You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: _posts/2024-08-06-macos-large-runners.markdown
+14-6Lines changed: 14 additions & 6 deletions
Original file line number
Diff line number
Diff line change
@@ -13,7 +13,8 @@ have a considerable higher amount of processors / memory and disk space allocate
13
13
This advantage comes at a cost though, as billing per minute of executed workflow time is considerably higher as compared to normal runners (see [billing for runners](https://docs.github.com/en/billing/managing-billing-for-github-actions/about-billing-for-github-actions)),
14
14
on top of the usual minute multiplier for macOS runners (each minute of executed workflow time on a macOS runner counts as 10 minutes for billing purposes).
15
15
16
-
<br/>
16
+
### Going to speed up
17
+
17
18
In order to use such a `macOS large runner`, you can simply add a `runs-on: <runner-type>` to your job definition, e.g. using `macos-latest-large` as runner type:
18
19
19
20
{% highlight yaml %}
@@ -31,18 +32,24 @@ jobs:
31
32
{% endhighlight %}
32
33
33
34
<br/>
34
-
Additionally, your organization needs to have a `GitHub Team` or `GitHub Enterprise Cloud` plan to be able to use such a `macOS large runner` (which is now the case for all Eclipse projects hosted on GitHub as of 2024), otherwise workflows using such a runner will fail to run. Once your organization is eligible to use large runners, you probably want to control the access to such runners for the repositories in your organization
35
-
to avoid surprises when you receive your next invoice. GitHub offers a convenient way to define [runner groups](https://docs.github.com/en/actions/using-github-hosted-runners/about-larger-runners/controlling-access-to-larger-runners) to control which repositories can access such large runners.
35
+
Additionally, your organization needs to have a `GitHub Team` or `GitHub Enterprise Cloud` plan to be able to use such a `macOS large runner`
36
+
(which is now the case for all Eclipse projects hosted on GitHub as of 2024), otherwise workflows using such a runner will fail to run.
37
+
Once your organization is eligible to use large runners, you probably want to control the access to such runners for the repositories in your organization
38
+
to avoid surprises when you receive your next invoice.
39
+
GitHub offers a convenient way to define [runner groups](https://docs.github.com/en/actions/using-github-hosted-runners/about-larger-runners/controlling-access-to-larger-runners)
40
+
to control which repositories can access such large runners.
41
+
42
+
### What the ...
36
43
37
-
<br/>
38
44
Unfortunately, such runner groups can only be defined for `linux` and `windows` runners, there is simply no way to prevent that `macOS large runners` are being used by any of your repositories once their use is configured in a workflow as described above.
39
45
This poses a problem for non-profit organizations (like the [Eclipse Foundation](https://www.eclipse.org)) that host a lot of projects and their associated repositories on GitHub as it might result in higher than expected billing expenses as some projects try using such large runners
40
46
to speed up their workflows without realizing the consequences.
41
47
42
48
<br/>
43
49
While it is possible to monitor the incurred costs of using GitHub Action minutes, this is a tedious and manual task and requires communication with projects to change their workflows if occurrences have been identified.
44
50
45
-
<br/>
51
+
### Gaming the system
52
+
46
53
The idea was born to add some automation to prevent the execution of workflows on such `macOS large runners` unless the project / repository is entitled to use such a runner.
47
54
48
55
<br/>
@@ -55,7 +62,8 @@ After studying the available [GitHub Rest API](https://docs.github.com/en/rest?a
55
62
<br/>
56
63
To receive the necessary webhook events from GitHub in case a workflow is being queued to run, you have to set up an organization or repository webhook, listen for the event and apply the logic.
57
64
58
-
<br/>
65
+
### All good
66
+
59
67
At the [Eclipse Foundation](https://www.eclipse.org) we are operating an open-source project called [Otterdog](https://github.com/eclipse-csi/otterdog) in order to configure our numerous organizations and repositories hosted on GitHub at scale.
60
68
This tool is effectively a GitHub App and is installed for all our projects / organizations on GitHub and already can listen to various events sent from GitHub. So naturally we added the above logic to this tool and allowed to define
61
69
which organizations are allowed to use such large runners via a configuration file (see [this](https://github.com/eclipse-tractusx/.eclipsefdn/blob/main/otterdog/policies/macos_large_runners.yml) example).
0 commit comments