You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
title: Configure self-hosted runners for enterprise use
4
+
metadata:
5
+
title: Configure self-hosted runners for enterprise use
6
+
description: Learn how to set up, manage, and secure self-hosted GitHub Actions runners for enterprise workflows, including labels, proxies, networking, and monitoring strategies.
title: Control access and usage of actions in your enterprise
4
+
metadata:
5
+
title: Control access and usage of actions in your enterprise
6
+
description: Learn how to manage which GitHub Actions can be used within your enterprise, including configuring allowed actions policies, internal actions, and managing access to marketplace or third-party actions.
description: Learn the key differences between GitHub Enterprise Cloud (GHEC) and GitHub Enterprise Server (GHES), including how user accounts are managed, data residency options, and security features.
- content: "What actions can you take at enterprise level to manage the use of GitHub Actions in your enterprise instance?"
18
-
choices:
19
-
- content: "Create workflow templates"
20
-
isCorrect: false
21
-
explanation: "Incorrect. Workflow templates are created at organizational level."
22
-
- content: "Configure a GitHub Actions use policy"
23
-
isCorrect: true
24
-
explanation: "Correct. GitHub Actions use policies enable you to restrict access to GitHub Actions to specific organizations in your instance."
25
-
- content: "Manually sync public actions in Enterprise Cloud"
26
-
isCorrect: false
27
-
explanation: "Incorrect. Public actions are automatically synced in Enterprise Cloud. Only with Enterprise Server do you have the possibility to manually sync public actions instead of automatically."
28
-
- content: "What actions can you take to configure self-hosted runners for your enterprise use?"
29
-
choices:
30
-
- content: "Create and add custom labels to your runners"
31
-
isCorrect: true
32
-
explanation: "Correct. Custom labels can be used when you need to run jobs on runners that have specific capabilities."
33
-
- content: "Add proxy configurations to your runners after they start."
34
-
isCorrect: false
35
-
explanation: "Incorrect. If you need a self-hosted runner to communicate with GitHub via a proxy server, you must add all proxy configurations to your runner before starting it."
36
-
- content: "Add the IP address or IP address range of your runners at repository level."
37
-
isCorrect: false
38
-
explanation: "Incorrect. If your organization has configured an IP allowlist, you must add the IP address or IP address range of your self-hosted runners to the IP allowlist. IP allowlists are found in an organization's Settings."
39
-
- content: "What are encrypted secrets?"
40
-
choices:
41
-
- content: "Encrypted secrets are authentication tokens you can generate in your account settings."
42
-
isCorrect: false
43
-
explanation: "Incorrect. The authentication tokens you can create in your account settings are personal access tokens (PATs)."
44
-
- content: "Encrypted secrets are the equivalent of SSH keys in GitHub."
45
-
isCorrect: false
46
-
explanation: "Incorrect. SSH keys are also called SSH keys in GitHub."
47
-
- content: "Encrypted secrets are encrypted environment variables you can create to store sensitive information."
48
-
isCorrect: true
49
-
explanation: "Correct. Once created, encrypted secrets become available for use in your workflows and actions at the level at which they were created (organization or repository)."
17
+
- content: "Which of the following is a feature unique to GitHub Enterprise Cloud (GHEC)?"
18
+
choices:
19
+
- content: "Requires on-premises deployment and infrastructure management"
20
+
isCorrect: false
21
+
explanation: "Incorrect. This describes GitHub Enterprise Server (GHES), not GHEC. GHEC is hosted and managed by GitHub in the cloud."
22
+
- content: "Provides centralized user management with identity provider integration"
23
+
isCorrect: true
24
+
explanation: "GHEC supports centralized user management and integrates with identity providers using SAML (for SSO) and SCIM (for user provisioning), which is a key feature of cloud-hosted enterprise solutions."
25
+
- content: "Must be installed and maintained by the organization's IT team"
26
+
isCorrect: false
27
+
explanation: "Incorrect. GHEC is maintained by GitHub and requires no installation or infrastructure management by the organization."
28
+
- content: "Operates entirely within a private cloud environment"
29
+
isCorrect: false
30
+
explanation: "Incorrect. GHEC operates in GitHub’s public cloud infrastructure, not a private cloud."
31
+
32
+
- content: "What actions can you take at enterprise level to manage the use of GitHub Actions in your enterprise instance?"
33
+
choices:
34
+
- content: "Create workflow templates"
35
+
isCorrect: false
36
+
explanation: "Incorrect. Workflow templates are created at organizational level."
37
+
- content: "Configure a GitHub Actions use policy"
38
+
isCorrect: true
39
+
explanation: "Correct. GitHub Actions use policies enable you to restrict access to GitHub Actions to specific organizations in your instance."
40
+
- content: "Manually sync public actions in Enterprise Cloud"
41
+
isCorrect: false
42
+
explanation: "Incorrect. Public actions are automatically synced in Enterprise Cloud. Only with Enterprise Server do you have the possibility to manually sync public actions instead of automatically."
43
+
44
+
- content: "What actions can you take to configure self-hosted runners for your enterprise use?"
45
+
choices:
46
+
- content: "Create and add custom labels to your runners"
47
+
isCorrect: true
48
+
explanation: "Correct. Custom labels can be used when you need to run jobs on runners that have specific capabilities."
49
+
- content: "Add proxy configurations to your runners after they start."
50
+
isCorrect: false
51
+
explanation: "Incorrect. If you need a self-hosted runner to communicate with GitHub via a proxy server, you must add all proxy configurations to your runner before starting it."
52
+
- content: "Add the IP address or IP address range of your runners at repository level."
53
+
isCorrect: false
54
+
explanation: "Incorrect. If your organization has configured an IP allowlist, you must add the IP address or IP address range of your self-hosted runners to the IP allowlist. IP allowlists are found in an organization's Settings."
55
+
56
+
- content: "What are encrypted secrets?"
57
+
choices:
58
+
- content: "Encrypted secrets are authentication tokens you can generate in your account settings."
59
+
isCorrect: false
60
+
explanation: "Incorrect. The authentication tokens you can create in your account settings are personal access tokens (PATs)."
61
+
- content: "Encrypted secrets are the equivalent of SSH keys in GitHub."
62
+
isCorrect: false
63
+
explanation: "Incorrect. SSH keys are also called SSH keys in GitHub."
64
+
- content: "Encrypted secrets are encrypted environment variables you can create to store sensitive information."
65
+
isCorrect: true
66
+
explanation: "Correct. Once created, encrypted secrets become available for use in your workflows and actions at the level at which they were created (organization or repository)."
67
+
68
+
- content: What is a key benefit of using **reusable workflows** in GitHub Actions?
69
+
choices:
70
+
- content: Prevents any external contributors from running workflows
71
+
isCorrect: false
72
+
explanation: Reusable workflows improve standardization, but they do not automatically block external contributors. Security settings must be configured separately.
73
+
- content: Reduces redundancy and maintenance overhead
74
+
isCorrect: true
75
+
explanation: Reusable workflows help avoid repetitive configuration across multiple repositories, reducing maintenance effort.
76
+
- content: Can only be used in the same repository where they are defined
77
+
isCorrect: false
78
+
explanation: Reusable workflows can be referenced from a different repository, allowing broader reuse.
79
+
- content: Automatically restricts all workflows to internal users
80
+
isCorrect: false
81
+
explanation: GitHub does not enforce internal-only workflow execution unless explicitly configured.
82
+
83
+
- content: What is a primary benefit of using **GitHub-hosted runners** instead of self-hosted runners?
84
+
choices:
85
+
- content: Full control over hardware and software configuration
86
+
isCorrect: false
87
+
explanation: Full control is a feature of self-hosted runners.
88
+
- content: Ability to access internal/private networks
89
+
isCorrect: false
90
+
explanation: GitHub-hosted runners do not have direct access to internal networks.
91
+
- content: Automatic updates for the OS and preinstalled packages
92
+
isCorrect: true
93
+
explanation: GitHub-hosted runners are automatically updated by GitHub, including OS patches and preinstalled tools.
94
+
- content: Custom installation of non-standard software
95
+
isCorrect: false
96
+
explanation: Custom installation is supported with self-hosted runners, not GitHub-hosted ones.
97
+
98
+
- content: What is the best practice when managing **encrypted secrets** in GitHub Actions?
99
+
choices:
100
+
- content: Print secrets in workflow logs to assist with debugging
101
+
isCorrect: false
102
+
explanation: Secrets should never be exposed in logs.
103
+
- content: Use the same secret across all repositories for consistency
104
+
isCorrect: false
105
+
explanation: Sharing the same secret increases security risk and violates the principle of least privilege.
106
+
- content: Limit access by defining secrets at the lowest necessary level
107
+
isCorrect: true
108
+
explanation: Scoping secrets appropriately minimizes exposure and enhances security.
109
+
- content: Store secrets in the GitHub Actions log archive
110
+
isCorrect: false
111
+
explanation: Storing secrets in logs is unsafe and not a recommended practice.
title: Managing and leveraging reusable components in GitHub Actions
4
+
metadata:
5
+
title: Managing and leveraging reusable components in GitHub Actions
6
+
description: Learn how to structure, version, and maintain reusable workflows, custom actions, and scripts across your GitHub Enterprise environment for scalable automation.
0 commit comments