Configuring runners for GitHub Copilot code review

Use self-hosted runners or larger GitHub-hosted runners for Copilot code review.

In this article

About GitHub Actions usage for code review tools

Copilot code review uses GitHub Actions to run the agentic capabilities, including full project context gathering and any capabilities in public preview. By default, Copilot code review uses GitHub-hosted runners. Actions minutes are consumed from your account or organization's existing plan entitlement for reviews on private repositories, with any usage beyond your included minutes billed at standard GitHub Actions rates.

If your organization has disabled GitHub-hosted runners, the agentic capabilities will not be available. In this case, code reviews will fall back to a more limited review. Organizations in this situation can use self-hosted runners.

You can also upgrade to larger GitHub-hosted runners for better performance.

Configure self-hosted runners for code review

Run Copilot code review using self-hosted GitHub Actions runners with ARC (Actions Runner Controller). You must first set up ARC-managed scale sets in your environment. For more information on ARC, see Actions Runner Controller.

Warning

ARC is the only officially supported solution for self-hosting Copilot code review. For security reasons, do not use non-ARC self-hosted runners.

Copilot code review is only compatible with Ubuntu x64 Linux runners.

To configure self-hosted runners for Copilot code review:

  1. Configure network security controls for your GitHub Actions runners to ensure that Copilot code review does not have open access to your network or the public internet.

    You must configure your firewall to allow connections to the standard hosts required for GitHub Actions self-hosted runners, plus the following hosts:

    • api.githubcopilot.com
    • uploads.github.com
    • user-images.githubusercontent.com

  2. In your copilot-setup-steps.yml file, set the runs-on attribute to your ARC-managed scale set name. For more information, see Configure the development environment.

    # ...

jobs:
  copilot-setup-steps:
    runs-on: arc-scale-set-name
    # ...

Upgrade to larger GitHub-hosted GitHub Actions runners

By default, Copilot code review runs on a standard GitHub Actions runner. Larger runners provide better performance (CPU and memory), more disk space, and advanced features like Azure private networking. See Larger runners.

Note

Usage of larger GitHub-hosted runners is billed at a higher per-minute rate. For more information, see GitHub Actions billing.

  1. Set up larger runners for your organization. See Managing larger runners.

  2. If you are using larger runners with Azure private networking, configure your Azure private network to allow outbound access to the following hosts:

    • api.githubcopilot.com
    • uploads.github.com
    • user-images.githubusercontent.com

  3. In your copilot-setup-steps.yml file, set the runs-on attribute to the label for the larger runners you want Copilot code review to use. See Running jobs on larger runners.

    # ...

jobs:
  copilot-setup-steps:
    runs-on: ubuntu-4-core
    # ...

Configure runners at the organization level

Organization owners can set a default runner type for Copilot code review and Copilot cloud agent across all repositories in the organization, and control whether individual repositories can override this default.

Note

The organization-level runner type applies to both Copilot code review and Copilot cloud agent. Repositories can still override the organization default using copilot-setup-steps.yml unless you disable Allow repositories to customize the runner type. For more information, see Configuring runners for GitHub Copilot cloud agent in your organization.

This is useful if your organization requires all code reviews and cloud agent tasks to run on specific runners, for example, to use larger runners for better performance or self-hosted runners that have access to internal resources.

  1. In the upper-right corner of GitHub, click your profile picture, then click Organizations.

  2. Select an organization by clicking on it.

  3. Under your organization name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.

    Screenshot of the tabs in an organization's profile. The "Settings" tab is outlined in dark orange.

  4. In the sidebar, under "Code, planning, and automation," click Copilot, and then click Runner type.

  5. Next to "Runner type configuration," click .

  6. In the "Edit runner type" dialog, select the runner type to use by default across your organization, then click Save runner selection.

    • Standard GitHub runner: Copilot code review and Copilot cloud agent will use the standard GitHub-hosted runner.
    • Labeled runner: Copilot code review and Copilot cloud agent will use a runner matching the label you specify.

  7. Optionally, to prevent individual repositories from overriding the organization-level runner configuration using their copilot-setup-steps.yml file, disable Allow repositories to customize the runner type.