Self-hosted GitHub Runner(s) Registration Token

This entry is part 3 of 12 in the series Scalable Self-Hosted GitHub Runners on AWS Cloud

Scalable Self-Hosted GitHub Runners on AWS Cloud

Architecture Overview and Infrastructure Components

Self-hosted GitHub Runner(s) Registration Token

Hosting the Runner Docker Artifacts on CodeCommit

Build/Push Runner Image using CodeBuild

EventBus and Schema Discover for Webhook Events

Testing the Final Infrastructure

The docker container entrypoint script executes a start-up command to register the runner to an GitHub Enterprise/Organization/Repository using a Classic Personal Access Token (PAT) which has been assigned the required access privileges.

For the following examples, the assumption is that a PAT is being generated by an administrator of an organization named foo-organisation, i.e, the GitHub URL for the org is would be: https://github.com/foo-organisation.

Generating a PAT

Login to Github using an account with administrator privileges to foo-organisation
Navigate to Settings -> Developer Settings --> Personal access tokens --> Tokens (classic)
Select Generate new token (classic)
Enter a description for the Note input box
Ensure the scope admin:org is selected

Finally, click on Generate token
Note down the token and/or store in a secure location (device encrypted at rest)

Scalable Self-Hosted GitHub Runners on AWS Cloud

Architecture Overview and Infrastructure Components

ECR Runner Image Repository

Self-hosted GitHub Runner(s) Registration Token

Hosting the Runner Docker Artifacts on CodeCommit

Build/Push Runner Image using CodeBuild

Scalable ECS Cluster

EventBus and Schema Discover for Webhook Events

ECS Runner Task Definition

Lambda Function URL

GitHub Webhook

EventBridge Rule

Testing the Final Infrastructure

Generating a PAT

Scalable Self-Hosted GitHub Runners on AWS Cloud