Skip to main content
GitHub Actions
CHAPTER 04

GitHub Runners and Execution Environments

Updated: May 15, 2026
20 min read

# CHAPTER 4

GitHub Runners and Execution Environments

1. Introduction

When a GitHub Action triggers, the code doesn't execute in thin air; it runs on a physical computer somewhere in a data center. In the GitHub Actions ecosystem, these computers are called Runners. Understanding how to select, configure, and secure these execution environments is a critical DevOps skill. In this chapter, we will explore the difference between GitHub-hosted runners and Self-hosted runners, and discover how to compile our code on Ubuntu Linux, Microsoft Windows, and macOS—all from the same YAML file.

2. Learning Objectives

By the end of this chapter, you will be able to:
  • Define what a "Runner" is in GitHub Actions.
  • Differentiate between GitHub-hosted and Self-hosted runners.
  • Specify different operating systems using the runs-on keyword.
  • Understand the billing and performance implications of different runner types.
  • Identify scenarios where a Self-hosted runner is mandatory.

3. Beginner-Friendly Explanation

Imagine you need to hire a contractor to build a piece of furniture.
  • GitHub-hosted Runner: You call a rental agency. They send a contractor with a brand-new toolbox to your house. The contractor builds the furniture, throws away the toolbox, and leaves. Tomorrow, you get a completely different contractor. It's clean, easy, and you don't have to manage any tools.
  • Self-hosted Runner: You hire a permanent employee and give them a workshop in your own garage. They use the same tools every day. You have to pay for the garage and clean the tools, but you have total control, and they can access the secret safe inside your house.

4. GitHub-Hosted Runners

By default, GitHub provides the servers for you. These are Virtual Machines (VMs) hosted in Microsoft Azure. Key Features:
  • Ephemeral (Disposable): Every time a job starts, GitHub gives you a brand-new, perfectly clean VM. When the job finishes, the VM is permanently destroyed. This prevents old files from causing bugs.
  • Pre-installed Software: These runners come pre-loaded with hundreds of tools: Docker, Node.js, PHP, Python, Git, and AWS CLI are all ready to use instantly.

Choosing the Operating System: You select the machine using the runs-on keyword inside your job block.

  • runs-on: ubuntu-latest (The industry standard for web apps. Fast and cheap).
  • runs-on: windows-latest (Necessary if building C# .NET desktop apps).
  • runs-on: macos-latest (Mandatory if compiling iOS apps for Apple devices).

5. Self-Hosted Runners

Sometimes, GitHub's cloud servers aren't sufficient. You can install the GitHub Runner software on your own physical server, Raspberry Pi, or private AWS EC2 instance. Why use Self-Hosted?
  1. 1. Network Security: If your company database is behind a strict corporate firewall, GitHub's cloud servers cannot reach it to run database migrations. A self-hosted runner sitting *inside* the firewall can.
  1. 2. Cost: macOS runners on GitHub's cloud are expensive (they consume billing minutes 10x faster than Linux). If you compile iOS apps all day, it's cheaper to buy a physical Mac Mini for your office and use it as a self-hosted runner.
  1. 3. Heavy Compute: If your software requires 64GB of RAM to compile, the standard GitHub-hosted VMs aren't powerful enough.

6. Mini Project: Run Workflow on Specific Environments

Let's see how easy it is to switch operating systems. We will run the same commands on Ubuntu and Windows.

Step-by-Step Walkthrough:

  1. 1. Create .github/workflows/runners-demo.yml.
  1. 2. Paste the following code:

yaml
123456789101112131415 
name: Multi-OS Runner Demo
on: [push]

jobs:
  linux-job:
    runs-on: ubuntu-latest
    steps:
      - name: Print OS Info (Linux)
        run: uname -a # Linux command
        
  windows-job:
    runs-on: windows-latest
    steps:
      - name: Print OS Info (Windows)
        run: systeminfo # Windows command
  1. 3. Commit the file and view the Actions tab.
  1. 4. Observation: GitHub will spin up two completely different servers in the cloud simultaneously. One will execute the Bash command, and the other will execute the PowerShell command!

7. Real-World Scenarios

A medical tech company was building a mobile app with both a backend API (PHP) and an iOS app (Swift). Initially, they tried to build everything using Jenkins on a single Linux server. They realized Linux cannot compile iOS applications; it requires Apple's Xcode software. They migrated to GitHub Actions. They routed their backend tests to ubuntu-latest and their iOS compilation to macos-latest. GitHub Actions seamlessly orchestrated the pipeline across two entirely different hardware architectures in the cloud, eliminating the need for the company to purchase and manage physical Apple hardware.

8. Best Practices

  • Always Default to Ubuntu: Unless you are specifically compiling a Windows Desktop app (.exe) or an Apple app (.ipa), always use ubuntu-latest. Linux runners start up faster, execute scripts faster, and consume the fewest billing minutes on your GitHub account.

9. Security Recommendations

  • Self-Hosted Runner Dangers: NEVER use a self-hosted runner on a public, open-source repository. Because self-hosted runners do not destroy themselves after a job, a malicious user could submit a Pull Request that contains a script like rm -rf / or installs a backdoor. If that runs on your private corporate server, your infrastructure is permanently compromised.

10. Troubleshooting Tips

  • Missing Software: If a workflow runs perfectly on your local laptop but fails on ubuntu-latest with a "Command not found" error, it means the specific software you are using isn't pre-installed on the GitHub runner. You must add a run: step to install it (e.g., run: sudo apt-get install -y specific-tool).

11. Exercises

  1. 1. Why is the "ephemeral" nature of GitHub-hosted runners considered a massive advantage for preventing CI/CD bugs?
  1. 2. Give two specific business scenarios where a company must use a Self-hosted runner instead of a GitHub-hosted runner.

12. FAQs

Q: Can I run a specific version of Ubuntu, like 20.04? A: Yes. While ubuntu-latest currently defaults to Ubuntu 22.04, you can pin it by specifying runs-on: ubuntu-20.04. This is highly recommended for production pipelines to prevent unexpected breakages when GitHub updates the latest tag.

13. Interview Questions

  • Q: Describe the security implications of attaching a Self-hosted runner to a public repository versus a private enterprise repository.
  • Q: Your pipeline requires secure access to an internal corporate database that is not exposed to the public internet. How do you architect the GitHub Actions execution environment to accomplish this deployment securely?

14. Summary

In Chapter 4, we grounded our YAML code in physical reality. We learned that the runs-on keyword determines the exact hardware and operating system that will execute our automation. We explored the immense convenience of GitHub-hosted ephemeral runners, capable of spinning up Linux, Windows, and macOS environments on demand. We also acknowledged their limitations, identifying Self-hosted runners as the necessary solution for highly secure, firewalled, or computationally heavy enterprise environments.

15. Next Chapter Recommendation

We have the cloud computers ready to work. But before they can build our app, they need to download the code. We need to understand how Actions interacts with our repository. Proceed to Chapter 5: Git and GitHub Fundamentals.

Finish this Chapter

Save your progress on your learning path and prepare for coding interview challenges.

Previous Chapter GitHub Actions YAML Syntax
Next Chapter Git and GitHub Fundamentals

Discussion

Join the discussion

Log in or create a free account to participate.

Sort: ·

Explore More

📖 Related Tutorials 4

Related Quizzes 5

🧪 Related Labs 1