actions · TingluoHuang · Nov 28, 2023 · Nov 28, 2023
@@ -7,6 +7,7 @@ Make sure the runner has access to actions service for github.com or GitHub Ente
 
 - For github.com
   - The runner needs to access `https://api.github.com` for downloading actions.
+  - The runner needs to access `https://codeload.github.com` for downloading actions tar.gz/zip.
   - The runner needs to access `https://vstoken.actions.githubusercontent.com/_apis/.../` for requesting an access token.
   - The runner needs to access `https://pipelines.actions.githubusercontent.com/_apis/.../` for receiving workflow jobs.
   ---
@@ -16,19 +17,22 @@ Make sure the runner has access to actions service for github.com or GitHub Ente
 
     ```
     curl -v https://api.github.com/zen
+    curl -v https://codeload.github.com/_ping
     curl -v https://vstoken.actions.githubusercontent.com/_apis/health
     curl -v https://pipelines.actions.githubusercontent.com/_apis/health
     ```
 
 - For GitHub Enterprise Server
   - The runner needs to access `https://[hostname]/api/v3` for downloading actions.
+  - The runner needs to access `https://codeload.[hostname]/_ping` for downloading actions tar.gz/zip.
   - The runner needs to access `https://[hostname]/_services/vstoken/_apis/.../` for requesting an access token.
   - The runner needs to access `https://[hostname]/_services/pipelines/_apis/.../` for receiving workflow jobs.
 
   These can by tested by running the following `curl` commands from your self-hosted runner machine, replacing `[hostname]` with the hostname of your appliance, for instance `github.example.com`:
 
     ```
     curl -v https://[hostname]/api/v3/zen
+    curl -v https://codeload.[hostname]/_ping
     curl -v https://[hostname]/_services/vstoken/_apis/health
     curl -v https://[hostname]/_services/pipelines/_apis/health
     ```
@@ -44,6 +48,10 @@ Make sure the runner has access to actions service for github.com or GitHub Ente
 - Ping api.github.com or myGHES.com using dotnet
 - Make HTTP GET to https://api.github.com or https://myGHES.com/api/v3 using dotnet, check response headers contains `X-GitHub-Request-Id`
 ---
+- DNS lookup for codeload.github.com or codeload.myGHES.com using dotnet
+- Ping codeload.github.com or codeload.myGHES.com using dotnet
+- Make HTTP GET to https://codeload.github.com/_ping or https://codeload.myGHES.com/_ping using dotnet, check response headers contains `X-GitHub-Request-Id`
+---
 - DNS lookup for vstoken.actions.githubusercontent.com using dotnet
 - Ping vstoken.actions.githubusercontent.com using dotnet
 - Make HTTP GET to https://vstoken.actions.githubusercontent.com/_apis/health or https://myGHES.com/_services/vstoken/_apis/health using dotnet, check response headers contains `x-vss-e2eid`

@@ -58,11 +58,20 @@ public async Task<bool> RunCheck(string url, string pat)
                 actionsPipelinesServiceUrl = urlBuilder.Uri.AbsoluteUri;
             }
 
+            var codeLoadUrlBuilder = new UriBuilder(url);
+            codeLoadUrlBuilder.Host = $"codeload.{codeLoadUrlBuilder.Host}";
+            codeLoadUrlBuilder.Path = "_ping";
+
             // check github api
             checkTasks.Add(CheckUtil.CheckDns(githubApiUrl));
             checkTasks.Add(CheckUtil.CheckPing(githubApiUrl));
             checkTasks.Add(HostContext.CheckHttpsGetRequests(githubApiUrl, pat, expectedHeader: "X-GitHub-Request-Id"));
 
+            // check github codeload
+            checkTasks.Add(CheckUtil.CheckDns(codeLoadUrlBuilder.Uri.AbsoluteUri));
+            checkTasks.Add(CheckUtil.CheckPing(codeLoadUrlBuilder.Uri.AbsoluteUri));
+            checkTasks.Add(HostContext.CheckHttpsGetRequests(codeLoadUrlBuilder.Uri.AbsoluteUri, pat, expectedHeader: "X-GitHub-Request-Id"));
+
             // check actions token service
             checkTasks.Add(CheckUtil.CheckDns(actionsTokenServiceUrl));
             checkTasks.Add(CheckUtil.CheckPing(actionsTokenServiceUrl));