jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-19 18:10:59 -05:00
Code Issues Projects Releases Wiki Activity
Files
main
docs/content/organizations/managing-organization-settings/configuring-private-networking-for-github-hosted-runners-in-your-organization.md

5.3 KiB
Raw Permalink Blame History

title, shortTitle, intro, versions, type, permissions, topics
title shortTitle intro versions type permissions topics
Configuring private networking for GitHub-hosted runners in your organization Configuring private networking Learn how to use {% data variables.product.company_short %}-hosted runners with an Azure private network in your organization.
feature
actions-private-networking-azure-vnet
how_to {% data reusables.actions.azure-vnet-organization-permissions %}
Actions
Action development
Azure Virtual Network
Administrator
Developer
CI
CD
Organizations

About Azure private networking for {% data variables.product.company_short %}-hosted runners

{% data reusables.actions.azure-vnet-configuring-overview %}

{% ifversion ghec %}

Note

{% data reusables.actions.azure-vnet-enterprise-policy %}

{% endif %}

Configuring your Azure resources

{% data reusables.actions.azure-vnet-procedures-prereqs %}

1. Obtain the databaseId for your organization

Tip

Your token will require at minimum read:org permissions to perform a successful query.

You can use the following GraphQL query to retrieve your organization databaseId. You will use the organization databaseId for the value of the DATABASE_ID environment variable in the next step. For more information on working with GraphQL, see AUTOTITLE.

Query variable Description
login The login for your organization account, which you can identify by looking at the URL for your organization, https://github.com/organizations/ORGANIZATION_LOGIN. 
query(
  $login: String!
){
  organization (login: $login)
  {
    login
    databaseId
  }
}
'
Variables
{
  "login": "ORGANIZATION_LOGIN"
}

Alternatively, you can use the following curl command to find your databaseId.

curl -H "Authorization: Bearer BEARER_TOKEN" -X POST \
  -d '{ "query": "query($login: String!) { organization (login: $login) { login databaseId } }" ,
        "variables": {
          "login": "ORGANIZATION_LOGIN"
        }
      }' \
https://api.github.com/graphql

{% data reusables.actions.azure-vnet-configure-azure-resources-script %}

Creating a network configuration for your organization in {% data variables.product.company_short %}

{% data reusables.actions.azure-vnet-creating-network-configuration-prereqs %}

1. Add a new network configuration for your organization

{% data reusables.profile.access_org %} {% data reusables.profile.org_settings %}

  1. In the left sidebar, click Hosted compute networking.
  2. Click the New network configuration dropdown. Then click Azure private network.
  3. Name your network configuration.
  4. Click Add Azure Virtual Network.
  5. In the popup window, enter the network settings resource ID you retrieved when you configured your Azure resources for private networking.
  6. Click Add Azure Virtual Network.

2. Create a runner group for your organization

Note

For the runner group to be accessible by repositories within your organizations, those repositories must have access to that runner group at the organization level. For more information, see AUTOTITLE.

  1. Create a new runner group for your organization. For more information about how to create a runner group, see AUTOTITLE.
  2. To choose a policy for repository access, select the Repository access dropdown menu and click a policy. You can configure a runner group to be accessible to a specific list of repositories, or all repositories in the organization.
  3. While configuring your runner group, under "Network configurations," use the dropdown menu to select the network configuration you created for the Azure VNET.
  4. To create the group and apply the policy, click Create group.

3. Add the {% data variables.product.company_short %}-hosted runner to the organization runner group

Note

When adding your {% data variables.product.company_short %}-hosted runner to a runner group, select the runner group you created in the previous procedures.

  1. Add the {% data variables.product.company_short %}-hosted runner to the runner group. For more information, see AUTOTITLE.

4. Optionally, manage network configurations

{% data reusables.profile.access_org %} {% data reusables.profile.org_settings %}

  1. In the left sidebar, click Hosted compute networking.
  2. To edit a network configuration, to the right of the network configuration, click {% octicon "pencil" aria-label="Edit a network configuration" %}. Then click Edit configuration.
  3. To disable a network configuration, to the right of the network configuration, click {% octicon "kebab-horizontal" aria-label="Menu" %}. Then click Disable.
  4. To delete a network configuration, to the right of the network configuration, click {% octicon "kebab-horizontal" aria-label="Menu" %}. Then click Delete.

Deleting a subnet

{% data reusables.actions.azure-vnet-deleting-a-subnet %}

Reference in New Issue View Git Blame Copy Permalink