title | shortTitle | intro | versions | type | permissions | topics | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Configuring private networking for GitHub-hosted runners in your organization |
Configuring private networking |
Learn how to use {% data variables.product.company_short %}-hosted runners with an Azure private network in your organization. |
|
how_to |
{% data reusables.actions.azure-vnet-organization-permissions %} |
|
{% data reusables.actions.azure-vnet-configuring-overview %}
{% ifversion ghec %}
Note
{% data reusables.actions.azure-vnet-enterprise-policy %}
{% endif %}
{% data reusables.actions.azure-vnet-procedures-prereqs %}
You can use the following GraphQL query to retrieve your organization databaseId
. You will use the organization databaseId
for the value of the DATABASE_ID
environment variable in the next step. For more information on working with GraphQL, see "AUTOTITLE."
Query variable | Description |
---|---|
login |
The login for your organization account, which you can identify by looking at the URL for your organization, https://github.com/organizations/ORGANIZATION_LOGIN . |
query(
$login: String!
){
organization (login: $login)
{
login
databaseId
}
}
'
Variables
{
"login": "ORGANIZATION_LOGIN"
}
Alternatively, you can use the following curl command to find your databaseId
.
curl -H "Authorization: Bearer BEARER_TOKEN" -X POST \
-d '{ "query": "query($login: String!) { organization (login: $login) { login databaseId } }" ,
"variables": {
"login": "ORGANIZATION_LOGIN"
}
}' \
https://api.github.com/graphql
{% data reusables.actions.azure-vnet-configure-azure-resources-script %}
Creating a network configuration for your organization in {% data variables.product.company_short %}
{% data reusables.actions.azure-vnet-creating-network-configuration-prereqs %}
{% data reusables.profile.access_org %} {% data reusables.profile.org_settings %}
- In the left sidebar, click Hosted compute networking.
- Click the New network configuration dropdown. Then click Azure private network.
- Name your network configuration.
- Click Add Azure Virtual Network.
- In the popup window, enter the network settings resource ID you retrieved when you configured your Azure resources for private networking.
- Click Add Azure Virtual Network.
Note
For the runner group to be accessible by repositories within your organizations, those repositories must have access to that runner group at the organization level. For more information, see "AUTOTITLE."
- Create a new runner group for your organization. For more information about how to create a runner group, see "AUTOTITLE."
- To choose a policy for repository access, select the Repository access dropdown menu and click a policy. You can configure a runner group to be accessible to a specific list of repositories, or all repositories in the organization.
- While configuring your runner group, under "Network configurations," use the dropdown menu to select the network configuration you created for the Azure VNET.
- To create the group and apply the policy, click Create group.
3. Add the {% data variables.product.company_short %}-hosted runner to the organization runner group
Note
When adding your {% data variables.product.company_short %}-hosted runner to a runner group, select the runner group you created in the previous procedures.
- Add the {% data variables.product.company_short %}-hosted runner to the runner group. For more information, see "AUTOTITLE."
{% data reusables.profile.access_org %} {% data reusables.profile.org_settings %}
- In the left sidebar, click Hosted compute networking.
- To edit a network configuration, to the right of the network configuration, click {% octicon "pencil" aria-label="Edit a network configuration" %}. Then click Edit configuration.
- To disable a network configuration, to the right of the network configuration, click {% octicon "kebab-horizontal" aria-label="Menu" %}. Then click Disable.
- To delete a network configuration, to the right of the network configuration, click {% octicon "kebab-horizontal" aria-label="Menu" %}. Then click Delete.
{% data reusables.actions.azure-vnet-deleting-a-subnet %}