title | shortTitle | intro | versions | type | permissions | topics | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Configuring private networking for GitHub-hosted runners in your organization |
Configuring private networking |
Learn how to use {% data variables.product.company_short %}-hosted runners with an Azure private network in your organization. |
|
how_to |
{% data reusables.actions.azure-vnet-organization-permissions %} |
|
{% data reusables.actions.azure-vnet-configuring-overview %}
{% ifversion ghec %}
Note
{% data reusables.actions.azure-vnet-enterprise-policy %}
{% endif %}
{% data reusables.actions.azure-vnet-procedures-prereqs %}
You can use the following GraphQL query to retrieve your organization databaseId
. You will use the organization databaseId
for the value of the DATABASE_ID
environment variable in the next step. For more information on working with GraphQL, see "AUTOTITLE."
Query variable | Description |
---|---|
login |
The login for your organization account, which you can identify by looking at the URL for your organization, https://github.com/organizations/ORGANIZATION_LOGIN . |
query(
$login: String!
){
organization (login: $login)
{
login
databaseId
}
}
'
Variables
{
"login": "ORGANIZATION_LOGIN"
}
Alternatively, you can use the following curl command to find your databaseId
.
curl -H "Authorization: Bearer BEARER_TOKEN" -X POST \
-d '{ "query": "query($login: String!) { organization (login: $login) { login databaseId } }" ,
"variables": {
"login": "ORGANIZATION_LOGIN"
}
}' \
https://api.github.com/graphql
{% data reusables.actions.azure-vnet-configure-azure-resources-script %}
Creating a network configuration for your organization in {% data variables.product.company_short %}
{% data reusables.actions.azure-vnet-creating-network-configuration-prereqs %}
{% data reusables.profile.access_org %} {% data reusables.profile.org_settings %}
- In the left sidebar, click Hosted compute networking.
- Click the New network configuration dropdown. Then click Azure private network.
- Name your network configuration.
- Click Add Azure Virtual Network.
- In the popup window, enter the network settings resource ID you retrieved when you configured your Azure resources for private networking.
- Click Add Azure Virtual Network.
{% note %}
Note: For the runner group to be accessible by repositories within your organizations, those repositories must have access to that runner group at the organization level. For more information, see "AUTOTITLE."
{% endnote %}
- Create a new runner group for your organization. For more information about how to create a runner group, see "AUTOTITLE."
- To choose a policy for repository access, select the Repository access dropdown menu and click a policy. You can configure a runner group to be accessible to a specific list of repositories, or all repositories in the organization.
- While configuring your runner group, under "Network configurations," use the dropdown menu to select the network configuration you created for the Azure VNET.
- To create the group and apply the policy, click Create group.
3. Add the {% data variables.product.company_short %}-hosted runner to the organization runner group
{% note %}
Note: When adding your {% data variables.product.company_short %}-hosted runner to a runner group, select the runner group you created in the previous procedures.
{% endnote %}
- Add the {% data variables.product.company_short %}-hosted runner to the runner group. For more information, see "AUTOTITLE."
{% data reusables.profile.access_org %} {% data reusables.profile.org_settings %}
- In the left sidebar, click Hosted compute networking.
- To edit a network configuration, to the right of the network configuration, click {% octicon "pencil" aria-label="Edit a network configuration" %}. Then click Edit configuration.
- To disable a network configuration, to the right of the network configuration, click {% octicon "kebab-horizontal" aria-label="Menu" %}. Then click Disable.
- To delete a network configuration, to the right of the network configuration, click {% octicon "kebab-horizontal" aria-label="Menu" %}. Then click Delete.
{% data reusables.actions.azure-vnet-deleting-a-subnet %}