Managing access to self-hosted runners

You can control which repositories can send jobs to an organization's self-hosted runners.

Self-hosted runners added at the organization level can process jobs for all repositories in the organization. If you need to limit access to your self-hosted runners, you can configure the policy to only process jobs for private repositories, or you can define a list of permitted repositories.

Controlling which repositories have access to an organization's runners

  1. On GitHub, navigate to the main page of the organization.

  2. Under your organization name, click Settings.

    Organization settings button

  3. In the left sidebar, click Actions.

    Actions setting

  4. Next to "Self-hosted runners", click Manage repository permissions.

    Manage repository permissions

  5. From the drop-down menu, choose one of the following options:

    • All repositories - All public and private repositories in the organization can send jobs to the organization's self-hosted runners.
    • Private repositories - Only private repositories in the organization can send jobs to the organization's self-hosted runners.
    • Selected repositories - Use the repository selection menu to choose which repositories in the organization can send jobs to the organization's self-hosted runners.

Ask a human

Can't find what you're looking for?

Contact us