Find information about GitHub-hosted runners, including their specifications and customization options.
Ranges of GitHub-hosted runners are available for use in public and private repositories.
For lists of available runners, see:
GitHub-hosted Linux runners support hardware acceleration for Android SDK tools, which makes running Android tests much faster and consumes fewer minutes. For more information on Android hardware acceleration, see Configure hardware acceleration for the Android Emulator in the Android Developers documentation.
Note
The -latest runner images are the latest stable images that GitHub provides, and might not be the most recent version of the operating system available from the operating system vendor.
Warning
Beta and Deprecated Images are provided "as-is", "with all faults" and "as available" and are excluded from the service level agreement and warranty. Beta Images may not be covered by customer support.
For public repositories, jobs using the workflow labels shown in the table below will run with the associated specifications. With the exception of single-CPU runners, each GitHub-hosted runner is a new virtual machine (VM) hosted by GitHub. Single-CPU runners are hosted in a container on a shared VM—see GitHub-hosted runners reference. Use of the standard GitHub-hosted runners is free and unlimited on public repositories.
| Virtual machine / container | Processor (CPU) | Memory (RAM) | Storage (SSD) | Architecture | Workflow label |
|---|---|---|---|---|---|
| Linux | 1 | 5 GB | 14 GB | x64 |
ubuntu-slim
|
| Linux | 4 | 16 GB | 14 GB | x64 |
ubuntu-latest,
ubuntu-24.04,
ubuntu-22.04
|
| Windows | 4 | 16 GB | 14 GB | x64 |
windows-latest,
windows-2025,
windows-2025-vs2026 (public preview),
windows-2022
|
| Linux | 4 | 16 GB | 14 GB | arm64 |
ubuntu-24.04-arm,
ubuntu-22.04-arm
|
| Windows | 4 | 16 GB | 14 GB | arm64 |
windows-11-arm
|
| macOS | 4 | 14 GB | 14 GB | Intel |
macos-15-intel,
macos-26-intel
|
| macOS | 3 (M1) | 7 GB | 14 GB | arm64 |
macos-latest,
macos-14,
macos-15,
macos-26
|
For private repositories, jobs using the workflow labels shown in the table below will run on virtual machines with the associated specifications. These runners use your GitHub account's allotment of free minutes, and are then charged at the per minute rates. See Actions runner pricing.
| Virtual Machine | Processor (CPU) | Memory (RAM) | Storage (SSD) | Architecture | Workflow label |
|---|---|---|---|---|---|
| Linux | 1 | 5 GB | 14 GB | x64 |
ubuntu-slim
|
| Linux | 2 | 8 GB | 14 GB | x64 |
ubuntu-latest,
ubuntu-24.04,
ubuntu-22.04
|
| Windows | 2 | 8 GB | 14 GB | x64 |
windows-latest,
windows-2025,
windows-2022
|
| Linux | 2 | 8 GB | 14 GB | arm64 |
ubuntu-24.04-arm,
ubuntu-22.04-arm
|
| Windows | 2 | 8 GB | 14 GB | arm64 |
windows-11-arm
|
| macOS | 4 | 14 GB | 14 GB | Intel |
macos-15-intel,
macos-26-intel
|
| macOS | 3 (M1) | 7 GB | 14 GB | arm64 |
macos-latest,
macos-14,
macos-15,
macos-26
|
Workflow logs list the runner used to run a job. For more information, see Viewing workflow run history.
4203018E-580F-C1B5-9525-B745CECA79EB. If you are building and signing on the same host you plan to test the build on, you can sign with a development provisioning profile. If you do require a static UDID, you can use Intel runners and add their UDID to your Apple Developer account.Single-CPU GitHub-hosted runners are available in both public and private repositories. These runners—specified using the workflow label ubuntu-slim—offer a lower-cost option for running lightweight operations. This type of runner is optimized for automation tasks, issue operations and short-running jobs. They are not suitable for typical heavyweight CI/CD builds.
ubuntu-slim runners execute Actions workflows in Ubuntu Linux, inside a container rather than a full VM instance. When the job begins, GitHub automatically provisions a new container for that job. All steps in the job execute in the container, allowing the steps in that job to share information using the runner's file system. When the job has finished, the container is automatically decommissioned. Each container provides hypervisor level 2 isolation.
Note
The container for ubuntu-slim runners runs in unprivileged mode. This means that some operations requiring elevated privileges—such as mounting file systems, using Docker-in-Docker, or accessing low-level kernel features—are not supported.
A minimal set of tools is installed on the ubuntu-slim runner image, appropriate for lightweight tasks. For details on what software is installed on the ubuntu-slim image, see the README file in the actions/runner-images repository.
Single-CPU runners follow the same concurrency model as other GitHub-hosted standard runners. See Actions limits. The concurrency for the runners is determined by your plan.
The job timeout for single-CPU runners is 15 minutes. If a job reaches this limit, the job is terminated and fails.
Customers on GitHub Team and GitHub Enterprise Cloud plans can choose from a range of managed virtual machines that have more resources than the standard GitHub-hosted runners. These machines are referred to as "larger runners." They offer the following advanced features:
These larger runners are hosted by GitHub and have the runner application and other tools preinstalled.
For more information, see Using larger runners.
The Linux and macOS virtual machines both run using passwordless sudo. When you need to execute commands or install tools that require more privileges than the current user, you can use sudo without needing to provide a password. For more information, see the Sudo Manual.
Windows virtual machines are configured to run as administrators with User Account Control (UAC) disabled. For more information, see How User Account Control works in the Windows documentation.
To get a list of IP address ranges that GitHub Actions uses for GitHub-hosted runners, you can use the GitHub REST API. For more information, see the actions key in the response of the GET /meta endpoint. For more information, see REST API endpoints for meta data.
Windows and Ubuntu runners are hosted in Azure and subsequently have the same IP address ranges as the Azure datacenters. macOS runners are hosted in GitHub's own macOS cloud.
Since there are so many IP address ranges for GitHub-hosted runners, we do not recommend that you use these as allowlists for your internal resources. Instead, we recommend you use larger runners with a static IP address range, or self-hosted runners. For more information, see Using larger runners or Self-hosted runners.
The list of GitHub Actions IP addresses returned by the API is updated once a week.
A GitHub-hosted runner must establish connections to GitHub-owned endpoints to perform essential communication operations. In addition, your runner may require access to additional networks that you specify or utilize within an action.
To ensure proper communications for GitHub-hosted runners between networks within your configuration, ensure that the following communications are allowed.
Note
Some of the domains listed are configured using CNAME records. Some firewalls might require you to add rules recursively for all CNAME records. Note that the CNAME records might change in the future, and that only the domains listed will remain constant.
Needed for essential operations:
github.com
api.github.com
*.actions.githubusercontent.com
Needed for downloading actions:
codeload.github.com
Needed for uploading/downloading job summaries, logs, workflow artifacts, and caches:
results-receiver.actions.githubusercontent.com
*.blob.core.windows.net
Needed for runner version updates:
objects.githubusercontent.com
objects-origin.githubusercontent.com
github-releases.githubusercontent.com
github-registry-files.githubusercontent.com
Needed for retrieving OIDC tokens:
*.actions.githubusercontent.com
Needed for downloading or publishing packages or containers to GitHub Packages:
*.pkg.github.com
pkg-containers.githubusercontent.com
ghcr.io
Needed for Git Large File Storage
github-cloud.githubusercontent.com
github-cloud.s3.amazonaws.com
Needed for jobs for Dependabot updates
dependabot-actions.githubapp.com
Needed for downloading release assets:
release-assets.githubusercontent.com
Needed for VNet:
api.snapcraft.io
GitHub executes actions and shell commands in specific directories on the virtual machine. The file paths on virtual machines are not static. Use the environment variables GitHub provides to construct file paths for the home, workspace, and workflow directories.
| Directory | Environment variable | Description |
|---|---|---|
home |
HOME |
Contains user-related data. For example, this directory could contain credentials from a login attempt. |
workspace |
GITHUB_WORKSPACE |
Actions and shell commands execute in this directory. An action can modify the contents of this directory, which subsequent actions can access. |
workflow/event.json |
GITHUB_EVENT_PATH |
The POST payload of the webhook event that triggered the workflow. GitHub rewrites this each time an action executes to isolate file content between actions. |
For a list of the environment variables GitHub creates for each workflow, see Store information in variables.
Actions that run in Docker containers have static directories under the /github path. However, we strongly recommend using the default environment variables to construct file paths in Docker containers.
GitHub reserves the /github path prefix and creates three directories for actions.
/github/home/github/workspace - Note: GitHub Actions must be run by the default Docker user (root). Ensure your Dockerfile does not set the USER instruction, otherwise you will not be able to access GITHUB_WORKSPACE./github/workflow