runner/RELEASE-NOTES.md

7.0 KiB

Release Notes

5.0.2

5.0.1

  • Security: the /opt/hostedtoolcache directory is now unique to each job instead of being shared to avoid a risk of corruption. It is still advertised in the RUNNER_TOOL_CACHE environment variable. Custom container images can be built to pre-populate this directory with frequently used tools and some actions (such as setup-go) will benefit from that.

5.0.0

4.0.1

4.0.0

3.5.1

3.5.0

3.4.1

  • Fixes a regression introduced in 3.4.0 by which a job with no image explicitly set would be bound to the host network instead of a custom network (empty string in the configuration file).

3.4.0

Although this version is able to run actions/upload-artifact@v4 and actions/download-artifact@v4, these actions will fail because it does not run against GitHub.com. A fork of those two actions with this check disabled is made available at:

and they can be used as shown in an example from the end-to-end test suite.

  • When running against codeberg.org, the default poll frequency is 30s instead of 2s.
  • Fix compatibility issue with actions/{upload,download}-artifact@v4.
  • Upgrade ACT v1.20.0 which brings:
    • [container].options from the config file is exposed in containers created by the workflows
    • the expressions in the value of jobs.<job-id>.runs-on are evaluated
    • fix a bug causing the evaluated expression of jobs.<job-id>.runs-on to fail if it was an array
    • mount act-toolcache:/opt/hostedtoolcache instead of act-toolcache:/toolcache
    • a few improvements to the readability of the error messages displayed in the logs
    • amd64 can be used instead of x86_64 and arm64 intead of aarch64 when specifying the architecture
    • fixed YAML parsing bugs preventing dispatch workflows to be parsed correctly
    • add support for runs-on.labels which is equivalent to runs-on followed by a list of labels
    • the expressions in the service ports and volumes values are evaluated
    • network aliases are only supported when the network is user specified, not when it is provided by the runner
  • If [runner].insecure is true in the configuration, insecure cloning actions is allowed

3.3.0

  • Support IPv6 with addresses from a private range and NAT for docker:// with --enable-ipv6 and [container].enable_ipv6 lxc:// always

3.2.0

3.1.0

The self-hosted label that was hardwired to be a LXC container running debian:bullseye was reworked and documented (user guide and admin guide).

There now are two different schemes: lxc:// for LXC containers and host:// for running directly on the host.

  • Support the host:// scheme for running directly on the host.
  • Support the lxc:// scheme in labels
  • Update code.forgejo.org/forgejo/act v1.14.0 to implement both self-hosted and LXC schemes

3.0.3

3.0.2

3.0.1

3.0.0

  • Publish a rootless OCI image
  • Refactor the release process

2.5.0

2.4.0

2.3.0