About GitHub-hosted runners

Overview of GitHub-hosted runners

Runners are the machines that execute jobs in a GitHub Actions workflow. For example, a runner can clone your repository locally, install testing software, and then run commands that evaluate your code.

GitHub provides runners that you can use to run your jobs, or you can host your own runners. Each GitHub-hosted runner is a new virtual machine (VM) hosted by GitHub with the runner application and other tools preinstalled, and is available with Ubuntu Linux, Windows, or macOS operating systems. When you use a GitHub-hosted runner, machine maintenance and upgrades are taken care of for you.

Using a GitHub-hosted runner

To use a GitHub-hosted runner, create a job and use runs-on to specify the type of runner that will process the job, such as ubuntu-latest, windows-latest, or macos-latest. For the full list of runner types, see "Using GitHub-hosted runners." If you have repo: write access to a repository, you can view a list of the runners available to use in workflows in the repository. For more information, see "Viewing available runners for a repository."

When the job begins, GitHub automatically provisions a new VM for that job. All steps in the job execute on the VM, allowing the steps in that job to share information using the runner's filesystem. You can run workflows directly on the VM or in a Docker container. When the job has finished, the VM is automatically decommissioned.

The following diagram demonstrates how two jobs in a workflow are executed on two different GitHub-hosted runners.

Diagram of a workflow that consists of two jobs. One job runs on Ubuntu and the other runs on Windows.

The following example workflow has two jobs, named Run-npm-on-Ubuntu and Run-PSScriptAnalyzer-on-Windows. When this workflow is triggered, GitHub provisions a new virtual machine for each job.

The job named Run-npm-on-Ubuntu is executed on a Linux VM, because the job's runs-on: specifies ubuntu-latest.
The job named Run-PSScriptAnalyzer-on-Windows is executed on a Windows VM, because the job's runs-on: specifies windows-latest.

YAML

name: Run commands on different operating systems
on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]

jobs:
  Run-npm-on-Ubuntu:
    name: Run npm on Ubuntu
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: '14'
      - run: npm help

  Run-PSScriptAnalyzer-on-Windows:
    name: Run PSScriptAnalyzer on Windows
    runs-on: windows-latest
    steps:
      - uses: actions/checkout@v4
      - name: Install PSScriptAnalyzer module
        shell: pwsh
        run: |
          Set-PSRepository PSGallery -InstallationPolicy Trusted
          Install-Module PSScriptAnalyzer -ErrorAction Stop
      - name: Get list of rules
        shell: pwsh
        run: |
          Get-ScriptAnalyzerRule

name: Run commands on different operating systems
on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]

jobs:
  Run-npm-on-Ubuntu:
    name: Run npm on Ubuntu
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: '14'
      - run: npm help

  Run-PSScriptAnalyzer-on-Windows:
    name: Run PSScriptAnalyzer on Windows
    runs-on: windows-latest
    steps:
      - uses: actions/checkout@v4
      - name: Install PSScriptAnalyzer module
        shell: pwsh
        run: |
          Set-PSRepository PSGallery -InstallationPolicy Trusted
          Install-Module PSScriptAnalyzer -ErrorAction Stop
      - name: Get list of rules
        shell: pwsh
        run: |
          Get-ScriptAnalyzerRule

While the job runs, the logs and output can be viewed in the GitHub UI:

Screenshot of a workflow run. The steps for the "Run PSScriptAnalyzer on Windows" job are displayed.

O aplicativo de executor do GitHub Actions tem código aberto. Você pode contribuir e apresentar problemas no repositório do executor.

Viewing available runners for a repository

Note: This feature is currently in beta and subject to change.

Se você tiver repo: write acesso a um repositório, poderá exibir uma lista dos executores disponíveis para o repositório.

No GitHub.com, navegue até a página principal do repositório.
No nome do repositório, clique em Ações.
Na barra lateral esquerda, na seção "Gerenciamento", clique em Executores.
Review the list of available GitHub-hosted runners for the repository.
Opcionalmente, para copiar o rótulo de um corredor para usá-lo em um fluxo de trabalho, clique em à direita do corredor e clique em Copiar rótulo.

Observaçãi: Os proprietários de empresas e organizações com privilégios para criar executores têm a opção de criar novos executores a partir desta página. Se você for proprietário de uma empresa ou organização, clique em Novo executor no canto superior direito da lista de executores para adicioná-los ao repositório. Para obter mais informações, confira "Managing larger runners" e "Adicionar executores auto-hospedados".

Supported runners and hardware resources

Note: GitHub also offers executor maiors, which are available in larger configurations for Linux, Windows, and macOS virtual machines. Autoscaling is enabled by default and optional dedicated IP addresses are available for Linux and Windows. For more information, see "About larger runners."

Imagem do executor	Rótulo de fluxo de trabalho YAML	Observações
Windows Server 2022	`windows-latest` ou `windows-2022`	Atualmente, o rótulo `windows-latest` usa a imagem do executor do Windows Server 2022.
Windows Server 2019	`windows-2019`	Nenhum
Ubuntu 22.04	`ubuntu-latest` ou `ubuntu-22.04`	Atualmente, o rótulo `ubuntu-latest` usa a imagem do executor do Ubuntu 22.04.
Ubuntu 20.04	`ubuntu-20.04`	Nenhuma
macOS 13 Ventura [Beta]	`macos-13` ou `macos-13-xl`	Nenhum
macOS 12 Monterey	`macos-latest`, `macos-12`, `macos-latest-xl` ou `macos-12-xl`	Atualmente, os rótulos dos fluxos de trabalho `macos-latest` e `macos-latest-xl` usam a imagem do executor do macOS 12.
macOS 11 Big Sur	`macos-11`	Nenhum

Observação: as imagens do executor -latest são as imagens estáveis mais recentes fornecidas pelo GitHub e talvez não seja a versão mais recente do sistema operacional disponível do fornecedor do sistema operacional.

Aviso: as imagens beta e preteridas são fornecidas "no estado em que se encontram", "com todas as falhas" e "conforme disponível" e são excluídas do contrato de nível de serviço e da garantia. As imagens beta podem não ser cobertas pelo atendimento ao cliente.

Workflow logs list the runner used to run a job. For more information, see "Visualizar o histórico de execução do fluxo de trabalho."

Executor maiors

Além dos executores hospedados GitHub padrão, o GitHub oferece aos clientes de planos GitHub Team e GitHub Enterprise Cloud um intervalo de máquinas virtuais gerenciadas com mais RAM, CPU e espaço em disco. Esses executores são hospedados por GitHub e têm o aplicativo executor e outras ferramentas pré-instalados.

For more information, see "About larger runners."

Supported software

The software tools included in GitHub-hosted runners are updated weekly. The update process takes several days, and the list of preinstalled software on the main branch is updated after the whole deployment ends.

Preinstalled software

Workflow logs include a link to the preinstalled tools on the exact runner. To find this information in the workflow log, expand the Set up job section. Under that section, expand the Runner Image section. The link following Included Software will describe the preinstalled tools on the runner that ran the workflow.

For more information, see "Visualizar o histórico de execução do fluxo de trabalho."

For the overall list of included tools for each runner operating system, see the links below:

GitHub-hosted runners include the operating system's default built-in tools, in addition to the packages listed in the above references. For example, Ubuntu and macOS runners include grep, find, and which, among other default tools.

You can also view a software bill of materials (SBOM) for each build of the Windows and Ubuntu runner images. For more information, see "Fortalecimento de segurança para o GitHub Actions."

Using preinstalled software

We recommend using actions to interact with the software installed on runners. This approach has several benefits:

Usually, actions provide more flexible functionality like versions selection, ability to pass arguments, and parameters
It ensures the tool versions used in your workflow will remain the same regardless of software updates

If there is a tool that you'd like to request, please open an issue at actions/runner-images. This repository also contains announcements about all major software updates on runners.

Installing additional software

You can install additional software on GitHub-hosted runners. For more information, see "Customizing GitHub-hosted runners".

Cloud hosts used by GitHub-hosted runners

GitHub hosts Linux and Windows runners on Standard_DS2_v2 virtual machines in Microsoft Azure with the GitHub Actions runner application installed. The GitHub-hosted runner application is a fork of the Azure Pipelines Agent. Inbound ICMP packets are blocked for all Azure virtual machines, so ping or traceroute commands might not work. For more information about the Standard_DS2_v2 resources, see "Dv2 and DSv2-series" in the Microsoft Azure documentation. GitHub hosts macOS runners in Azure data centers.

Workflow continuity

Se os serviços de GitHub Actions estiverem temporariamente indisponíveis, a execução do fluxo de trabalho será descartada se não tiver sido enfileirada em 30 minutos após ser acionada. Por exemplo, se um fluxo de trabalho for acionado e os serviços de GitHub Actions não estiverem disponíveis por 31 minutos ou mais, a execução do fluxo de trabalho não será processada.

In addition, if the workflow run has been successfully queued, but has not been processed by a GitHub-hosted runner within 45 minutes, then the queued workflow run is discarded.

Administrative privileges

The Linux and macOS virtual machines both run using passwordless sudo. When you need to execute commands or install tools that require more privileges than the current user, you can use sudo without needing to provide a password. For more information, see the "Sudo Manual."

Windows virtual machines are configured to run as administrators with User Account Control (UAC) disabled. For more information, see "How User Account Control works" in the Windows documentation.

IP addresses

To get a list of IP address ranges that GitHub Actions uses for GitHub-hosted runners, you can use the GitHub REST API. For more information, see the actions key in the response of the "Meta" endpoint.

Windows and Ubuntu runners are hosted in Azure and subsequently have the same IP address ranges as the Azure datacenters. macOS runners are hosted in GitHub's own macOS cloud.

Since there are so many IP address ranges for GitHub-hosted runners, we do not recommend that you use these as allowlists for your internal resources. Instead, we recommend you use executor maiors with a static IP address range, or self-hosted runners. For more information, see "About larger runners" or "Sobre executores auto-hospedados."

The list of GitHub Actions IP addresses returned by the API is updated once a week.

The `etc/hosts` file

Os executores hospedados pelo GitHub são provisionados com um arquivo etc/hosts que bloqueia o acesso à rede a vários pools de mineração de criptomoedas e sites mal-intencionados. Hosts como MiningMadness.com e cpu-pool.com são redirecionados para localhost para que não apresentem um risco de segurança significativo.

File systems

GitHub executes actions and shell commands in specific directories on the virtual machine. The file paths on virtual machines are not static. Use the environment variables GitHub provides to construct file paths for the home, workspace, and workflow directories.

Directory	Environment variable	Description
`home`	`HOME`	Contains user-related data. For example, this directory could contain credentials from a login attempt.
`workspace`	`GITHUB_WORKSPACE`	Actions and shell commands execute in this directory. An action can modify the contents of this directory, which subsequent actions can access.
`workflow/event.json`	`GITHUB_EVENT_PATH`	The `POST` payload of the webhook event that triggered the workflow. GitHub rewrites this each time an action executes to isolate file content between actions.

For a list of the environment variables GitHub creates for each workflow, see "Variáveis."

Docker container filesystem

Actions that run in Docker containers have static directories under the /github path. However, we strongly recommend using the default environment variables to construct file paths in Docker containers.

GitHub reserves the /github path prefix and creates three directories for actions.

/github/home
/github/workspace - Observação: o GitHub Actions precisa ser executado pelo usuário padrão do Docker (raiz). Verifique se o Dockerfile não define a instrução USER, caso contrário, você não poderá acessar o GITHUB_WORKSPACE.
/github/workflow