Configuring Dependabot on self-hosted runners

You can configure self-hosted runners that Dependabot uses to access your private registries and internal network resources.

누가 이 기능을 사용할 수 있나요?

조직 소유자 및 리포지토리 관리자

이 문서의 내용

Prerequisites

  • Dependabot is installed and enabled.
  • GitHub Actions is enabled and in use.

Adding self-hosted runners for Dependabot updates

  1. Provision self-hosted runners, at the repository or organization level. For more information, see 자체 호스팅 실행기 and 자체 호스트형 실행기 추가.
  2. Configure your environment and runners to meet the requirements for Dependabot. See Requirements for using Dependabot with self-hosted runners.
  3. If you are configuring self-hosted runners for your organization, you can create and assign a custom label for your runners. Otherwise, if you are configuring self-hosted runners for a standalone repository, you need to apply the dependabot label. See 자체 호스트형 실행기로 레이블 사용.
  4. Optionally, enable workflows triggered by Dependabot to use more than read-only permissions and to have access to any secrets that are normally available. For more information, see GitHub Actions에서 Dependabot 문제 해결.

Enabling self-hosted runners for Dependabot updates

Once you have configured self-hosted runners for Dependabot updates, you can enable or disable Dependabot updates on self-hosted runners at the organization or repository level.

참고 항목

Disabling and re-enabling the "Dependabot on self-hosted runners" setting does not trigger a new Dependabot run.

For your private repository

  1. GitHub에서 리포지토리의 기본 페이지로 이동합니다.

  2. 리포지토리 이름 아래에서 Settings를 클릭합니다. "설정" 탭이 표시되지 않으면 드롭다운 메뉴를 선택한 다음 설정을 클릭합니다.

    탭을 보여 주는 리포지토리 헤더의 스크린샷. "설정" 탭이 진한 주황색 윤곽선으로 강조 표시됩니다.

  3. 사이드바의 "Security" 섹션에서 Advanced Security 를 클릭합니다.

  4. Under "Dependabot", to the right of "Dependabot on self-hosted runners", click Enable to enable the feature or Disable to disable it.

    참고 항목

    If you do not see the option to enable Dependabot on self-hosted runners, your organization may have configured a policy to restrict actions and self-hosted runners from running in specific repositories. Contact your organization owner for more information.

For your organization

You can enable Dependabot on self-hosted runners for all existing private repositories in an organization. Only repositories already configured to run Dependabot on GitHub Actions will be updated to run Dependabot on self-hosted runners the next time a Dependabot job is triggered.

  1. GitHub의 오른쪽 위 모서리에서 프로필 사진을 클릭한 다음, Your organizations를 클릭합니다.
  2. 조직 옆에 있는 설정을 클릭합니다.
  3. 사이드바의 "Security" 섹션에서 Advanced Security 를 클릭한 다음, Global settings를 클릭합니다.
  4. In the "Dependabot" section, next to "Runner type", click .
  5. Select the "Runner type" dropdown menu, then click Labeled runner and provide any additional information. If you applied a custom label to your self-hosted runners, type that label in the "Runner label" text box.
  6. To enable the feature for all new repositories in the organization, click Save runner selection.