Jit on GitHub self-hosted runners
The Jit self-hosted runner customer script automates the configuration process for running Jit on GitHub self-hosted runners. The advantages of using self-hosted runners include:
- Cost, reducing expenses using your own hardware.
- Scale, not being limited to the GitHub infrastructure for runners.
- Access, accessing repos using whitelist IPs or accessing internal resources like a web app on a staging environment. Self-hosted runners are also very useful for running Scanning Your Web Application for Vulnerabilities (DAST) on a protected app without a public IP or with WAF.
For more information see About self-hosted runners.
The Jit self-hosted runner customer script and its sub-commands can be used to configure GitHub self-hosted runners on the following OS:
- Amazon Linux.
- Ubuntu.
Configuring self-hosted runners
-
Make sure you have installed the prerequisites and cloned the repo.
sudo yum install -y git make git clone https://github.com/jitsecurity/jit-customer-scripts.git cd jit-customer-scripts
sudo apt update sudo apt install -y git make git clone https://github.com/jitsecurity/jit-customer-scripts.git cd jit-customer-scripts
-
If you haven't cloned the repo recently, make sure to update it.
git pull https://github.com/jitsecurity/jit-customer-scripts.git
-
Get the GitHub self-hosted runner token
-
Get the GitHub organization name for your organization.
-
Use the following scripts to automate the process:
make self-hosted-runner amazon runner_token=<runner-token> github_org=<github-organization>
make self-hosted-runner ubuntu runner_token=<runner-token> github_org=<github-organization>
- Answer the questions about the self-hosted runner configurations.
- Restart the EC2 machine. The self-hosted runner automatically initiates after the machine reboots.
- Enter the <runner-token> and <github-organization> values.
Updated about 1 year ago