Home

Awesome

image

awesome-runners 🏃

Awesome Badges GitHub license made-with-Markdown Maintenance Open Source? Yes!

A curated list of awesome self-hosted GitHub Action runner solutions in a large comparison matrix

Purpose

The purpose of this repository is to provide an overview on self-hosted runner solutions for GitHub Actions compared by various criteria. There is no rating implied as the importance of the various categories differ from use case to use case. Data can be out of date, so if a certain feature is told to be missing, please double check whether this is still the case.

PRs Welcome

General collection of self-hosted runner best practices

During my research, I stumbled over dduzgun-security/github-self-hosted-runners with ✨ tips ✨ on what to consider when using self-hosted runners by yourself.

A word about self-hosted action runner images / virtual environments and how to test locally

The virtual environments provided by GitHub Action managed runners like ubuntu-latest contain a LOT of pre-installed tools already. If all of those tools were installed in your self-hosted runner, this would result in images > 18 GB. In many cases where you have a better picture for which purposes/platforms you will use your self-hosted runners, this is probably not what you want for performance and maintenance reasons. All of the self-hosted solutions compared allow to define custom images with custom tooling.

If you like to test your custom images with your Actions workflows locally before you expose them to your end users at large scale, you can use nektos/act to specify your own Docker image for a specific runner label using the -P option, see a more complex example here.

The matrix (might be better readable on GitHub pages)

Solution nameRuntimeGHESRegScopeScalingAutoScalingArchitectureAutoDeregPATInRunnerCleanUpPrivilegedExposedAllInOneSelfServiceIdleCosts
actions/actions-runner-controller GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedk8sEnterprise, Org, Repo, Labels, RunnerGroupsk8s manifests & dynamic scaling✅ (pending + running jobs or percentage runners already busy, check run events, scale up/down and flapping prevention parameters)x86, AMD64, ARM, ARM64noyes (if ephemeral option is used)yes (install time, optional DinD)only if github-webhook autoscaler is usednoyes (IssueOps project available)actions-runner controller + at least one pod per org runner
philips-labs/terraform-aws-github-runner GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedAWS EC2/Lambda for Linux and Windows VMsOrg, Repo, Labels, RunnerGroupsTerraform config & dynamic scaling✅ (pending jobs in org/repo, scale up/down and flapping prevention parameters)x86, AMD64, ARM, ARM64noyes (if ephemeral option is used)noyes (GitHub check_run events)yes (at least intended this way)yes (IssueOps project available)no (only Lambdas, KMS, queue service, API gateway)
myoung34/docker-github-actions-runner GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedDockerOrg, Repo, Labels, RunnerGroupsdocker-compose, Nomad & k8s examplesx86, ARM64, ARMyesnoyes (DinD)nononono
evryfs/github-actions-runner-operator GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedk8sOrganization, Repoyes (k8s manifests define max and min)✅ scales up to min runners ASAP, then adds one runner at a time up to max if all current runners are busy, scales down idle runners up to minx86noyes (ephemeral from v0.10.0)yes (install time, optional DinD)nononoactions-runner controller
MonolithProjects/ansible-github_actions_runner GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedbare metal/VMOrganization, Repo, Labelsbased on Ansible playbookx86, AMD64, ARM, ARM64explicitly in playbooknonoinstall Ansible agentsAnsible agentspossiblenoAnsible agents
SanderKnape/github-runner GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedDockerOrg, Repo, Labelsk8s manifest examplex86yesnononononono
machulav/ec2-github-runner GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedAWS EC2RepoGitHub Actions workflow params✅ (1 runner per workflow run that requests it)x86part of Actions workflownoyes (ephemeral)noembedded in GitHub Action workflowpossibleyes (Actions Workflow)no
terraform-google-modules/terraform-google-github-actions-runners GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedk8s (GKE), Docker, VMs (GCE)RepoTerraform config/k8s manifestsonly on k8s, based on generic pod CPU consumption (HPA metric)x86only worked for DockeryesnononoVMs could be configured like thisnoat least one idle runner to allow HPA to kick in based on CPU consumption
github-developer/self-hosted-runners-anthos GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedk8s (Anthos GKE)RepoTerraform config/k8s manifestsonly on k8s, based on generic pod CPU consumption (HPA metric)x86yesnoyes, for DinD (can be turned off)nononoat least one idle runner to allow HPA to kick in based on CPU consumption
cosmoconsult/github-runner-windows GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedWindows Docker containerOrg, Repodocker compose example in blog postwin-x86replace but not removeyesnononononono
aslafy-z/github-runner GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closed(fat) Docker, AWS EC2Repo, Labelsk8s & Nomad examplesx86yesnooptional to run DinDnoyes (50G+ image with all tools)nono
redhat-actions/self-hosted-runner-installer GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedKubernetes (OpenShift)Org, Repo, LabelsHELM chart parametersx86yesnononononono
peter-murray/github-actions-runner-container GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedDockerEnterprise, Org, Repo, Labels, RunnerGroupsx86yesyesnonononono
lts-beratung/ansible-github-action-runner GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedbare metal or VMOrg, RepoAnsible playbookx86yesnoinstall Ansible agentsAnsible agentspossiblenoAnsible agents
rakheshster/github-runner-on-ubuntu GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedAzure VM (ARM template)Repox86yesnononopossiblenono
ChristopherHX/github-act-runner GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedbare metalEnterprise, Org, Repo, Labels, RunnerGroupsx86, AMD64, ARM, ARM64, riscv64, s390x, ppc64, ppc64le, mips, mipsle, mips64, mips64le on Linux, Windows, macOS, Openbsd, Freebsd, Netbsd, Solaris, Dragonfly, Plan9, Android and Illumosnoyesnonononono
related-sciences/gce-github-runner GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedGCP GCERepoGitHub Actions workflow params✅ (1 runner per workflow run that requests it)x86part of Actions workflownoyes (ephemeral)noembedded in GitHub Action workflowpossibleyes (Actions Workflow)no
whywaita/myshoes GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedVirtual Machine: LXD, OpenStack, AWS, and more! (pluggable, can implement any platform) The already implemented provider is whywaita/myshoes-providersRepo, OrgGitHub Actions workflow params✅ (1 runner per workflow run that requests it)any platform that can start bash script or transpiled script from a bash scriptpart of Actions workflownoyes (ephemeral)noyes (GitHub check_run events)possible (provide image in some provider, e.g. whywaita/virtual-environments-lxd and shoes-lxd)nomyshoes daemon process
boozallen/goobernetes GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedk8sEnterprise, Org, Repo, Labels, RunnerGroupsk8s manifests & dynamic scaling✅ (pending + running jobs or percentage runners already busy, check run events, scale up/down and flapping prevention parameters)AMD64, others possiblenoyes (if ephemeral option is used)yes (install time, optional DInD)only if github-webhook autoscaler is usednoyes (IssueOps project available)actions-runner controller + at least one pod per org runner
some-natalie/kubernoodles GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedk8sEnterprise, Org, Repo, Labels, RunnerGroupsk8s manifests & dynamic scaling✅ (pending + running jobs or percentage runners already busy, check run events, scale up/down and flapping prevention parameters)AMD64, others possiblenoyes (if ephemeral option is used)yes (install time, optional DinD)only if github-webhook autoscaler is usednoyes (IssueOps project available)actions-runner controller + at least one pod per org runner
knatnetwork/github-runner GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedDocker for single machine quick start or K8s deployments for multiple replicasOrg, Repo, Labelsdocker-compose or k8s deploymentAMD64, ARM64noyes (if ephemeral option is used)yes (install time, optional DinD)nononono
CloudSnorkel/cdk-github-runners GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedDocker on AWS CodeBuild, Fargate or LambdaLabelsOn-demandAMD64, ARM64noyes (always ephemeral)yesyes (Lambda URL with secret)possiblenono
vbem/multi-runners GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedbare metal/VMOrg, Repo, Labels, RunnerGroupsCLI controlx86, AMD64, ARM, ARM64CLI controlyesnoyesnopossibleyes (CLI)no
runs-on/runs-on GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedAWS EC2Repo, Dynamic LabelsOn-demandx86, AMD64, ARM64No PAT, only JIT tokenAuto-cleanupNo runtime privilegeGitHub App exposedAllInOne and custom images possibleyes (Actions Workflow)$15/month
cloudbase/garm GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedk8s,VM,Bare Metal (pluggable), available providers: k8s, EC2, OpenStack, OCI, GCP, LXD, Incus, Equinix Metal, Azure.Enterprise, Org, Repo, Labels, RunnerGroupsOn-demand✅ Scales based on workflow jobs, allows setting min/max runners per pool, scales up to "min" immediately, maintains "min" idle runners as long as "max" is not reachedx86, AMD64, ARM, ARM64noyes (all runners are ephemeral and automatically disposed from the provider once removed from GitHub)no (GARM can run as a non privileged user)yes, required for github-webhook endpoint, needed for auto scalingyes (if used as standalone, optionally it can be integrated in k8s using the garm-operator)yes, GARM has pools which can be created in any number on any entity (org, repo, enterprise), with any runner group and with any labelsthe cost of running a single container or VM with GARM, and any idle runners configured in the pools, cost depends on provider used (EC2, Azure, etc)
Privatehive/gcp-hosted-github-runner GitHub license GitHub contributors GitHub Stars GitHub issues GitHub issues-closedGCP GCEEnterprise, Org, Repo, Labels, RunnerGroupsOn-demand✅ 1 runner per workflow job. Created when job is "queued". Deleted when job is "completed".x86, AMD64, ARM64No PAT, only JIT tokenyes (always ephemeral)noyes, required for github-webhook endpoint, needed for auto scalingpossiblenono (covered by GCP free tier)

Comparison categories

Runtime - Container, Kubernetes, virtual machines

Specifies whether the self-hosted runners are running on a container, Kubernetes cluster or virtual machine. Virtual machine based runners typically have some cloud specific dependencies.

GHES - GitHub Enterprise Server support

While GitHub.com is supported by all self-hosted runner solutions evaluated, not all of them support GitHub Enterprise Server yet (although supporting GitHub Enterprise Server is often just a matter on changing the API endpoint).

RegScope - Registration Scope

Self-hosted runners can be registered on the repo, org and enterprise level and may register with custom labels inside runner groups - but not all runner solutions provide support for all those options.

Scaling - Ability to specify multiple runner instances

Some self-hosted runner solutions have the ability to specify how many runners of a certain kind should be launched and whether crashed runners should be restarted.

Scaling

Some self-hosted runner solutions have the ability to scale automatically with the amount of pending jobs, busy runners, CPU utilization, ...

Architecture - Operating systems supported

While self-hosted action runners can support Linux (x86, ARM, ARM64), Mac and Windows - most self-hosted runner solutions are restricted to a subset of those architectures

Dereg - Automatic Runner Deregistration

Not all runner solutions remove themselves after they have been deleted, which can be problematic, especially, if combined aith auto-scaling capabilities.

PATInRunner - Personal access or OAuth token needed in runner

Some runner solutions provide a personal access token (PAT) or OAuth token directly to the runner so that it can register itself. This imposes the risk of a malicious job trying to steal the token and use it to elevate its permissions. Solutions that only pass a runner token to the actual runners are preferred from a security perspective.

CleanUp - Automated clean up after a build

While self-hosted runner provide some isolation between jobs, it is the responsibility of the job to clean up in most cases. Some self-runner solutions automatically de-register and clean-up runners after every build to avoid any interference between jobs.

Privileged - Any special privileges needed to run or install the solution

Calls out any special privileges (like Kubernetes cluster admin, Docker privileged mode) needed to run or install the solution.

Exposed - Need for GitHub to reach parts of the runner solution via web hooks

Some centralized runner solutions rely on the ability to receive web hook events from GitHub about new jobs. This approach might not be feasible for some installations, although a reverse proxy may help.

AllInOne - Software installed in the self-hosted runners

GitHub's own, hosted runners have a lot of software already pre-installed. Most container based solutions follow a different philosophy where only a minimum amount of software is pre-installed.

Contributors - Number of contributors to the solution

While the number of contributors is not the only criteria, it is typically a good indicator for the maturity of a solution.

SelfService - Ability for end users to setup new runner scale sets

Some runner solutions have add-ons that allow end users to stand up new runner groups in a self-service fashion, e.g. via IssueOps.

IdleCosts - Costs that incur even if no jobs are running

Some solutions require certain central components to be up and running all the time or at least one idle runner to allow scaling up properly - this category provides an idea of what is needed in terms of components, not concrete $$$ costs.

Matrix bonus

If you like to test the auto-scaling capabilities of your awesome runners with Matrix inspired action build runs, including LED matrices and Raspberry PIs, check out this repo.

image

image

image

image

image