I’m playing with the idea of self-hosting a runner since there is one Action that I need to take (fairly rarely) that runs more than 6h on a 2 core system. Not ideal, but oh well.
In order to minimize the risk I want to completely isolate that runner in its own DMZ, but it’s unclear how the communication between the runner and GitHub works. Is there a document that describes this beyond “it uses https to communiate” - do I need any inbound ports? Or is all communication runner-initiated and all I need is outbound tcp/443?
Any additional documentation on this would be appreciated.