Detecting Self-hosted Runners in ListJobsForWorkflowRun #111347
Unanswered
ramonpetgrave64
asked this question in
Actions
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Select Topic Area
Product Feedback
Body
Summary
We would like if the ListJobsForWorkflowRun API also returned information indicating whether a Job was executed on a github-hosted runner or a self-hosted runner.
In this example response from ListJobsForWorkflowRun, where a job has already been completed with a known
"runner_id": 1
, the API should also return another field similar to"runner_host_type": "self-hosted"
or"runner_type": "github-hosted"
.Background
At slsa-framework/slsa-github-generator, we need our reusable workflows to verify that all other adjacent jobs in the calling workflows were using github-hosted runners, and not self-hosted runners.
slsa-framework/slsa-github-generator#1868
We came up with one way using the available Rest APIs:
However, this method doesn't work in one situation: a repo owner could alter the labels for their self-hosted runners after a Job has been completed, but before our check.
Furthermore, listing self-hosted runners requires a Personal Access Token with Administration:read permissions. Besides the increased complexity of asking our users to supplying PAT to our re-usable workflows, we want to minimize the amount of access needed.
Beta Was this translation helpful? Give feedback.
All reactions