actions/actions-runner-controller
1
0
Fork 0
mirror of https://github.com/actions/actions-runner-controller.git synced 2025-12-10 11:41:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e45e4c53f15fceb9a71c4b91aaaf51ad7e695c1f
actions-runner-controller/docs/managing-access-with-runner-groups.md
Siara 3ede9b5a01 Restructure documentation (#2114) 
Breaks up the ARC documentation into several smaller articles. 

`@vijay-train` and `@martin389` put together the plan for this update, and I've just followed it here. 

In these updates:

- The README has been updated to include more general project information, and link to each new article.
- The `detailed-docs.md` file has been broken up into multiple articles, and then deleted.
- The Actions Runner Controller Overview doc has been renamed to `about-arc.md`.

Any edits to content beyond generally renaming headers or fixing typos is out of scope for this PR, but will be made in the future. 

Co-authored-by: Bassem Dghaidi <568794+Link-@users.noreply.github.com>
2023-01-05 04:47:52 -05:00

32 lines
1.6 KiB
Markdown
Raw Blame History

# Managing access with runner groups
## Runner Groups
Runner groups can be used to limit which repositories are able to use the GitHub Runner at an organization level. Runner groups have to be [created in GitHub first](https://docs.github.com/en/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups) before they can be referenced.
To add the runner to the group `NewGroup`, specify the group in your `Runner` or `RunnerDeployment` spec.
```yaml
apiVersion: actions.summerwind.dev/v1alpha1
kind: RunnerDeployment
metadata:
name: custom-runner
spec:
replicas: 1
template:
spec:
group: NewGroup
```
GitHub supports custom visibility in a Runner Group to make it available to a specific set of repositories only. By default if no GitHub
authentication is included in the webhook server ARC will be assumed that all runner groups to be usable in all repositories.
Currently, GitHub does not include the repository runner group membership information in the workflow_job event (or any webhook). To make the ARC "runner group aware" additional GitHub API calls are needed to find out what runner groups are visible to the webhook's repository. This behaviour will impact your rate-limit budget and so the option needs to be explicitly configured by the end user.
This option will be enabled when proper GitHub authentication options (token, app or basic auth) are provided in the webhook server and `useRunnerGroupsVisibility` is set to true, e.g.
```yaml
githubWebhookServer:
enabled: false
replicaCount: 1
useRunnerGroupsVisibility: true
```
Reference in New Issue View Git Blame Copy Permalink