feat: document GitHub Actions runner config

[vikram-blaxel]

---

Note

Adds a full end-to-end tutorial for running GitHub Actions self-hosted runners on Blaxel ephemeral micro-VMs. Covers Dockerfile setup, entrypoint script, blaxel.toml configuration (including the new diskPercent and [githubRunner] fields), GitHub App installation, and an example workflow. Also documents the new fields in deployment-reference.mdx and registers the page in docs.json.

^{Written by Mendral for commit 582ebef.}

[mendral-app]

Needs attention — 1 issue in 1 file

One critical security bug in the example code: missing GITHUB_WEBHOOK_SECRET silently bypasses signature verification, meaning any unauthenticated request can trigger job execution. This must be fixed before publishing — users will copy this code verbatim.

Prompt for AI agents (all issues)

Check if these issues are valid — if so, understand the root cause of each and fix them.

<assessment>
One critical security bug in the example code: missing `GITHUB_WEBHOOK_SECRET` silently bypasses signature verification, meaning any unauthenticated request can trigger job execution. This must be fixed before publishing — users will copy this code verbatim.
</assessment>

<file name="Jobs/GitHub-actions-runner.mdx">
<issue location="Jobs/GitHub-actions-runner.mdx:232">
When `GITHUB_WEBHOOK_SECRET` is empty, `verifySignature` returns `true`, allowing any unauthenticated request to trigger job execution. The secret is documented as required but the code silently opens the endpoint to everyone when it's missing.
</issue>
</file>

_{Tag @mendral-app with feedback or questions. View session}

[mintlify]

Preview deployment for your docs. Learn more about Mintlify Previews.

Project	Status	Preview	Updated (UTC)
blaxel	🟢 Ready	View Preview	May 28, 2026, 3:25 PM

[mendral-app]

🧪 Testing Guide

What this PR addresses

Adds a new tutorial page documenting how to run GitHub Actions self-hosted runners on Blaxel ephemeral micro-VMs. Also documents two new blaxel.toml configuration fields (diskPercent and [githubRunner]) in the deployment reference, and registers the new page in the docs navigation.

Steps to verify

Since this is a documentation-only change, there's no bug to reproduce. Instead, verify the following:

1. Local docs preview — Run the docs site locally (e.g. mintlify dev or equivalent) and confirm:

   • The new page appears under Tutorials → Jobs → GitHub Actions runner in the sidebar.
   • The page renders without errors (no broken MDX, missing components, etc.).
   • All internal links work: the "Jobs reference" card links to /Jobs/Overview and the "blaxel.toml reference" card links to /deployment-reference.

2. Deployment reference — Open /deployment-reference and confirm:

   • The diskPercent field appears in the [runtime] section with its comment.
   • The [githubRunner] section appears with the repositories field documented.
   • Existing fields are unchanged (no unintended diffs).

3. Content review — Skim the tutorial for:

   • Accuracy of the runs-on label format (<workspace>/<job-name>).
   • The hardcoded RUNNER_VERSION=2.333.0 — confirm this is a current/valid release of actions/runner.
   • Code blocks render correctly (Dockerfile, bash, TOML, YAML).

What to verify (expected behavior)

• The docs site builds and deploys without errors.
• Navigation includes the new "Jobs" group under Tutorials with the "GitHub Actions runner" page.
• The deployment reference accurately reflects the two new configuration fields.
• No regressions to existing pages or navigation structure.

Note

Posted by PR Testing Guide · Tag @mendral-app with feedback.

[mendral-app]

LGTM

The only previously flagged issue — branches: main as a bare scalar — was fixed in 582ebef. The tutorial content, YAML workflow example, shell script, and reference docs all look correct. Good to merge.

_{Tag @mendral-app with feedback or questions. View session}