I have set up a self-hosted runner for GitHub Actions. It works fine but I have a step that uses setup-xcode-version and this needs sudo access. So when it gets to this step the terminal running the GitHub Actions runner script prompts me for a password, which holds up the workflow until I enter it.
I've seen there are ways to make sudo passwordless but I don't actually need this step on my self-hosted runner because I control what version of Xcode is available. So for me a simpler and more secure option would be to just check the current runner is self-hosted or not and skip the step accordingly.
e.g. something that looks like this:
- name: Xcode
id: setup_xcode
if: contains(runner.labels, 'self-hosted')
uses: maxim-lobanov/setup-xcode@v1
with:
xcode-version: 14.3.1
Unfortunately it looks like the runner context does not include any labels. Is there some way I can achieve this check?
My runner is Apple Silicon whereas right now GitHub Actions macOS runners will presumably always be Intel, but that's not reliable enough. I suppose I could ensure my self-hosted runner names all contain a "self-hosted" keyword and check for that, but that's a bit of a hack. For now this is what I'm using and it seems to work but it relies on people remembering to include the right keyword in the runner name:
${{ !contains(runner.name, 'MyKeyword') }}
I also asked this on GitHub.