GitHub runner

  • Canonical IS DevOps
Channel Revision Published Runs on
latest/stable 308 11 Dec 2024
Ubuntu 22.04 Ubuntu 20.04
latest/stable 302 02 Dec 2024
Ubuntu 22.04 Ubuntu 20.04
latest/stable 1 09 Feb 2022
Ubuntu 22.04 Ubuntu 20.04
latest/beta 317 11 Dec 2024
Ubuntu 22.04
latest/beta 310 28 Nov 2024
Ubuntu 22.04
latest/edge 322 20 Dec 2024
Ubuntu 22.04 Ubuntu 20.04
latest/edge 310 28 Nov 2024
Ubuntu 22.04 Ubuntu 20.04
latest/edge 4 26 Apr 2022
Ubuntu 22.04 Ubuntu 20.04
local-lxd/stable 306 17 Dec 2024
Ubuntu 22.04
local-lxd/edge 306 27 Nov 2024
Ubuntu 22.04
1/stable 177 05 Jun 2024
Ubuntu 22.04
1/edge 177 05 Jun 2024
Ubuntu 22.04
juju deploy github-runner
Show information

Platform:

Ubuntu
22.04 20.04

How to restrict self-hosted runner network access

The denylist configuration can be used to restrict network access for self-hosted runners.

This can be employed to prevent self-hosted runners from accessing the network on the Juju machine. Generally, all IPv4 local addresses should be included in the denylist:

  • 0.0.0.0/8
  • 10.0.0.0/8
  • 100.64.0.0/10
  • 127.0.0.0/8
  • 169.254.0.0/16
  • 172.16.0.0/12
  • 192.0.0.0/24
  • 192.0.2.0/24
  • 192.88.99.0/24
  • 192.168.0.0/16
  • 198.18.0.0/15
  • 198.51.100.0/24
  • 203.0.113.0/24
  • 224.0.0.0/4
  • 233.252.0.0/24
  • 240.0.0.0/4

Additionally, include any IPv4 address or CIDR block that the runner should not have access to on the denylist.


Help improve this document in the forum (guidelines). Last updated 9 months ago.