注: GitHub ホステッド ランナーは、現在 GitHub Enterprise Server でサポートされていません。 GitHub public roadmap で、今後の計画的なサポートの詳細を確認できます。
A self-hosted runner is a system that you deploy and manage to execute jobs from GitHub Actions on your GitHub Enterprise Server instance. For more information about GitHub Actions, see "Understanding GitHub Actions" and "About GitHub Actions for enterprises."
セルフホステッド ランナーを使用すると、大規模なジョブを実行するための処理能力やメモリのニーズを満たすカスタム ハードウェア構成の作成、ローカル ネットワークで利用可能なソフトウェアのインストール、オペレーティング システムの選択が行えます。 セルフホステッド ランナーは、物理または仮想にでき、コンテナー内、オンプレミス、またはクラウドに配置できます。
You can add self-hosted runners at various levels in the management hierarchy:
- Repository-level runners are dedicated to a single repository.
- Organization-level runners can process jobs for multiple repositories in an organization.
- Enterprise-level runners can be assigned to multiple organizations in an enterprise account.
ランナーマシンは、GitHub Actionsのセルフホストランナーアプリケーションを使ってGitHub Enterprise Serverに接続します。 GitHub Actionsランナーアプリケーションはオープンソースです。 ランナー リポジトリでイシューを投稿およびファイルできます。 When a new version is released, the runner application automatically updates itself when a job is assigned to the runner, or within a week of release if the runner hasn't been assigned any jobs.
Note: If you use ephemeral runners and have disabled automatic updates, before you upgrade your GitHub Enterprise Server instance, you should first upgrade your self-hosted runners to the version of the runner application that your upgraded instance will run. Upgrading your GitHub Enterprise Server instance before you upgrade ephemeral runners may result in your runners going offline. For more information, see "Upgrading GitHub Enterprise Server."
A self-hosted runner is automatically removed from GitHub Enterprise Server if it has not connected to GitHub Actions for more than 30 days.
GitHub-hosted runners offer a quicker, simpler way to run your workflows, while self-hosted runners are a highly configurable way to run workflows in your own custom environment.
- Receive automatic updates for the operating system, preinstalled packages and tools, and the self-hosted runner application.
- Are managed and maintained by GitHub.
- Provide a clean instance for every job execution.
- Use free minutes on your GitHub plan, with per-minute rates applied after surpassing the free minutes.
- Receive automatic updates for the self-hosted runner application only. You are responsible for updating the operating system and all other software.
- Can use cloud services or local machines that you already pay for.
- Are customizable to your hardware, operating system, software, and security requirements.
- Don't need to have a clean instance for every job execution.
- Are free to use with GitHub Actions, but you are responsible for the cost of maintaining your runner machines.
- Can be organized into groups to restrict access to specific organizations and repositories. For more information, see "Managing access to self-hosted runners using groups."
You can use any machine as a self-hosted runner as long at it meets these requirements:
- You can install and run the self-hosted runner application on the machine. For more information, see "Supported architectures and operating systems for self-hosted runners."
- The machine can communicate with GitHub Actions. For more information, see "Communication between self-hosted runners and GitHub Enterprise Server."
- The machine has enough hardware resources for the type of workflows you plan to run. The self-hosted runner application itself only requires minimal resources.
- If you want to run workflows that use Docker container actions or service containers, you must use a Linux machine and Docker must be installed.
You can automatically increase or decrease the number of self-hosted runners in your environment in response to the webhook events you receive. For more information, see "Autoscaling with self-hosted runners."
There are some limits on GitHub Actions usage when using self-hosted runners. These limits are subject to change.
- ワークフローの実行時間 - 各ワークフローの実行は 35 日までに制限されます。 ワークフローの実行がこの制限に達すると、そのワークフローの実行はキャンセルされます。 この期間には、実行時間と、待機と承認に費やされた時間が含まれます。
- Job queue time - Each job for self-hosted runners can be queued for a maximum of 24 hours. If a self-hosted runner does not start executing the job within this limit, the job is terminated and fails to complete.
- API 要求 - 1 時間に実行できる GitHub API への要求は、1 つのリポジトリの全アクションで最大 1000 までです。 要求超過になると、それ以上の API 呼び出しは失敗し、それによってジョブが失敗する可能性があります。
- Job matrix - ジョブマトリックスは、ワークフローの実行ごとに最大で256のジョブを生成できます。 この制限は、GitHub Enterprise Server ホスト ランナーとセルフホステッド ランナーの両方に適用されます。
- ワークフロー実行キュー - リポジトリあたり 10 秒間隔で 500 を超えるワークフロー実行をキューに入れることはできません。 ワークフローの実行がこの制限に達すると、そのワークフローの実行は終了させられ、完了に失敗します。
GitHub Actionsサービスが一時的に利用できなくなっている場合、ワークフローの実行はトリガーされてから30分以内にキューイングされていなければ、破棄されます。 たとえば、ワークフローがトリガーされ、そしてGitHub Actionsサービスが31分以上利用できなければ、そのワークフローの実行は処理されません。
The following operating systems are supported for the self-hosted runner application.
- Red Hat Enterprise Linux 7 or later
- CentOS 7 or later
- Oracle Linux 7
- Fedora 29 or later
- Debian 9 or later
- Ubuntu 16.04 or later
- Linux Mint 18 or later
- openSUSE 15 or later
- SUSE Enterprise Linux (SLES) 12 SP2 or later
- Windows 7 64-bit
- Windows 8.1 64-bit
- Windows 10 64-bit
- Windows Server 2012 R2 64-bit
- Windows Server 2019 64-bit
- macOS 10.13 (High Sierra) or later
The following processor architectures are supported for the self-hosted runner application.
x64- Linux, macOS, Windows.
Some extra configuration might be required to use actions from GitHub.com with GitHub Enterprise Server, or to use the
actions/setup-LANGUAGE actions with self-hosted runners that do not have internet access. For more information, see "Managing access to actions from GitHub.com" and contact your GitHub Enterprise site administrator.
The self-hosted runner connects to GitHub Enterprise Server to receive job assignments and to download new versions of the runner application. The self-hosted runner uses an HTTP(S) long poll that opens a connection to GitHub Enterprise Server for 50 seconds, and if no response is received, it then times out and creates a new long poll. The application must be running on the machine to accept and run GitHub Actions jobs.
The connection between self-hosted runners and GitHub Enterprise Server is over HTTP (port 80) or HTTPS (port 443). To ensure connectivity over HTTPS, configure TLS for your GitHub Enterprise Server instance. For more information, see "Configuring TLS."
Only an outbound connection from the runner to your GitHub Enterprise Server instance is required. There is no need for an inbound connection from your GitHub Enterprise Server instance to the runner.
GitHub Enterprise Server must accept inbound connections from your runners over HTTP(S) at your GitHub Enterprise Server instance's hostname and API subdomain, and your runners must allow outbound connections over HTTP(S) to your GitHub Enterprise Server instance's hostname and API subdomain.
Self-hosted runners do not require any external internet access in order to function. As a result, you can use network routing to direct communication between the self-hosted runner and your GitHub Enterprise Server instance. For example, you can assign a private IP address to your self-hosted runner and configure routing to send traffic to your GitHub Enterprise Server instance, with no need for traffic to traverse a public network.
You can also use self-hosted runners with a proxy server. For more information, see "Using a proxy server with self-hosted runners."
For more information about troubleshooting common network connectivity issues, see "Monitoring and troubleshooting self-hosted runners."
Self-hosted runners do not need to connect to GitHub.com unless you have enabled automatic access to GitHub.com actions for your GitHub Enterprise Server instance. For more information, see "About using actions in your enterprise."
If you have enabled automatic access to GitHub.com actions, then the self-hosted runner will connect directly to GitHub.com to download actions. You must ensure that the machine has the appropriate network access to communicate with the GitHub URLs listed below.
github.com api.github.com codeload.github.com
Note: Some of the domains listed above are configured using
CNAME records. Some firewalls might require you to add rules recursively for all
CNAME records. Note that the
CNAME records might change in the future, and that only the domains listed above will remain constant.
Untrusted workflows running on your self-hosted runner pose significant security risks for your machine and network environment, especially if your machine persists its environment between jobs. Some of the risks include:
- Malicious programs running on the machine.
- Escaping the machine's runner sandbox.
- Exposing access to the machine's network environment.
- Persisting unwanted or dangerous data on the machine.
For more information about security hardening for self-hosted runners, see "Security hardening for GitHub Actions."