SSH access

RunsOn provides SSH access to the runners, so that you can easily troubleshoot any issue with one of your GitHub Action workflows.

Availability

• By default, SSH access is enabled for runners, to allow easy troubleshoot should the need arises.

• SSH access instructions will be displayed into your workflow logs, under the “Set up job” section:

• SSH access can be disabled by adding the ssh=false label to your runs-on definition:

.github/workflows/my-workflow.yml

job: Test
  runs-on: [runs-on,runner=2cpu-linux-x64,ssh=false]

Restrictions

• By default SSH access will be available from anywhere (0.0.0.0/0).
• SSH access can be restricted to a specific network CIDR range (set at installation time), e.g. your company VPN.

SSH users

By default, the first 10 collaborators on the repository with push permission will have their public SSH keys (as declared in their GitHub settings) added to the runner.

For repositories with a higher number of collaborators, or to avoid having too many SSH keys populated on the runner, you might want to specify the list of admins yourself, in the RunsOn configuration file of the repository.

This configuration settings takes a list of GitHub usernames, whose SSH public keys will be added to the runner.

.github/runs-on.yml

admins:
  - crohr
  - other-github-user

Important: RunsOn only reads the configuration file from the repository default branch. If you update the configuration file in a branch, the new settings will not be applied until the branch is merged into the default branch.