EPAR registers and deletes organization-level self-hosted runners through a GitHub App. The app private key stays on the host. Runner instances receive only short-lived registration tokens while they are being configured.
Create a GitHub App in the organization that will own the runners:
- Open the organization settings, then create a new GitHub App.
- Set the app name and homepage URL to values meaningful for your environment. EPAR does not receive webhooks, so no webhook URL is required.
- Under organization permissions, grant Self-hosted runners read and write access.
- Create the app, then install it into the same organization.
- Note the numeric App ID.
- Generate a private key and download the
.pemfile.
Store the private key outside Git. For this repository, .local/github-app.pem is a convenient ignored path.
Set these fields in your ignored config file:
github:
appId: 123456
organization: your-org
privateKeyPath: .local/github-app.pem
apiBaseUrl: https://api.github.com
webBaseUrl: https://github.comgithub.organization must be the organization where the app is installed. privateKeyPath is resolved relative to the project root unless it is absolute.
Image-only commands do not use GitHub credentials. Runner registration, GitHub-backed status, and GitHub cleanup do.
References: