Skip to main content

ADR-015: Use of GitHub Actions Runner Controller in Cloud Platform

Status

❌ Rejected

Context:

Our organisation aimed to implement GitHub Actions Runner Controller within our cloud platform to manage CI/CD processes efficiently for private repositories. This approach was expected to increase autonomy, reduce costs, and avoid limitations set by external CI/CD services.

Decision:

After carefully considering it, we have decided not to implement GitHub Actions Runner Controller on our Cloud Platform. This decision is based on the incompatibility between GitHub Actions’ requirements and our Cloud Platform’s security policies.

  • GitHub Actions Requirement: GitHub Actions necessitates that runners operate as the root user in a Docker environment. This is essential for the correct functioning of GitHub Actions (GitHub Documentation).

  • Cloud Platform Policy: Our Cloud Platform strictly prohibits the creation of pods that operate as the root user or have access to the root file system. This policy is crucial for maintaining the platform’s security and preventing potential vulnerabilities.

Consequences:

  1. Security Maintenance: By adhering to our Cloud Platform’s security policies, we maintain the high-security standards essential for our organization’s operations.

  2. Operational Consistency: This decision ensures consistency in our operational practices and avoids setting a precedent for policy exceptions.

Alternatives Considered:

  1. Policy Exception for GitHub Actions: This was deemed too risky due to the potential security vulnerabilities it could introduce.

  2. Use of External CI/CD Services: Continuation with external CI/CD services like GitHub-hosted runners, albeit with limitations in control and potential cost implications.

  3. Exploring Other CI/CD Tools: Investigating other CI/CD tools that comply with our security policies and can be integrated into our Cloud Platform.

Decision Rationale:

The primary rationale behind this decision is the commitment to maintaining the highest level of security and integrity in our Cloud Platform operations. The potential security risks associated with running GitHub Actions runners as root users are in direct conflict with our established security policies.

Future Considerations:

This decision should be revisited if either GitHub Actions changes its requirements to be more aligned with our security policies, or if our Cloud Platform evolves to accommodate such requirements in a secure manner.

This page was last reviewed on 28 May 2024. It needs to be reviewed again on 28 November 2024 by the page owner #operations-engineering-alerts .
This page was set to be reviewed before 28 November 2024 by the page owner #operations-engineering-alerts. This might mean the content is out of date.