pro tip! if you simply need a connection from github actions to your local network, tailscale is a great solution. It could still be useful even if you are using self-hosted runners in case your runners still don't have direct access to your desired network. No firewall holes, no SSH bastions/jump-hosts - just the tailscale daemon in your workflow and a subnet router somewhere in your private network.
You don't need to create an organization to use self-hosted runners. You can use them with repos on your personal profile too, it's just that you have to add the runner individually to each repository
True. Not only that, but you'll need to install a runner for each repository. I started down that path and realized I'm going to have 23 docker apps in 23 repositories with 23 runners to manage if I did that. So, I create an organization( it was free ) and I'm figuring out if I need to move the repos to the organization to use the 1 org runner, or if members of the organization can use them in their personal repositories.
Awesome tutorial, thanks for this. Just a tip for those without organizations. You can also setup Action Runners within a Repo. No need to setup organizations. And having automation helps with security, ways to deploy back if anything breaks, you can check what you have done, you can redeploy everything again if needed and the list goes on. Thanks for the video!
Great Tutorial. i never use before because I usually use Jenkins to clone, build, test and deploy. but this is a great video for add new insights about CI/CD Tools.
The security concerns of running arbitrary code that was pushed to a repository were not fully addressed. Self hosted runners should be as isolated as possible and only put on private repos or ran with something like Gitea or GitLab in a private, internal environment
@@digital-activity you already don't need to pay for it with GitHub- it's free on public repos. Just cuz you can build a house without doors so you don't have to pay for it doesn't mean you should. Using a front door/implementing security shouldn't be an after though.
Thanks for tutorial! There is no much info on the internet explaining self hosted runners, so it is very appreciated. Could you also make a simular for CircleCI?
I am pretty excited too. In the same way, I also want to use it with Terraform ✌️ Thank you so much. I still have to learn Kubernetes I know the overview just need to get my hands dirty 😈
I would argue the same. How ever, that requires additional overhead and more skill. This video is a quick guide, where as going down the argo route is a lot more long winded and opens you to more security concerns.
That's true about every CNCF solution. There are many options, and they can all solve a problem similarly. Why not one thing versus another often comes down to opinions and subjectivity. We could all ask, "Why not XYZ?" about everything. This is also why teams struggle with CNCF solutions.
That will depende allot of the maturity of the team and the use case. GitOps adds complexity for example in a pipeline to deploy an application with GitOps how the pipeline knows that the deployment just finished?
I'm confused about where to install it. Since there wasn't any guidance on which folder to be in, I changed directory into the /tmp folder and followed the instructions to install it as a service. Will it run find like that? Or should I uninstall and reinstall someplace else?
The only thing I want is to limit the runner to be able to only ever communicate with whitelisted things in K8s. In case of hostile takeover of my repo, (say merging a new GitHub action) I want to be able to know that the runner is only ever having access to internal hosts I have pre-authorized it. Should I use nginx for this or native K8s or is there even a whitelist config in the runner?
Shouldn't you deploy to Kubernetes with the kubectl set image deployments/YourAppName YourAppName=IMAGE:TAG command then you can check your rollout status like this: kubectl rollout status deployment/YourAppName - Then it will do a slow roll of your application.
@@christianlempa true just adding that in -- great video. I spent a lot of time on it yesterday. Having a wonderful time trying to figure out how to put a datetime into a enviroment var so I can put it into the image tag. Thanks for getting into my rabbit hole. Having alot of fun.
Awesome tutorial. Thank you, Christian. I need to know which VS code extension that you use in this tutorial that auto-suggest the Github Action scripts?
I just used the gh runner self hosted to deploy minio on my local kubernetes cluster using terraform, it was a pretty fun project to do ngl, thanks for the vid Chris :)
Hi, just little question on other subject. Is this possible to do multiwan in proxmox. With exemple opentcpm, or other and how do ? If is possible. Ty for all.
Moinsen. Genau richtig der Zeitpunkt muss mein Projekt für FIAE abgeben und mal jemand der mir die Runner erklärt. Bin bei 1:39 und schon am Kommentieren. Hmmm... Mal sehen was da noch kommt, sonst gibt es mega Diskussion im Discord. Versprochen. Grüße aus HH, dein dich lieb... upsie :)
@@matthi1786 Danke. Ja geprüft und über 90 Punkte in Projekt und mündlicher. 😃 Projekt war "Praktikaverwaltung für FachinformatikernInnen", Zielgruppe FI-Ausbilder. Also eine Verwaltungssoftware für Praktika-Verträge und natürlich mit DB (Maria, Dapper als ORM, WPf als UI, MVVM und DependencyInjection und sowas...) Liebe grüße aus HaHa und jetzt als FIFI.. aähh meinte FIAE 💾
bro can you put more video about github action and also use EKS cluster to deploy the kubernetes deployment file. and give the more definetion about the parameter which like "uses". thanks for this videos
Please reduce background music. So much so you can completely mute it. Your content is so good but it’s so hard to comprehend because of sound track. You can see many RU-vidrs don’t have any background at all and it sounds so professional.