Github Actions - Self-Hosted Token

Hello, Everyone

I want to automate the token of self-hosted in github runner.

Anyone did this?

For example, i have an CI in the Github actions, and i need a connection inside a VPN to log in an repository for make some tests, thats why i used github runner for connect in that repository, soo, i want to automate the generate token of github runner -self hosted, because that token expire after an hour, and in my case, if the POD(github-runner) in k8s as restart, after some days, i need change the secrets (token) again.

Any suggestions?


For some VPN tools, every time when you login to the tool, normally you need to provide a dynamic token. Typically, you need to manually copy the dynamic token from the corresponding token generator to login the VPN tool.

In your case, you may need to check if the VPN tool you are using has the official provided interfaces (such as CLI and API).
If the VPN tool has the official interfaces can be used, you can try this:

  • Install the corresponding packages or SDK for the interfaces on your hosted machine.
  • Write a shell script to execute the related CLI or API to get the latest dynamic token and login the VPN tool.
  • Add a step in your workflow to run the shell script.

With above steps, every time the workflow is running, the runner machine can automatically use the latest dynamic token to login the VPN.

However, if the VPN tool does not have interfaces, we seems have no any available method to do that.

Forget the part of VPN, i just want to automate the token, or set to not expire session anymore, because every week i need upgrade the token in my secrets in Kubernetes, for self-hosted connection continue.


i just want to automate the token, or set to not expire session anymore,

As mentioned above, if the VPN tool does not provide any useful interfaces, we may have no available methods to do that.
For example, the OpenVPN has the OpenVPN Management interface that allows OpenVPN to be administratively controlled from an external program.

What VPN tool are you using? You should go to check whether it has the official provided interface.
If the tool you are using does not has the official interface, I recommend that you can try to report an feature request in the Feedback form of the VPN tool.

Yea i know about Openvpn in Actions, but i cant use in that environment, its only IPSec, a limited security requirements.