How to prevent GitHub Actions workflow being triggered by a forked repository events?

Question

It recently occurred to me that the on pull_request event for GitHub actions can be triggered by absolutely anyone if you have a public repository.

i.e.:

1. Someone clones my repository
2. They add a something.yml file to .github/workflows that runs on the pull_request event
3. They create a pull request

The action that they specify in a pull request is then run. If you have a self-hosted runner then literally any person on the planet can run shell commands on your server in the context of the self-hosted runner's user.

If this works as I think it does, any human on the planet can run arbitrary code on your server simply with a pull request. I tried this and it seems to be the case.

How can I whitelist hooks that actions can be triggered by on a repository? Or otherwise, how can I safely use Github Actions with a public repository and a self-hosted runner. I have seen the warning... I just assumed that I had to be careful not to accept pull requests from unknown provenance.

Answer 1

A configuration option was added to help secure self-hosted runners. If you have a public repository and a self-hosted runner, then you should always enable the option "Require approval for all outside collaborators" as seen in the Actions configuration screen below.

The new default is to require approval for all first-time contributors to run workflows.

However, GitHub still recommends that you do not use self-hosted runners with public repositories. They specifically state self-hosted runners should almost never be used for public repositories on Github As also mentioned on that page is to use CodeOwners to monitor changes to the directory that your workflow files are stored in (.github/workflows).

Answer 2

As far as I know, you cannot. This is how the runners and GitHub Actions was designed to work. If you have a public repository then having a self-hosted runner is really not a good idea. Even the documentation in §Self-hosted runner security with public repositories section mentions:

We recommend that you do not use self-hosted runners with public repositories.

Forks of your public repository can potentially run dangerous code on your self-hosted runner machine by creating a pull request that executes the code in a workflow.

This is not an issue with GitHub-hosted runners because each GitHub-hosted runner is always a clean isolated virtual machine, and it is destroyed at the end of the job execution.

Having that in mind, you have two options:

1. Do not use the self-hosted runner unless you really need it. If you need it then make your repo private.

2. Switch to GitHub-hosted runners.