Define trusted GitHub actions

Using the GitHub Action Runner Emulation plugin, you can run GitHub actions directly from GitHub, without the need to host the actions locally. First, you must define the actions as trusted.

Note: Administrator or owner permissions required.

To define a GitHub action as trusted:

  1. On the top navigation bar, select a space from the spaces list.

  2. On the Products page, select the product for which you want to define trusted GitHub actions.

  3. On the sidebar, select Settings > Builds.

  4. On the Builds page, in the Allowed github actions field, specify a list of trusted GitHub actions separated by commas. You can use the asterisk * wildcard character to match a set of actions. For example:

    github:actions/setup-java@v2, github:actions/*

    Note: By default, all locally hosted actions are trusted. If you specify one or more local actions in the Allowed github actions field, only those local actions will be trusted.

  5. Click Save.

Back to top

See also: