ZSoftly Cloud Platform
Professional Services

Managed CI/CD Runners

Managed GitHub Actions, GitLab, and Bitbucket runners in your cloud or ours.

Overview

We run and maintain GitHub Actions, GitLab, and Bitbucket runners in your cloud or ours, so your team stops managing runner infrastructure.

This service is designed for teams that need runner control, regional placement, security boundaries, or platform ownership without building a full platform team.

What this service covers

  • Runner installation and configuration
  • Autoscaling, updates, and security baselines
  • Monitoring, logs, and usage visibility
  • Operational support for GitHub, GitLab, and Bitbucket runners

Fit Check

Use these two lists to decide if managed runners are the right service.

This is for you if

  • You run GitHub Actions or GitLab CI at scale and self-hosting is becoming noisy.
  • You need runners in specific regions for latency, compliance, or cost control.
  • You want ephemeral, locked-down runners without building a platform team.
  • You already use AWS, Azure, GCP, or on-prem and want builds to stay inside it.

This is not for you if

  • You only want the cheapest per-minute runner price.
  • You are fine maintaining long-lived runners yourself.

What We Manage

Runner installation and configuration

Autoscaling logic and capacity rules

OS and runner updates

Image hardening and security baselines

Monitoring, logs, and usage visibility

What You Control

Cloud account and billing

For Custom Install, you own provider billing and account boundaries.

IAM, networking, and encryption keys

What jobs can run and where

Source code, secrets, and artifacts

How It Works

1

Choose

Platform, region, and limits

2

Deploy

We set up infrastructure with Terraform or Kubernetes

3

Register

You register runners with scoped tokens you control

4

Run

Jobs execute on ephemeral compute

5

Destroy

Runners are destroyed after jobs complete

Security Features

  • Ephemeral runners by default
  • No SSH access
  • Minimal base images
  • Network isolation per environment
  • Logs and metrics shipped to your tools or ours
  • Optional egress controls

Use Cases

Regulated Teams

Run builds in specific regions with your IAM and keys.

Private Infrastructure

Build and deploy to private clusters without opening inbound access.

Platform Teams

Stop spending time patching and debugging runners.

Migration Projects

Move from Jenkins to GitHub or GitLab with runners ready on day one.

FAQ

Who pays for cloud compute?

You do, directly to your cloud provider, for Custom Install. This gives you full visibility and control over costs.

Do you see our code or secrets?

No. Everything runs in your environment using your access controls. We only receive metrics and log summaries for monitoring.

Can we restrict outbound access?

Yes, with network policies and routing controls. We can configure egress filtering based on your security requirements.

Do you support audits?

We provide logs, architecture docs, and control explanations. Many of our customers are SOC 2 and HIPAA compliant.

Can we start small?

Yes, with a single environment and scale when ready.

Related pages

DevOps & CI/CD Continuous Deployment Jenkins Migration