[
https://issues.apache.org/jira/browse/BEAM-14248?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kenneth Knowles updated BEAM-14248:
-----------------------------------
Status: Open (was: Triage Needed)
> Allow committers only to run GitHub Actions workflows on self-hosted runners
> ----------------------------------------------------------------------------
>
> Key: BEAM-14248
> URL: https://issues.apache.org/jira/browse/BEAM-14248
> Project: Beam
> Issue Type: Improvement
> Components: build-system
> Reporter: Daniela Martín
> Priority: P2
>
> Hi everyone,
> After a meeting held on March 14, 2022 with Gavin McDonald and Jarek Potiuk,
> we noticed that the implementation of Ash's GitHub Actions Runner [1] would
> be highly important to have it in the Beam project as well due to security
> concerns. Ash's version allows us to execute the runners only by approved
> committers providing us an extra layer of security (this is already
> implemented in Apache Airflow [2]).
> Currently and with the GitHub Actions Runner [3], everyone can execute
> runners and workflows with any restriction as it's a public repo.
> We highly recommend incorporating this approach to the current implementation
> Thank you!
> [1] [https://github.com/ashb/runner]
> [2]
> [https://github.com/apache/airflow-ci-infra/tree/main/github-runner-ami/packer]
>
> [3] [https://github.com/actions/runner]
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
