You are viewing a plain text version of this content. The canonical link for it is here.

Posted to github@beam.apache.org by GitBox <gi...@apache.org> on 2022/06/05 00:13:50 UTC

[GitHub] [beam] damccorm opened a new issue, #21517: Allow committers only to run GitHub Actions workflows on self-hosted runners

damccorm opened a new issue, #21517:
URL: https://github.com/apache/beam/issues/21517

   Hi everyone, 
   
   After a meeting held on March 14, 2022 with Gavin McDonald and Jarek Potiuk, we noticed that the implementation of Ash's GitHub Actions Runner [1] would be highly important to have it in the Beam project as well due to security concerns. Ash's version allows us to execute the runners only by approved committers providing us an extra layer of security (this is already implemented in Apache Airflow [2]). 
   
   Currently and with the GitHub Actions Runner [3], everyone can execute runners and workflows with any restriction as it's a public repo. 
   
   We highly recommend incorporating this approach to the current implementation
   
   Thank you!
   
   [1] [https://github.com/ashb/runner](https://github.com/ashb/runner) 
   [2] [https://github.com/apache/airflow-ci-infra/tree/main/github-runner-ami/packer](https://github.com/apache/airflow-ci-infra/tree/main/github-runner-ami/packer) 
   [3] [https://github.com/actions/runner](https://github.com/actions/runner) 
   
   Imported from Jira [BEAM-14248](https://issues.apache.org/jira/browse/BEAM-14248). Original Jira may contain additional context.
   Reported by: danimartin.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@beam.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org