continuity for self-hosted runners

Si los servicios de las GitHub Actions se encuentran temporalmente no disponibles, entonces se descartará una ejecución de flujo de trabajo si no se puso en cola en los primeros 30 minutos después de activarse. Por ejemplo, si un flujo de trabajo se activa y los servicios de las GitHub Actions no están disponibles por 31 minutos o más, entonces la ejecución de flujo de trabajo no se procesará.

Supported architectures and operating systems for self-hosted runners

The following operating systems are supported for the self-hosted runner application.

Linux

• Red Hat Enterprise Linux 7 or later
• CentOS 7 or later
• Oracle Linux 7
• Fedora 29 or later
• Debian 9 or later
• Ubuntu 16.04 or later
• Linux Mint 18 or later
• openSUSE 15 or later
• SUSE Enterprise Linux (SLES) 12 SP2 or later

Windows

• Windows 7 64-bit
• Windows 8.1 64-bit
• Windows 10 64-bit
• Windows Server 2012 R2 64-bit
• Windows Server 2019 64-bit

macOS

• macOS 10.13 (High Sierra) or later

Architectures

The following processor architectures are supported for the self-hosted runner application.

• x64 - Linux, macOS, Windows.
• ARM64 - Linux only.
• ARM32 - Linux only.

Supported actions on self-hosted runners

Some extra configuration might be required to use actions from GitHub.com with GitHub Enterprise Server, or to use the actions/setup-LANGUAGE actions with self-hosted runners that do not have internet access. For more information, see "Managing access to actions from GitHub.com" and contact your GitHub Enterprise site administrator.

Communication between self-hosted runners and GitHub Enterprise Server

The self-hosted runner connects to GitHub Enterprise Server to receive job assignments and to download new versions of the runner application. The self-hosted runner uses an HTTP(S) long poll that opens a connection to GitHub Enterprise Server for 50 seconds, and if no response is received, it then times out and creates a new long poll. The application must be running on the machine to accept and run GitHub Actions jobs.

La conexión entre los ejecutores auto-hospedados y GitHub Enterprise Server es a través de HTTP (puerto 80) o HTTPS (puerto 443). Para garantizar la conectividad por HTTPS, configura el TLS para tu instancia de GitHub Enterprise Server. Para obtener más información, consulta la sección "Configurar el TLS".

Only an outbound connection from the runner to tu instancia de GitHub Enterprise Server is required. There is no need for an inbound connection from tu instancia de GitHub Enterprise Server to the runner.

GitHub Enterprise Server must accept inbound connections from your runners over HTTP(S) at tu instancia de GitHub Enterprise Server's hostname and API subdomain, and your runners must allow outbound connections over HTTP(S) to tu instancia de GitHub Enterprise Server's hostname and API subdomain.

Self-hosted runners do not require any external internet access in order to function. As a result, you can use network routing to direct communication between the self-hosted runner and tu instancia de GitHub Enterprise Server. For example, you can assign a private IP address to your self-hosted runner and configure routing to send traffic to tu instancia de GitHub Enterprise Server, with no need for traffic to traverse a public network.

You can also use self-hosted runners with a proxy server. For more information, see "Using a proxy server with self-hosted runners."

For more information about troubleshooting common network connectivity issues, see "Monitoring and troubleshooting self-hosted runners."

Communication between self-hosted runners and GitHub.com

Self-hosted runners do not need to connect to GitHub.com unless you have enabled automatic access to GitHub.com actions for tu instancia de GitHub Enterprise Server. For more information, see "About using actions in your enterprise."

If you have enabled automatic access to GitHub.com actions, then the self-hosted runner will connect directly to GitHub.com to download actions. You must ensure that the machine has the appropriate network access to communicate with the GitHub URLs listed below.

github.com
api.github.com
codeload.github.com

Self-hosted runner security

Untrusted workflows running on your self-hosted runner pose significant security risks for your machine and network environment, especially if your machine persists its environment between jobs. Some of the risks include:

• Malicious programs running on the machine.
• Escaping the machine's runner sandbox.
• Exposing access to the machine's network environment.
• Persisting unwanted or dangerous data on the machine.

For more information about security hardening for self-hosted runners, see "Security hardening for GitHub Actions."

Further reading

• "Getting started with self-hosted runners for your enterprise"