How come this repo doesn't dogfood its own runners in its github actions ?

[nitrocode]

Nice set of modules. I was checking it out as I recently ran into this issue actions/setup-python#162. I realized that the Philips's modules also create an ASG and use Amazon Linux 2.

I looked at your workflows and they all use ubuntu-latest instead of self-hosted. Why not dogfood the runners for this public repo ?

[ingledl]

Because it's a public repo:

We recommend that you only use self-hosted runners with private repositories. This is because forks of your repository can potentially run dangerous code on your self-hosted runner machine by creating a pull request that executes the code in a workflow.

https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories

[nitrocode]

Fascinating. This would be good to document in the README. If I was to add this in a PR, would it be accepted?

[npalm]

Please feel free to update the PR with this note. And indeed for that reason we not running on self-hostd but on public.