RunWatch

Self-hosted runners, without the babysitting.

RunWatch is a desktop app for GitHub Actions self-hosted runners: install them over SSH without ever copying a registration token, and watch health, capacity, and logs across your whole fleet — live.

Free for individuals · no account required · open source (Apache-2.0)

RunWatch fleet view showing runner status, health, and capacity across servers
Fleet view — 30-second install-to-online demo coming here.

How it works

1 Connect

Add a GitHub account with a fine-grained PAT and point RunWatch at your servers over SSH. Host keys are verified on first use, and credentials go straight into your OS keychain.

Adding a server and testing the SSH connection in RunWatch

2 Install

Pick a repo or org, choose labels, and RunWatch downloads, registers, and starts the runner as a service. You never see — let alone copy-paste — a registration token.

Installing a runner from RunWatch without copying a registration token

3 Watch

A live fleet view shows online/busy state, disk and _work bloat, version drift, and per-label queue pressure — with notifications the moment a runner goes offline or a pool saturates.

Per-runner health signals and label-pool capacity in RunWatch

Local-first, by architecture

  • No account. RunWatch needs no sign-up and works offline. Download it, connect your things, done.
  • Credentials never leave your machine. PATs and SSH keys live in the macOS Keychain, Windows Credential Manager, or Secret Service — not in our cloud, because there isn't one.
  • Nothing phones home. The only network calls are the ones you configure: GitHub's API and SSH to your own servers.

Pricing

RunWatch is free and unlimited for individuals, forever. A per-seat team tier — shared runner inventory, roles, audit log — is on the roadmap. Core management and health will never be paywalled.

FAQ

What GitHub permissions does it need?

A fine-grained PAT scoped to just what runner management needs: repository Administration (read/write) for repo-level runners, or the organization Self-hosted runners permission for org-level ones, plus read access to Actions for queue visibility. The app shows exactly which capability is missing when a call is denied — no over-scoped classic tokens.

Is it open source?

Yes — the desktop app is open source under Apache-2.0. The optional team-sync backend (in development) is a hosted service and stays closed; nothing local depends on it.

Why not just scripts and the gh CLI?

You can — that's how most fleets start. RunWatch is for when the pet scripts grow teeth: strict host-key checking instead of ssh -o StrictHostKeyChecking=no, registration without token copy-paste, idempotent installs, and health you can see instead of health you remember to check.

Why does my OS warn me during install?

Pre-1.0 builds are not yet code-signed, so macOS and Windows show an unidentified-developer warning. The workarounds are on the release page, and signing/notarization is tracked publicly.

Does it support GitLab or other CI providers?

Not yet — GitHub Actions first. GitLab is tracked as an expansion path once the GitHub experience is solid.