When building internal developer tools or custom workflows, many teams turn to GitHub Actions. However, GitHub Actions Marketplace apps are often built for public use, which can raise security or privacy concerns for private/internal workflows.
But did you know that you can deploy your own private GitHub Actions app for free? In this guide, we’ll show you how to deploy an app on GitHub Actions Marketplace that only you and your team can use, while keeping it secure and private.
Step 1: Create Your GitHub Action App
Start by building a custom GitHub Action. For this example, let’s assume you’re creating a code quality checker action that integrates with your CI/CD pipeline.
In your repo, create a simple action by setting up a directory with an action.yml file.
name: "Code Quality Checker"
description: "Runs static analysis on code"
inputs:
files:
description: "Files to analyze"
required: true
runs:
using: "node12"
steps:
- run: "npm run lint"
working-directory: ${{ github.workspace }}
Once your action is set up, push it to your GitHub repository.
Step 2: Prepare the App for the Marketplace
Now, let’s get this action ready to deploy as a GitHub Marketplace app:
- Navigate to your GitHub account or organization.
- Go to Settings → Developer Settings → GitHub Apps.
- Click New GitHub App.
- Name the app and configure its permissions. You can specify what the app should be able to access (e.g., repos, workflows).
- Select Private for visibility, meaning only users you authorize can install it.
Step 3: Deploy Your GitHub Actions App
After setting up the GitHub App, it’s time to deploy it to the marketplace:
- In the App Settings of your GitHub App, select Add to Marketplace.
- Choose Private visibility and specify the owner (usually your GitHub organization).
- Generate a private key for the app and store it securely.
- The app is now live in the GitHub Marketplace, but only accessible to authorized users.
Step 4: Install the App Privately
To install the app privately for your own use (and share with your team), follow these steps:
- Go to the GitHub Marketplace page for your app.
- Select Install App (only available to users with access to the app).
- You can now use the app in your workflows by referencing it directly:
name: "CI Pipeline"
on: [push]
jobs:
quality-check:
runs-on: ubuntu-latest
steps:
- uses: your-username/your-private-action@v1
with:
files: "src/**/*.js"
This app will now only be accessible in workflows from authorized users with access to the GitHub repository, keeping everything secure and private.
Step 5: Maintain and Update Your Action
You can continue to push updates to the action in your GitHub repository, and users can automatically get the latest version when they update the action reference in their workflows.
Make sure to:
- Update the
versiontag when you push new releases. - Test your updates internally before making them available to your team.
✅ Pros:
- 🔐 Keeps your tools private and secure within your team or organization
- 💡 Easy way to build and share custom CI/CD tools internally
- 🚀 Automatically integrates with GitHub workflows
- 🆓 No extra costs to use — you’re just using GitHub’s infrastructure
⚠️ Cons:
- ⚙️ More complex than using third-party CI/CD tools or pre-built actions
- 🔒 Permissions and security need to be managed carefully to avoid leaks
- 🧑💻 Updates to GitHub Apps and Actions can require maintenance
Summary
By deploying a private GitHub Actions app to the GitHub Marketplace, you can easily share custom CI/CD workflows with your team without any third-party dependencies. Whether it's for internal tools, custom linting, or deployment actions, this approach gives you full control over your build pipeline, while keeping everything secure and under your organization’s ownership. The best part? It’s free to deploy and use.
If this was helpful, you can support me here: Buy Me a Coffee ☕
Top comments (0)