Setup GitHub Actions
GitHub Actions (GHA) are one of the cornerstones of your platform, automating everything from Terraform with Atmos to application build, test and deployment, fully integrated into AWS without any hardcoded, static credentials.
GitHub Actions offer a convenient way to achieve CI/CD automation directly on GitHub, without additional third-party services (e.g. CircleCI or Jenkins). GitHub doesn't charge extra for self-hosting runners, unlike many other platforms, making them an ideal choice for automation. Using self-hosted runners allows them to reside within your private networks, enabling you to manage resources like databases and Kubernetes clusters in private VPCs without exposing them publicly.
Recommended: RunsOn
We recommend RunsOn for self-hosted GitHub runners. RunsOn provides:
- Zero Infrastructure Management
- No EC2 instances, Lambda functions, or Kubernetes clusters to maintain. No patching, scaling, or monitoring required.
- Simple Setup
- Deploy a single Terraform component, install a GitHub App, and start using immediately.
- Cost Effective
- Pay only for what you use with automatic spot instance pricing. No idle infrastructure costs.
- Works Everywhere
- No Kubernetes required. Works with any GitHub repository and supports organization-wide configuration.
Get Started with RunsOn
Deploy self-hosted runners with minimal setup and zero infrastructure management. Setup RunsOn
GitHub OIDC
GitHub OIDC allows your GitHub Actions workflows to assume AWS IAM roles without static credentials. The GitHub OIDC Provider is deployed as part of the Identity layer.
For a detailed explanation of how GitHub OIDC works with AWS, see GitHub OIDC with AWS.
Additional Resources
- Design Decisions - Architecture decisions for self-hosted runners
- Additional Tutorials - Previous runner solutions (Philips Labs, Actions Runner Controller)