systems/infrastructure
1
Fork 0
Code Issues 1 Pull requests 16 Activity Actions

Update code.forgejo.org/forgejo/runner Docker tag to v9 - autoclosed #256

Closed
renovate wants to merge 1 commit from renovate/code.forgejo.org-forgejo-runner-9.x into master
pull from: renovate/code.forgejo.org-forgejo-runner-9.x
merge into: systems:master
Conversation 0 Commits 1 Files changed 1 +1 -1
renovate commented 2025-07-31 10:00:36 +01:00
Collaborator
Copy link

This PR contains the following updates:

Package Update Change
code.forgejo.org/forgejo/runner (source) major 7.0.0 -> 9.1.1

Release Notes

forgejo/runner (code.forgejo.org/forgejo/runner)

v9.1.1

Compare Source

Release Notes

  • bug fixes
    • PR: fix: an error from a SKIPPED job does not transform it into a FAILURE
    • PR: fix: artifact cache DB not using indexes for searching
    • PR: fix: RunsOn in jobparser is not used by the runner but it is used by Forgejo [skip cascade]
    • PR: fix: fixes the build on FreeBSD
  • other
    • PR: chore: replace gopkg.in/yaml.v3 with go.yaml.in/yaml/v3
    • PR: chore: merge ACT and runner unit & integration tests together
    • PR: test: run all tests with the data race detector
    • PR: chore: fix 'false positive' data race detection in Id/Number default init
    • PR: test: add an integration test for embedded runner cache
    • PR: chore: when comparing mockery generated files, ignore the version
    • PR: chore: fix data race in reusable workflows with inherited secrets
    • PR: chore: revert mockery v3 update and validate mockery updates
    • PR: chore: cascade forgejo pull request out of the runner branch or PR
    • PR: Update dependency forgejo/runner to v9.1.0
    • PR: chore: go.mod should use the minor version only
    • PR: Update code.forgejo.org/forgejo/runner Docker tag to v9.1.0

v9.1.0

Compare Source

Release Notes

  • features
    • PR: feat: support actions with 'using: node24'
    • PR: feat: fail when using an invalid label during non interactive registration
    • PR: feat: added support for dereferenced map properties
    • PR: feat: support evaluation of concurrency clauses in runner
    • PR: feat: log parsed commands and step summary
    • PR: feat: added info log when container image platform mismatched
    • PR: feat: wait for services to be healthy before starting a job
  • bug fixes
    • PR: fix: report the job as failed when the [runner].timeout expires
    • PR: fix: data race in 'runs-on' expressions causes incorrect job labels during execution
    • PR: fix: race condition in matrix job result state may result in failed jobs being marked as successful
    • PR: fix: ensure unique container names for reusable workflows
    • PR: fix: data race condition causing incorrect shell on a task step if it referenced a matrix variable
    • PR: fix: use a unique random name to derive network and volumes for a job
    • PR: fix: the configuration must not be used as temporary storage
    • PR: fix: container removal is the runner responsibility
    • PR: fix: update reusable workflow input handling
    • PR: fix(security): multline secrets trivially transformed are redacted
    • PR: fix: prevent unintended input replacement in reusable workflows with workflow_dispatch when using workflow_call
    • PR: fix: composite action input pollution
    • PR: fix: prevent space prefix/suffix in runner labels
    • PR: fix: valueMasker concurrent map write
    • PR: fix: short sha has at least four digits
    • PR: fix: amd64 arch to X64 (#​2580)
  • other
    • PR: test: fix data race triggered by testing mocks in TestSetJobResultConcurrency
    • PR: Update module github.com/vektra/mockery/v2 to v3.5.3
    • PR: docs: clarify actions_cache_url_option
    • PR: chore: prevent 'false positive' data race detection with Job.If [skip cascade]
    • PR: Update https://data.forgejo.org/actions/setup-forgejo action to v3.0.2
    • PR: test: fix data race in TestNewParallelExecutor... tests
    • PR: chore: prevent "false positive" data race detection w/ ContainerDaemonSocket
    • PR: test: prevent data race detection in TestActionCache
    • PR: chore: modernize code
    • PR: chore: refactor NewDockerVolumeRemoveExecutor
    • PR: chore: panic if a random name cannot be created
    • PR: Update module github.com/golangci/golangci-lint/v2/cmd/golangci-lint to v2.4.0
    • PR: chore: require Go v1.24
    • PR: chore: integration tests can run for more than 10 minutes
    • PR: chore: use t.Context for tests, activate usetesting for lint + add t.TempDir and t.Chdir
    • PR: chore(tests): differentiate 'failed to copy content' errors
    • PR: chore: set the Kind/Chore label on dependencies upgrades
    • PR: Update module github.com/imdario/mergo to v1
    • PR: Update module github.com/vektra/mockery/v2 to v3
    • PR: Update code.forgejo.org/forgejo/runner Docker tag to v9
    • PR: chore: remove the alpha quality warning, it is secure enough to be used in production
    • PR: Update module golang.org/x/term to v0.34.0
    • PR: Update module github.com/docker/go-connections to v0.6.0
    • PR: chore: "unable to get git repo" is a debug message, not a warning
    • PR: Update dependency go to v1.24
    • PR: chore: cancel context used in CI when running workflows
    • PR: Update module google.golang.org/protobuf to v1.36.7
    • PR: test: fix failures caused by node24 usage in hello-world-javascript-action [skip cascade]
    • PR: chore: restore GitHub windows build workflow
    • PR: chore: run_context: add GITHUB_RUN_ATTEMPT (#​2458)
    • PR: Update dependency go to v1.23.12
    • PR: Update dependency forgejo/runner to v9.0.3
    • PR: chore: links to container images and documentation in the release

v9.0.3

Compare Source

Release Notes

  • features
    • PR: feat: lxc-systemd defaults to using Forgejo runner 9.0.2
    • PR: feat: --health-* options are allowed in job.<id>.services.<id>.options
  • bug fixes
    • PR: fix: log the URL of the action when it fails schema validation
    • PR: fix: lingering services/volumes/networks after jobs if cleanup takes >1min
  • other
    • PR: chore: upgrade lxc-helpers
    • PR: chore: teach renovate about examples/lxc-systemd/forgejo-runner-service.sh
    • PR: Update module github.com/containerd/errdefs to v1
    • PR: chore: explain that part of the source is Apache 2
    • PR: chore(cleanup): dispatch workflows according to the role of the repository
    • PR: chore: unify forgejo image names location
    • PR: chore: replace docker hub with code.forgejo.org
    • PR: Update module github.com/golangci/golangci-lint/v2/cmd/golangci-lint to v2.3.1
    • PR: Update module github.com/opencontainers/selinux to v1.12.0
    • PR: Update module github.com/go-git/go-git/v5 to v5.16.2
    • PR: Update module github.com/docker/cli to v28.3.3+incompatible
    • PR: Update dependency forgejo/release-notes-assistant to v1.4.0
    • PR: Update module github.com/spf13/pflag to v1.0.7
    • PR: Update module github.com/opencontainers/image-spec to v1.1.1
    • PR: Update module go.etcd.io/bbolt to v1.4.2
    • PR: Update module github.com/rhysd/actionlint to v1.7.7
    • PR: Update module github.com/go-git/go-billy/v5 to v5.6.2
    • PR: chore: the release link to RELEASE-NOTES.md is no longer needed (take 2)

v9.0.2

Compare Source

  • features
    • PR: feat: use cache-{from,to}: type=gha in the docker/build-push-action example
    • PR: feat: add an LXC based example of docker/build-push-action usage
  • bug fixes
    • PR: fix: vars context is allowed in default values of action inputs
  • other

v9.0.1

Compare Source

  • other
    • PR: chore: to allow the runner to be imported, v9 needs to be in the go module
    • PR: Update module github.com/docker/docker to v28.3.3+incompatible [SECURITY]
    • PR: chore: release notes are now published together with the release

v9.0.0

Compare Source

Workflows and actions go through a schema validation and the runner will not start a job if they do not pass. Some existing workflows or actions may have syntax errors that did not prevent them from running with versions 7.0.0 and below but they will no longer work with versions 8.0.0 and above.

Existing workflows can be verified and fixed before upgrading by using the new forgejo-runner validate command. For instance, the following will try to validate workflows and/or actions found in the Git repository at https://example.com/my/repo (a local directory at the root of a Git repository can also be used):

$ forgejo-runner validate --repository https://example.com/my/repo
.forgejo/workflows/release.yml workflow schema validation OK
.forgejo/workflows/test.yml workflow schema validation OK

If the error is not immediately obvious, please file an issue with a copy of the failed workflow and revert to using version 7.0.0 until it is resolved.

  • features including breaking changes
    • PR: feat!: remove support for using an artifact server via CLI
  • features
    • PR: feat: the new forgejo-runner validate command can be used to verify if an action or a workflow is conformant with the expected schema. forgejo-runner validate --repository https://example.com/my/repository will validate all the workflows and actions a Git repository contains. Alternatively forgejo-runner validate --path myaction/action.yml --action or forgejo-runner validate --path .forgejo/workflows/test.yml --workflow can be used to validate a single file. It is recommended to use these commands to verify existing actions and workflows pass before upgrading to Forgejo runner v8.0.0 or above to not disrupt existing workflows.
    • PR: feat(security): recommend security issues are reported to security@forgejo.org
    • PR: feat(tests): cmd executeCommand captures stderr & stdout
    • PR: feat: merge forgejo/act/pkg in the act directory
  • bug fixes
    • PR: fix: allow expressions in action descriptions and incomplete action inputs
    • PR: fix: the vars context is allowed in an action step env
    • PR: fix: allow expressions in step and job uses:
    • PR: fix(ci): use code.forgejo.org instead of the docker hub
  • other
    • PR: Restore contrib/forgejo-runner.service
    • PR: chore: remove unused/unmaintained files
    • PR: chore: a single testutils for both act and the runner
    • PR: chore: renovate must not look at any testdata subdirectory
    • PR: chore(release-notes): finalize 9.0.0
    • PR: chore: use the act directory instead of https://code.forgejo.org/forgejo/act
    • PR: chore(docs): naked host schema in 8.0.0 is a breaking change
    • PR: chore: disable package name checks for revive [skip cascade]

v8.0.1

Compare Source

v8.0.0

Compare Source

  • Breaking change: workflows files go through a schema validation and will not run if they do not pass. Some existing workflows may have syntax errors that did not prevent them from running with versions 7.0.0 and below but they will no longer work with versions 8.0.0 and above.
    Existing workflows can be verified and fixed before upgrading by using forgejo-runner exec --workflows path-to-the-workflow. For instance in a workflow where ruins-on was typed by mistake instead of runs-on: 
    $ forgejo-runner exec --event unknown --workflows ../forgejo/.forgejo/workflows/build-release.yml
Error: workflow is not valid. 'build-release.yml': Line: 32 Column 5: Failed to match job-factory: Line: 32 Column 5: Unknown Property ruins-on
Line: 32 Column 5: Failed to match workflow-job: Line: 32 Column 5: Unknown Property ruins-on
Line: 35 Column 5: Unknown Property steps
Forgejo Actions YAML Schema validation error
    If the error is not immediately obvious, please file an issue with a copy of the failed workflow and revert to using version 7.0.0 until it is resolved.
  • Breaking change: the logic assigning labels was updated and refactored:
  • Breaking change: bash fallback to sh if it is not available. It will use bash instead of sh when a container image is explicitly specified in the step. If a workflow depens on that behavior, it will need to be modified to explictly set the shell to sh.
  • Breaking change: sanitize network aliases to be valid DNS names. It is breaking for workflows with services that rely on host names (derived from the service name or the job name) that do not match [^A-Z0-9-]+. They will be sanitized and a message displayed in the logs showing the sanitized name. The service can either be renamed to match the constraint so it can be used as is. Or the sanitized name can be used. For instance of a PostgreSQL service runs as data.base it will be sanitized as data_base.
  • secrets that contain multiple lines are masked from the output.
  • sum256 the container name so derivations do not overflow.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [code.forgejo.org/forgejo/runner](https://forgejo.org) ([source](https://code.forgejo.org/forgejo/runner)) | major | `7.0.0` -> `9.1.1` | --- ### Release Notes <details> <summary>forgejo/runner (code.forgejo.org/forgejo/runner)</summary> ### [`v9.1.1`](https://code.forgejo.org/forgejo/runner/releases/tag/v9.1.1) [Compare Source](https://code.forgejo.org/forgejo/runner/compare/v9.1.0...v9.1.1) - [User guide](https://forgejo.org/docs/next/user/actions/overview/) - [Administrator guide](https://forgejo.org/docs/next/admin/actions/) - [Container images](https://code.forgejo.org/forgejo/-/packages/container/runner/versions) Release Notes *** <!--start release-notes-assistant--> <!--URL:https://code.forgejo.org/forgejo/runner--> - bug fixes - [PR](https://code.forgejo.org/forgejo/runner/pulls/896): <!--number 896 --><!--line 0 --><!--description Zml4OiBhbiBlcnJvciBmcm9tIGEgU0tJUFBFRCBqb2IgZG9lcyBub3QgdHJhbnNmb3JtIGl0IGludG8gYSBGQUlMVVJF-->fix: an error from a SKIPPED job does not transform it into a FAILURE<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/878): <!--number 878 --><!--line 0 --><!--description Zml4OiBhcnRpZmFjdCBjYWNoZSBEQiBub3QgdXNpbmcgaW5kZXhlcyBmb3Igc2VhcmNoaW5n-->fix: artifact cache DB not using indexes for searching<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/884): <!--number 884 --><!--line 0 --><!--description Zml4OiBSdW5zT24gaW4gam9icGFyc2VyIGlzIG5vdCB1c2VkIGJ5IHRoZSBydW5uZXIgYnV0IGl0IGlzIHVzZWQgYnkgRm9yZ2VqbyBbc2tpcCBjYXNjYWRlXQ==-->fix: RunsOn in jobparser is not used by the runner but it is used by Forgejo \[skip cascade]<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/882): <!--number 882 --><!--line 0 --><!--description Zml4OiBmaXhlcyB0aGUgYnVpbGQgb24gRnJlZUJTRA==-->fix: fixes the build on FreeBSD<!--description--> - other - [PR](https://code.forgejo.org/forgejo/runner/pulls/888): <!--number 888 --><!--line 0 --><!--description Y2hvcmU6IHJlcGxhY2UgZ29wa2cuaW4veWFtbC52MyB3aXRoIGdvLnlhbWwuaW4veWFtbC92Mw==-->chore: replace gopkg.in/yaml.v3 with go.yaml.in/yaml/v3<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/894): <!--number 894 --><!--line 0 --><!--description Y2hvcmU6IG1lcmdlIEFDVCBhbmQgcnVubmVyIHVuaXQgJiBpbnRlZ3JhdGlvbiB0ZXN0cyB0b2dldGhlcg==-->chore: merge ACT and runner unit & integration tests together<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/861): <!--number 861 --><!--line 0 --><!--description dGVzdDogcnVuIGFsbCB0ZXN0cyB3aXRoIHRoZSBkYXRhIHJhY2UgZGV0ZWN0b3I=-->test: run all tests with the data race detector<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/867): <!--number 867 --><!--line 0 --><!--description Y2hvcmU6IGZpeCAnZmFsc2UgcG9zaXRpdmUnIGRhdGEgcmFjZSBkZXRlY3Rpb24gaW4gSWQvTnVtYmVyIGRlZmF1bHQgaW5pdA==-->chore: fix 'false positive' data race detection in Id/Number default init<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/889): <!--number 889 --><!--line 0 --><!--description dGVzdDogYWRkIGFuIGludGVncmF0aW9uIHRlc3QgZm9yIGVtYmVkZGVkIHJ1bm5lciBjYWNoZQ==-->test: add an integration test for embedded runner cache<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/891): <!--number 891 --><!--line 0 --><!--description Y2hvcmU6IHdoZW4gY29tcGFyaW5nIG1vY2tlcnkgZ2VuZXJhdGVkIGZpbGVzLCBpZ25vcmUgdGhlIHZlcnNpb24=-->chore: when comparing mockery generated files, ignore the version<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/875): <!--number 875 --><!--line 0 --><!--description Y2hvcmU6IGZpeCBkYXRhIHJhY2UgaW4gcmV1c2FibGUgd29ya2Zsb3dzIHdpdGggaW5oZXJpdGVkIHNlY3JldHM=-->chore: fix data race in reusable workflows with inherited secrets<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/886): <!--number 886 --><!--line 0 --><!--description Y2hvcmU6IHJldmVydCBtb2NrZXJ5IHYzIHVwZGF0ZSBhbmQgdmFsaWRhdGUgbW9ja2VyeSB1cGRhdGVz-->chore: revert mockery v3 update and validate mockery updates<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/883): <!--number 883 --><!--line 0 --><!--description Y2hvcmU6IGNhc2NhZGUgZm9yZ2VqbyBwdWxsIHJlcXVlc3Qgb3V0IG9mIHRoZSBydW5uZXIgYnJhbmNoIG9yIFBS-->chore: cascade forgejo pull request out of the runner branch or PR<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/879): <!--number 879 --><!--line 0 --><!--description VXBkYXRlIGRlcGVuZGVuY3kgZm9yZ2Vqby9ydW5uZXIgdG8gdjkuMS4w-->Update dependency forgejo/runner to v9.1.0<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/880): <!--number 880 --><!--line 0 --><!--description Y2hvcmU6IGdvLm1vZCBzaG91bGQgdXNlIHRoZSBtaW5vciB2ZXJzaW9uIG9ubHk=-->chore: go.mod should use the minor version only<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/877): <!--number 877 --><!--line 0 --><!--description VXBkYXRlIGNvZGUuZm9yZ2Vqby5vcmcvZm9yZ2Vqby9ydW5uZXIgRG9ja2VyIHRhZyB0byB2OS4xLjA=-->Update code.forgejo.org/forgejo/runner Docker tag to v9.1.0<!--description--> <!--end release-notes-assistant--> ### [`v9.1.0`](https://code.forgejo.org/forgejo/runner/releases/tag/v9.1.0) [Compare Source](https://code.forgejo.org/forgejo/runner/compare/v9.0.3...v9.1.0) - [User guide](https://forgejo.org/docs/next/user/actions/overview/) - [Administrator guide](https://forgejo.org/docs/next/admin/actions/) - [Container images](https://code.forgejo.org/forgejo/-/packages/container/runner/versions) Release Notes *** <!--start release-notes-assistant--> <!--URL:https://code.forgejo.org/forgejo/runner--> - features - [PR](https://code.forgejo.org/forgejo/runner/pulls/847): <!--number 847 --><!--line 0 --><!--description ZmVhdDogc3VwcG9ydCBhY3Rpb25zIHdpdGggJ3VzaW5nOiBub2RlMjQn-->feat: support actions with 'using: node24'<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/647): <!--number 647 --><!--line 0 --><!--description ZmVhdDogZmFpbCB3aGVuIHVzaW5nIGFuIGludmFsaWQgbGFiZWwgZHVyaW5nIG5vbiBpbnRlcmFjdGl2ZSByZWdpc3RyYXRpb24=-->feat: fail when using an invalid label during non interactive registration<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/821): <!--number 821 --><!--line 0 --><!--description ZmVhdDogYWRkZWQgc3VwcG9ydCBmb3IgZGVyZWZlcmVuY2VkIG1hcCBwcm9wZXJ0aWVz-->feat: added support for dereferenced map properties<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/827): <!--number 827 --><!--line 0 --><!--description ZmVhdDogc3VwcG9ydCBldmFsdWF0aW9uIG9mIGNvbmN1cnJlbmN5IGNsYXVzZXMgaW4gcnVubmVy-->feat: support evaluation of concurrency clauses in runner<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/824): <!--number 824 --><!--line 0 --><!--description ZmVhdDogbG9nIHBhcnNlZCBjb21tYW5kcyBhbmQgc3RlcCBzdW1tYXJ5-->feat: log parsed commands and step summary<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/826): <!--number 826 --><!--line 0 --><!--description ZmVhdDogYWRkZWQgaW5mbyBsb2cgd2hlbiBjb250YWluZXIgaW1hZ2UgcGxhdGZvcm0gbWlzbWF0Y2hlZA==-->feat: added info log when container image platform mismatched<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/805): <!--number 805 --><!--line 0 --><!--description ZmVhdDogd2FpdCBmb3Igc2VydmljZXMgdG8gYmUgaGVhbHRoeSBiZWZvcmUgc3RhcnRpbmcgYSBqb2I=-->feat: wait for services to be healthy before starting a job<!--description--> - bug fixes - [PR](https://code.forgejo.org/forgejo/runner/pulls/870): <!--number 870 --><!--line 0 --><!--description Zml4OiByZXBvcnQgdGhlIGpvYiBhcyBmYWlsZWQgd2hlbiB0aGUgYFtydW5uZXJdLnRpbWVvdXRgIGV4cGlyZXM=-->fix: report the job as failed when the `[runner].timeout` expires<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/871): <!--number 871 --><!--line 0 --><!--description Zml4OiBkYXRhIHJhY2UgaW4gJ3J1bnMtb24nIGV4cHJlc3Npb25zIGNhdXNlcyBpbmNvcnJlY3Qgam9iIGxhYmVscyBkdXJpbmcgZXhlY3V0aW9u-->fix: data race in 'runs-on' expressions causes incorrect job labels during execution<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/862): <!--number 862 --><!--line 0 --><!--description Zml4OiByYWNlIGNvbmRpdGlvbiBpbiBtYXRyaXggam9iIHJlc3VsdCBzdGF0ZSBtYXkgcmVzdWx0IGluIGZhaWxlZCBqb2JzIGJlaW5nIG1hcmtlZCBhcyBzdWNjZXNzZnVs-->fix: race condition in matrix job result state may result in failed jobs being marked as successful<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/808): <!--number 808 --><!--line 0 --><!--description Zml4OiBlbnN1cmUgdW5pcXVlIGNvbnRhaW5lciBuYW1lcyBmb3IgcmV1c2FibGUgd29ya2Zsb3dz-->fix: ensure unique container names for reusable workflows<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/865): <!--number 865 --><!--line 0 --><!--description Zml4OiBkYXRhIHJhY2UgY29uZGl0aW9uIGNhdXNpbmcgaW5jb3JyZWN0IGBzaGVsbGAgb24gYSB0YXNrIHN0ZXAgaWYgaXQgcmVmZXJlbmNlZCBhIG1hdHJpeCB2YXJpYWJsZQ==-->fix: data race condition causing incorrect `shell` on a task step if it referenced a matrix variable<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/850): <!--number 850 --><!--line 0 --><!--description Zml4OiB1c2UgYSB1bmlxdWUgcmFuZG9tIG5hbWUgdG8gZGVyaXZlIG5ldHdvcmsgYW5kIHZvbHVtZXMgZm9yIGEgam9i-->fix: use a unique random name to derive network and volumes for a job<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/849): <!--number 849 --><!--line 0 --><!--description Zml4OiB0aGUgY29uZmlndXJhdGlvbiBtdXN0IG5vdCBiZSB1c2VkIGFzIHRlbXBvcmFyeSBzdG9yYWdl-->fix: the configuration must not be used as temporary storage<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/851): <!--number 851 --><!--line 0 --><!--description Zml4OiBjb250YWluZXIgcmVtb3ZhbCBpcyB0aGUgcnVubmVyIHJlc3BvbnNpYmlsaXR5-->fix: container removal is the runner responsibility<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/834): <!--number 834 --><!--line 0 --><!--description Zml4OiB1cGRhdGUgcmV1c2FibGUgd29ya2Zsb3cgaW5wdXQgaGFuZGxpbmc=-->fix: update reusable workflow input handling<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/845): <!--number 845 --><!--line 0 --><!--description Zml4KHNlY3VyaXR5KTogbXVsdGxpbmUgc2VjcmV0cyB0cml2aWFsbHkgdHJhbnNmb3JtZWQgYXJlIHJlZGFjdGVk-->fix(security): multline secrets trivially transformed are redacted<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/833): <!--number 833 --><!--line 0 --><!--description Zml4OiBwcmV2ZW50IHVuaW50ZW5kZWQgaW5wdXQgcmVwbGFjZW1lbnQgaW4gcmV1c2FibGUgd29ya2Zsb3dzIHdpdGggd29ya2Zsb3dfZGlzcGF0Y2ggd2hlbiB1c2luZyB3b3JrZmxvd19jYWxs-->fix: prevent unintended input replacement in reusable workflows with workflow\_dispatch when using workflow\_call<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/818): <!--number 818 --><!--line 0 --><!--description Zml4OiBjb21wb3NpdGUgYWN0aW9uIGlucHV0IHBvbGx1dGlvbg==-->fix: composite action input pollution<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/829): <!--number 829 --><!--line 0 --><!--description Zml4OiBwcmV2ZW50IHNwYWNlIHByZWZpeC9zdWZmaXggaW4gcnVubmVyIGxhYmVscw==-->fix: prevent space prefix/suffix in runner labels<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/825): <!--number 825 --><!--line 0 --><!--description Zml4OiB2YWx1ZU1hc2tlciBjb25jdXJyZW50IG1hcCB3cml0ZQ==-->fix: valueMasker concurrent map write<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/820): <!--number 820 --><!--line 0 --><!--description Zml4OiBzaG9ydCBzaGEgaGFzIGF0IGxlYXN0IGZvdXIgZGlnaXRz-->fix: short sha has at least four digits<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/819): <!--number 819 --><!--line 0 --><!--description Zml4OiBhbWQ2NCBhcmNoIHRvIFg2NCAoIzI1ODAp-->fix: amd64 arch to X64 ([#&#8203;2580](https://github.com/forgejo/runner/issues/2580))<!--description--> - other - [PR](https://code.forgejo.org/forgejo/runner/pulls/869): <!--number 869 --><!--line 0 --><!--description dGVzdDogZml4IGRhdGEgcmFjZSB0cmlnZ2VyZWQgYnkgdGVzdGluZyBtb2NrcyBpbiBUZXN0U2V0Sm9iUmVzdWx0Q29uY3VycmVuY3k=-->test: fix data race triggered by testing mocks in TestSetJobResultConcurrency<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/868): <!--number 868 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL3Zla3RyYS9tb2NrZXJ5L3YyIHRvIHYzLjUuMw==-->Update module github.com/vektra/mockery/v2 to v3.5.3<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/866): <!--number 866 --><!--line 0 --><!--description ZG9jczogY2xhcmlmeSBhY3Rpb25zX2NhY2hlX3VybF9vcHRpb24=-->docs: clarify actions\_cache\_url\_option<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/864): <!--number 864 --><!--line 0 --><!--description Y2hvcmU6IHByZXZlbnQgJ2ZhbHNlIHBvc2l0aXZlJyBkYXRhIHJhY2UgZGV0ZWN0aW9uIHdpdGggSm9iLklmIFtza2lwIGNhc2NhZGVd-->chore: prevent 'false positive' data race detection with Job.If \[skip cascade]<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/863): <!--number 863 --><!--line 0 --><!--description VXBkYXRlIGh0dHBzOi8vZGF0YS5mb3JnZWpvLm9yZy9hY3Rpb25zL3NldHVwLWZvcmdlam8gYWN0aW9uIHRvIHYzLjAuMg==-->Update <https://data.forgejo.org/actions/setup-forgejo> action to v3.0.2<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/860): <!--number 860 --><!--line 0 --><!--description dGVzdDogZml4IGRhdGEgcmFjZSBpbiBUZXN0TmV3UGFyYWxsZWxFeGVjdXRvci4uLiB0ZXN0cw==-->test: fix data race in TestNewParallelExecutor... tests<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/859): <!--number 859 --><!--line 0 --><!--description Y2hvcmU6IHByZXZlbnQgImZhbHNlIHBvc2l0aXZlIiBkYXRhIHJhY2UgZGV0ZWN0aW9uIHcvIENvbnRhaW5lckRhZW1vblNvY2tldA==-->chore: prevent "false positive" data race detection w/ ContainerDaemonSocket<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/858): <!--number 858 --><!--line 0 --><!--description dGVzdDogcHJldmVudCBkYXRhIHJhY2UgZGV0ZWN0aW9uIGluIFRlc3RBY3Rpb25DYWNoZQ==-->test: prevent data race detection in TestActionCache<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/857): <!--number 857 --><!--line 0 --><!--description Y2hvcmU6IG1vZGVybml6ZSBjb2Rl-->chore: modernize code<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/854): <!--number 854 --><!--line 0 --><!--description Y2hvcmU6IHJlZmFjdG9yIE5ld0RvY2tlclZvbHVtZVJlbW92ZUV4ZWN1dG9y-->chore: refactor NewDockerVolumeRemoveExecutor<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/853): <!--number 853 --><!--line 0 --><!--description Y2hvcmU6IHBhbmljIGlmIGEgcmFuZG9tIG5hbWUgY2Fubm90IGJlIGNyZWF0ZWQ=-->chore: panic if a random name cannot be created<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/852): <!--number 852 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2dvbGFuZ2NpL2dvbGFuZ2NpLWxpbnQvdjIvY21kL2dvbGFuZ2NpLWxpbnQgdG8gdjIuNC4w-->Update module github.com/golangci/golangci-lint/v2/cmd/golangci-lint to v2.4.0<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/839): <!--number 839 --><!--line 0 --><!--description Y2hvcmU6IHJlcXVpcmUgR28gdjEuMjQ=-->chore: require Go v1.24<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/843): <!--number 843 --><!--line 0 --><!--description Y2hvcmU6IGludGVncmF0aW9uIHRlc3RzIGNhbiBydW4gZm9yIG1vcmUgdGhhbiAxMCBtaW51dGVz-->chore: integration tests can run for more than 10 minutes<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/844): <!--number 844 --><!--line 0 --><!--description Y2hvcmU6IHVzZSB0LkNvbnRleHQgZm9yIHRlc3RzLCBhY3RpdmF0ZSB1c2V0ZXN0aW5nIGZvciBsaW50ICsgYWRkIHQuVGVtcERpciBhbmQgdC5DaGRpcg==-->chore: use t.Context for tests, activate usetesting for lint + add t.TempDir and t.Chdir<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/846): <!--number 846 --><!--line 0 --><!--description Y2hvcmUodGVzdHMpOiBkaWZmZXJlbnRpYXRlICdmYWlsZWQgdG8gY29weSBjb250ZW50JyBlcnJvcnM=-->chore(tests): differentiate 'failed to copy content' errors<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/842): <!--number 842 --><!--line 0 --><!--description Y2hvcmU6IHNldCB0aGUgS2luZC9DaG9yZSBsYWJlbCBvbiBkZXBlbmRlbmNpZXMgdXBncmFkZXM=-->chore: set the Kind/Chore label on dependencies upgrades<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/840): <!--number 840 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2ltZGFyaW8vbWVyZ28gdG8gdjE=-->Update module github.com/imdario/mergo to v1<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/841): <!--number 841 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL3Zla3RyYS9tb2NrZXJ5L3YyIHRvIHYz-->Update module github.com/vektra/mockery/v2 to v3<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/838): <!--number 838 --><!--line 0 --><!--description VXBkYXRlIGNvZGUuZm9yZ2Vqby5vcmcvZm9yZ2Vqby9ydW5uZXIgRG9ja2VyIHRhZyB0byB2OQ==-->Update code.forgejo.org/forgejo/runner Docker tag to v9<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/774): <!--number 774 --><!--line 0 --><!--description Y2hvcmU6IHJlbW92ZSB0aGUgYWxwaGEgcXVhbGl0eSB3YXJuaW5nLCBpdCBpcyBzZWN1cmUgZW5vdWdoIHRvIGJlIHVzZWQgaW4gcHJvZHVjdGlvbg==-->chore: remove the alpha quality warning, it is secure enough to be used in production<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/837): <!--number 837 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnb2xhbmcub3JnL3gvdGVybSB0byB2MC4zNC4w-->Update module golang.org/x/term to v0.34.0<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/836): <!--number 836 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2RvY2tlci9nby1jb25uZWN0aW9ucyB0byB2MC42LjA=-->Update module github.com/docker/go-connections to v0.6.0<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/822): <!--number 822 --><!--line 0 --><!--description Y2hvcmU6ICJ1bmFibGUgdG8gZ2V0IGdpdCByZXBvIiBpcyBhIGRlYnVnIG1lc3NhZ2UsIG5vdCBhIHdhcm5pbmc=-->chore: "unable to get git repo" is a debug message, not a warning<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/832): <!--number 832 --><!--line 0 --><!--description VXBkYXRlIGRlcGVuZGVuY3kgZ28gdG8gdjEuMjQ=-->Update dependency go to v1.24<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/831): <!--number 831 --><!--line 0 --><!--description Y2hvcmU6IGNhbmNlbCBjb250ZXh0IHVzZWQgaW4gQ0kgd2hlbiBydW5uaW5nIHdvcmtmbG93cw==-->chore: cancel context used in CI when running workflows<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/828): <!--number 828 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnb29nbGUuZ29sYW5nLm9yZy9wcm90b2J1ZiB0byB2MS4zNi43-->Update module google.golang.org/protobuf to v1.36.7<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/830): <!--number 830 --><!--line 0 --><!--description dGVzdDogZml4IGZhaWx1cmVzIGNhdXNlZCBieSBub2RlMjQgdXNhZ2UgaW4gaGVsbG8td29ybGQtamF2YXNjcmlwdC1hY3Rpb24gW3NraXAgY2FzY2FkZV0=-->test: fix failures caused by node24 usage in hello-world-javascript-action \[skip cascade]<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/815): <!--number 815 --><!--line 0 --><!--description Y2hvcmU6IHJlc3RvcmUgR2l0SHViIHdpbmRvd3MgYnVpbGQgd29ya2Zsb3c=-->chore: restore GitHub windows build workflow<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/817): <!--number 817 --><!--line 0 --><!--description Y2hvcmU6IHJ1bl9jb250ZXh0OiBhZGQgR0lUSFVCX1JVTl9BVFRFTVBUICgjMjQ1OCk=-->chore: run\_context: add GITHUB\_RUN\_ATTEMPT ([#&#8203;2458](https://github.com/forgejo/runner/issues/2458))<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/814): <!--number 814 --><!--line 0 --><!--description VXBkYXRlIGRlcGVuZGVuY3kgZ28gdG8gdjEuMjMuMTI=-->Update dependency go to v1.23.12<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/812): <!--number 812 --><!--line 0 --><!--description VXBkYXRlIGRlcGVuZGVuY3kgZm9yZ2Vqby9ydW5uZXIgdG8gdjkuMC4z-->Update dependency forgejo/runner to v9.0.3<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/811): <!--number 811 --><!--line 0 --><!--description Y2hvcmU6IGxpbmtzIHRvIGNvbnRhaW5lciBpbWFnZXMgYW5kIGRvY3VtZW50YXRpb24gaW4gdGhlIHJlbGVhc2U=-->chore: links to container images and documentation in the release<!--description--> <!--end release-notes-assistant--> ### [`v9.0.3`](https://code.forgejo.org/forgejo/runner/releases/tag/v9.0.3) [Compare Source](https://code.forgejo.org/forgejo/runner/compare/v9.0.2...v9.0.3) - [User guide](https://forgejo.org/docs/next/user/actions/overview/) - [Administrator guide](https://forgejo.org/docs/next/admin/actions/) - [Container images](https://code.forgejo.org/forgejo/-/packages/container/runner/versions) Release Notes *** <!--start release-notes-assistant--> <!--URL:https://code.forgejo.org/forgejo/runner--> - features - [PR](https://code.forgejo.org/forgejo/runner/pulls/804): <!--number 804 --><!--line 0 --><!--description ZmVhdDogbHhjLXN5c3RlbWQgZGVmYXVsdHMgdG8gdXNpbmcgRm9yZ2VqbyBydW5uZXIgOS4wLjI=-->feat: lxc-systemd defaults to using Forgejo runner 9.0.2<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/784): <!--number 784 --><!--line 0 --><!--description ZmVhdDogLS1oZWFsdGgtKiBvcHRpb25zIGFyZSBhbGxvd2VkIGluIGpvYi48aWQ+LnNlcnZpY2VzLjxpZD4ub3B0aW9ucw==-->feat: --health-\* options are allowed in `job.<id>.services.<id>.options`<!--description--> - bug fixes - [PR](https://code.forgejo.org/forgejo/runner/pulls/810): <!--number 810 --><!--line 0 --><!--description Zml4OiBsb2cgdGhlIFVSTCBvZiB0aGUgYWN0aW9uIHdoZW4gaXQgZmFpbHMgc2NoZW1hIHZhbGlkYXRpb24=-->fix: log the URL of the action when it fails schema validation<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/798): <!--number 798 --><!--line 0 --><!--description Zml4OiBsaW5nZXJpbmcgc2VydmljZXMvdm9sdW1lcy9uZXR3b3JrcyBhZnRlciBqb2JzIGlmIGNsZWFudXAgdGFrZXMgPjFtaW4=-->fix: lingering services/volumes/networks after jobs if cleanup takes >1min<!--description--> - other - [PR](https://code.forgejo.org/forgejo/runner/pulls/806): <!--number 806 --><!--line 0 --><!--description Y2hvcmU6IHVwZ3JhZGUgbHhjLWhlbHBlcnM=-->chore: upgrade lxc-helpers<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/627): <!--number 627 --><!--line 0 --><!--description Y2hvcmU6IHRlYWNoIHJlbm92YXRlIGFib3V0IGV4YW1wbGVzL2x4Yy1zeXN0ZW1kL2Zvcmdlam8tcnVubmVyLXNlcnZpY2Uuc2g=-->chore: teach renovate about examples/lxc-systemd/forgejo-runner-service.sh<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/807): <!--number 807 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2NvbnRhaW5lcmQvZXJyZGVmcyB0byB2MQ==-->Update module github.com/containerd/errdefs to v1<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/803): <!--number 803 --><!--line 0 --><!--description Y2hvcmU6IGV4cGxhaW4gdGhhdCBwYXJ0IG9mIHRoZSBzb3VyY2UgaXMgQXBhY2hlIDI=-->chore: explain that part of the source is Apache 2<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/790): <!--number 790 --><!--line 0 --><!--description Y2hvcmUoY2xlYW51cCk6IGRpc3BhdGNoIHdvcmtmbG93cyBhY2NvcmRpbmcgdG8gdGhlIHJvbGUgb2YgdGhlIHJlcG9zaXRvcnk=-->chore(cleanup): dispatch workflows according to the role of the repository<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/797): <!--number 797 --><!--line 0 --><!--description Y2hvcmU6IHVuaWZ5IGZvcmdlam8gaW1hZ2UgbmFtZXMgbG9jYXRpb24=-->chore: unify forgejo image names location<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/799): <!--number 799 --><!--line 0 --><!--description Y2hvcmU6IHJlcGxhY2UgZG9ja2VyIGh1YiB3aXRoIGNvZGUuZm9yZ2Vqby5vcmc=-->chore: replace docker hub with code.forgejo.org<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/802): <!--number 802 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2dvbGFuZ2NpL2dvbGFuZ2NpLWxpbnQvdjIvY21kL2dvbGFuZ2NpLWxpbnQgdG8gdjIuMy4x-->Update module github.com/golangci/golangci-lint/v2/cmd/golangci-lint to v2.3.1<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/801): <!--number 801 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL29wZW5jb250YWluZXJzL3NlbGludXggdG8gdjEuMTIuMA==-->Update module github.com/opencontainers/selinux to v1.12.0<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/800): <!--number 800 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2dvLWdpdC9nby1naXQvdjUgdG8gdjUuMTYuMg==-->Update module github.com/go-git/go-git/v5 to v5.16.2<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/796): <!--number 796 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2RvY2tlci9jbGkgdG8gdjI4LjMuMytpbmNvbXBhdGlibGU=-->Update module github.com/docker/cli to v28.3.3+incompatible<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/795): <!--number 795 --><!--line 0 --><!--description VXBkYXRlIGRlcGVuZGVuY3kgZm9yZ2Vqby9yZWxlYXNlLW5vdGVzLWFzc2lzdGFudCB0byB2MS40LjA=-->Update dependency forgejo/release-notes-assistant to v1.4.0<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/794): <!--number 794 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL3NwZjEzL3BmbGFnIHRvIHYxLjAuNw==-->Update module github.com/spf13/pflag to v1.0.7<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/793): <!--number 793 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL29wZW5jb250YWluZXJzL2ltYWdlLXNwZWMgdG8gdjEuMS4x-->Update module github.com/opencontainers/image-spec to v1.1.1<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/792): <!--number 792 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnby5ldGNkLmlvL2Jib2x0IHRvIHYxLjQuMg==-->Update module go.etcd.io/bbolt to v1.4.2<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/791): <!--number 791 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL3JoeXNkL2FjdGlvbmxpbnQgdG8gdjEuNy43-->Update module github.com/rhysd/actionlint to v1.7.7<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/787): <!--number 787 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2dvLWdpdC9nby1iaWxseS92NSB0byB2NS42LjI=-->Update module github.com/go-git/go-billy/v5 to v5.6.2<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/789): <!--number 789 --><!--line 0 --><!--description Y2hvcmU6IHRoZSByZWxlYXNlIGxpbmsgdG8gUkVMRUFTRS1OT1RFUy5tZCBpcyBubyBsb25nZXIgbmVlZGVkICh0YWtlIDIp-->chore: the release link to RELEASE-NOTES.md is no longer needed (take 2)<!--description--> <!--end release-notes-assistant--> ### [`v9.0.2`](https://code.forgejo.org/forgejo/runner/releases/tag/v9.0.2) [Compare Source](https://code.forgejo.org/forgejo/runner/compare/v9.0.1...v9.0.2) <!--start release-notes-assistant--> <!--URL:https://code.forgejo.org/forgejo/runner--> - features - [PR](https://code.forgejo.org/forgejo/runner/pulls/783): <!--number 783 --><!--line 0 --><!--description ZmVhdDogdXNlIGNhY2hlLXtmcm9tLHRvfTogdHlwZT1naGEgaW4gdGhlIGRvY2tlci9idWlsZC1wdXNoLWFjdGlvbiBleGFtcGxl-->feat: use cache-{from,to}: type=gha in the docker/build-push-action example<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/781): <!--number 781 --><!--line 0 --><!--description ZmVhdDogYWRkIGFuIExYQyBiYXNlZCBleGFtcGxlIG9mIGRvY2tlci9idWlsZC1wdXNoLWFjdGlvbiB1c2FnZQ==-->feat: add an LXC based example of docker/build-push-action usage<!--description--> - bug fixes - [PR](https://code.forgejo.org/forgejo/runner/pulls/786): <!--number 786 --><!--line 0 --><!--description Zml4OiB2YXJzIGNvbnRleHQgaXMgYWxsb3dlZCBpbiBkZWZhdWx0IHZhbHVlcyBvZiBhY3Rpb24gaW5wdXRz-->fix: vars context is allowed in default values of action inputs<!--description--> - other - [PR](https://code.forgejo.org/forgejo/runner/pulls/788): <!--number 788 --><!--line 0 --><!--description VXBkYXRlIGh0dHBzOi8vZGF0YS5mb3JnZWpvLm9yZy9mb3JnZWpvL2Zvcmdlam8tYnVpbGQtcHVibGlzaCBhY3Rpb24gdG8gdjUuNC4x-->Update <https://data.forgejo.org/forgejo/forgejo-build-publish> action to v5.4.1<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/782): <!--number 782 --><!--line 0 --><!--description Y2hvcmU6IHRoZSByZWxlYXNlIGxpbmsgdG8gUkVMRUFTRS1OT1RFUy5tZCBpcyBubyBsb25nZXIgbmVlZGVk-->chore: the release link to RELEASE-NOTES.md is no longer needed<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/780): <!--number 780 --><!--line 0 --><!--description Y2hvcmUoY2kpOiBhdXRvcmVtb3ZlIHdoZW4gcnVubmluZyBhIHdvcmtmbG93IGluIGEgdGVzdA==-->chore(ci): autoremove when running a workflow in a test<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/778): <!--number 778 --><!--line 0 --><!--description VXBkYXRlIGRlcGVuZGVuY3kgZm9yZ2Vqby9yZWxlYXNlLW5vdGVzLWFzc2lzdGFudCB0byB2MS4zLjY=-->Update dependency forgejo/release-notes-assistant to v1.3.6<!--description--> <!--end release-notes-assistant--> ### [`v9.0.1`](https://code.forgejo.org/forgejo/runner/releases/tag/v9.0.1) [Compare Source](https://code.forgejo.org/forgejo/runner/compare/v9.0.0...v9.0.1) <!--start release-notes-assistant--> <!--URL:https://placeholder:cf42304136a3685c49de800f5b056f97d6471d33@&#8203;code.forgejo.org/forgejo/runner--> - other - [PR](https://code.forgejo.org/forgejo/runner/pulls/777): <!--number 777 --><!--line 0 --><!--description Y2hvcmU6IHRvIGFsbG93IHRoZSBydW5uZXIgdG8gYmUgaW1wb3J0ZWQsIHY5IG5lZWRzIHRvIGJlIGluIHRoZSBnbyBtb2R1bGU=-->chore: to allow the runner to be imported, v9 needs to be in the go module<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/776): <!--number 776 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2RvY2tlci9kb2NrZXIgdG8gdjI4LjMuMytpbmNvbXBhdGlibGUgW1NFQ1VSSVRZXQ==-->Update module github.com/docker/docker to v28.3.3+incompatible \[SECURITY]<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/775): <!--number 775 --><!--line 0 --><!--description Y2hvcmU6IHJlbGVhc2Ugbm90ZXMgYXJlIG5vdyBwdWJsaXNoZWQgdG9nZXRoZXIgd2l0aCB0aGUgcmVsZWFzZQ==-->chore: release notes are now published together with the release<!--description--> <!--end release-notes-assistant--> ### [`v9.0.0`](https://code.forgejo.org/forgejo/runner/releases/tag/v9.0.0) [Compare Source](https://code.forgejo.org/forgejo/runner/compare/v8.0.1...v9.0.0) Workflows and actions go through a schema validation and the runner will not start a job if they do not pass. Some existing workflows or actions may have syntax errors that did not prevent them from running with versions 7.0.0 and below but they will no longer work with versions 8.0.0 and above. Existing workflows can be verified and fixed before upgrading by using the new `forgejo-runner validate` command. For instance, the following will try to validate workflows and/or actions found in the Git repository at `https://example.com/my/repo` (a local directory at the root of a Git repository can also be used): ```sh $ forgejo-runner validate --repository https://example.com/my/repo .forgejo/workflows/release.yml workflow schema validation OK .forgejo/workflows/test.yml workflow schema validation OK ``` If the error is not immediately obvious, please file an issue with a copy of the failed workflow and revert to using version 7.0.0 until it is resolved. *** <!--start release-notes-assistant--> <!--URL:https://code.forgejo.org/forgejo/runner--> - features including breaking changes - [PR](https://code.forgejo.org/forgejo/runner/pulls/740): <!--number 740 --><!--line 0 --><!--description ZmVhdCE6IHJlbW92ZSBzdXBwb3J0IGZvciB1c2luZyBhbiBhcnRpZmFjdCBzZXJ2ZXIgdmlhIENMSQ==-->feat!: remove support for using an artifact server via CLI<!--description--> - features - [PR](https://code.forgejo.org/forgejo/runner/pulls/757): <!--number 757 --><!--line 0 --><!--description ZmVhdDogdGhlIG5ldyBgZm9yZ2Vqby1ydW5uZXIgdmFsaWRhdGVgIGNvbW1hbmQgY2FuIGJlIHVzZWQgdG8gdmVyaWZ5IGlmIGFuIGFjdGlvbiBvciBhIHdvcmtmbG93IGlzIGNvbmZvcm1hbnQgd2l0aCB0aGUgZXhwZWN0ZWQgc2NoZW1hLiBgZm9yZ2Vqby1ydW5uZXIgdmFsaWRhdGUgLS1yZXBvc2l0b3J5IGh0dHBzOi8vZXhhbXBsZS5jb20vbXkvcmVwb3NpdG9yeWAgd2lsbCB2YWxpZGF0ZSBhbGwgdGhlIHdvcmtmbG93cyBhbmQgYWN0aW9ucyBhIEdpdCByZXBvc2l0b3J5IGNvbnRhaW5zLiBBbHRlcm5hdGl2ZWx5ICBgZm9yZ2Vqby1ydW5uZXIgdmFsaWRhdGUgLS1wYXRoIG15YWN0aW9uL2FjdGlvbi55bWwgLS1hY3Rpb25gIG9yIGBmb3JnZWpvLXJ1bm5lciB2YWxpZGF0ZSAtLXBhdGggLmZvcmdlam8vd29ya2Zsb3dzL3Rlc3QueW1sIC0td29ya2Zsb3dgIGNhbiBiZSB1c2VkIHRvIHZhbGlkYXRlIGEgc2luZ2xlIGZpbGUuIEl0IGlzIHJlY29tbWVuZGVkIHRvIHVzZSB0aGVzZSBjb21tYW5kcyB0byB2ZXJpZnkgZXhpc3RpbmcgYWN0aW9ucyBhbmQgd29ya2Zsb3dzIHBhc3MgYmVmb3JlIHVwZ3JhZGluZyB0byBbRm9yZ2VqbyBydW5uZXIgdjguMC4wXShodHRwczovL2NvZGUuZm9yZ2Vqby5vcmcvZm9yZ2Vqby9ydW5uZXIvc3JjL2JyYW5jaC9tYWluL1JFTEVBU0UtTk9URVMubWQjOC0wLTApIG9yIGFib3ZlIHRvIG5vdCBkaXNydXB0IGV4aXN0aW5nIHdvcmtmbG93cy4=-->feat: the new `forgejo-runner validate` command can be used to verify if an action or a workflow is conformant with the expected schema. `forgejo-runner validate --repository https://example.com/my/repository` will validate all the workflows and actions a Git repository contains. Alternatively `forgejo-runner validate --path myaction/action.yml --action` or `forgejo-runner validate --path .forgejo/workflows/test.yml --workflow` can be used to validate a single file. It is recommended to use these commands to verify existing actions and workflows pass before upgrading to [Forgejo runner v8.0.0](https://code.forgejo.org/forgejo/runner/src/branch/main/RELEASE-NOTES.md#8-0-0) or above to not disrupt existing workflows.<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/768): <!--number 768 --><!--line 0 --><!--description ZmVhdChzZWN1cml0eSk6IHJlY29tbWVuZCBzZWN1cml0eSBpc3N1ZXMgYXJlIHJlcG9ydGVkIHRvIHNlY3VyaXR5QGZvcmdlam8ub3Jn-->feat(security): recommend security issues are reported to <security@forgejo.org><!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/769): <!--number 769 --><!--line 0 --><!--description ZmVhdCh0ZXN0cyk6IGNtZCBleGVjdXRlQ29tbWFuZCBjYXB0dXJlcyBzdGRlcnIgJiBzdGRvdXQ=-->feat(tests): cmd executeCommand captures stderr & stdout<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/753): <!--number 753 --><!--line 0 --><!--description ZmVhdDogbWVyZ2UgZm9yZ2Vqby9hY3QvcGtnIGluIHRoZSBhY3QgZGlyZWN0b3J5-->feat: merge forgejo/act/pkg in the act directory<!--description--> - bug fixes - [PR](https://code.forgejo.org/forgejo/runner/pulls/770): <!--number 770 --><!--line 0 --><!--description Zml4OiBhbGxvdyBleHByZXNzaW9ucyBpbiBhY3Rpb24gZGVzY3JpcHRpb25zIGFuZCBpbmNvbXBsZXRlIGFjdGlvbiBpbnB1dHM=-->fix: allow expressions in action descriptions and incomplete action inputs<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/761): <!--number 761 --><!--line 0 --><!--description Zml4OiB0aGUgdmFycyBjb250ZXh0IGlzIGFsbG93ZWQgaW4gYW4gYWN0aW9uIHN0ZXAgZW52-->fix: the vars context is allowed in an action step env<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/766): <!--number 766 --><!--line 0 --><!--description Zml4OiBhbGxvdyBleHByZXNzaW9ucyBpbiBzdGVwIGFuZCBqb2IgdXNlczo=-->fix: allow expressions in step and job uses:<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/762): <!--number 762 --><!--line 0 --><!--description Zml4KGNpKTogdXNlIGNvZGUuZm9yZ2Vqby5vcmcgaW5zdGVhZCBvZiB0aGUgZG9ja2VyIGh1Yg==-->fix(ci): use code.forgejo.org instead of the docker hub<!--description--> - other - [PR](https://code.forgejo.org/forgejo/runner/pulls/772): <!--number 772 --><!--line 0 --><!--description UmVzdG9yZSBgY29udHJpYi9mb3JnZWpvLXJ1bm5lci5zZXJ2aWNlYA==-->Restore `contrib/forgejo-runner.service`<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/767): <!--number 767 --><!--line 0 --><!--description Y2hvcmU6IHJlbW92ZSB1bnVzZWQvdW5tYWludGFpbmVkIGZpbGVz-->chore: remove unused/unmaintained files<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/759): <!--number 759 --><!--line 0 --><!--description Y2hvcmU6IGEgc2luZ2xlIHRlc3R1dGlscyBmb3IgYm90aCBhY3QgYW5kIHRoZSBydW5uZXI=-->chore: a single testutils for both act and the runner<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/758): <!--number 758 --><!--line 0 --><!--description Y2hvcmU6IHJlbm92YXRlIG11c3Qgbm90IGxvb2sgYXQgYW55IHRlc3RkYXRhIHN1YmRpcmVjdG9yeQ==-->chore: renovate must not look at any testdata subdirectory<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/756): <!--number 756 --><!--line 0 --><!--description Y2hvcmUocmVsZWFzZS1ub3Rlcyk6IGZpbmFsaXplIDkuMC4w-->chore(release-notes): finalize 9.0.0<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/754): <!--number 754 --><!--line 0 --><!--description Y2hvcmU6IHVzZSB0aGUgYWN0IGRpcmVjdG9yeSBpbnN0ZWFkIG9mIGh0dHBzOi8vY29kZS5mb3JnZWpvLm9yZy9mb3JnZWpvL2FjdA==-->chore: use the act directory instead of <https://code.forgejo.org/forgejo/act><!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/752): <!--number 752 --><!--line 0 --><!--description Y2hvcmUoZG9jcyk6IG5ha2VkIGBob3N0YCBzY2hlbWEgaW4gOC4wLjAgaXMgYSBicmVha2luZyBjaGFuZ2U=-->chore(docs): naked `host` schema in 8.0.0 is a breaking change<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/750): <!--number 750 --><!--line 0 --><!--description Y2hvcmU6IGRpc2FibGUgcGFja2FnZSBuYW1lIGNoZWNrcyBmb3IgcmV2aXZlIFtza2lwIGNhc2NhZGVd-->chore: disable package name checks for revive \[skip cascade]<!--description--> <!--end release-notes-assistant--> ### [`v8.0.1`](https://code.forgejo.org/forgejo/runner/blob/HEAD/RELEASE-NOTES.md#801) [Compare Source](https://code.forgejo.org/forgejo/runner/compare/v8.0.0...v8.0.1) - [tolerate strings for fail-fast, max-parallel, timeout-minutes, cancel-timeout-minutes](https://code.forgejo.org/forgejo/act/pulls/203). ### [`v8.0.0`](https://code.forgejo.org/forgejo/runner/blob/HEAD/RELEASE-NOTES.md#800) [Compare Source](https://code.forgejo.org/forgejo/runner/compare/v7.0.0...v8.0.0) - Breaking change: workflows files go through a [schema validation](https://code.forgejo.org/forgejo/act/pulls/170) and will not run if they do not pass. Some existing workflows may have syntax errors that did not prevent them from running with versions 7.0.0 and below but they will no longer work with versions 8.0.0 and above. Existing workflows can be verified and fixed before upgrading by using `forgejo-runner exec --workflows path-to-the-workflow`. For instance in a workflow where `ruins-on` was typed by mistake instead of `runs-on`: ```sh $ forgejo-runner exec --event unknown --workflows ../forgejo/.forgejo/workflows/build-release.yml Error: workflow is not valid. 'build-release.yml': Line: 32 Column 5: Failed to match job-factory: Line: 32 Column 5: Unknown Property ruins-on Line: 32 Column 5: Failed to match workflow-job: Line: 32 Column 5: Unknown Property ruins-on Line: 35 Column 5: Unknown Property steps Forgejo Actions YAML Schema validation error ``` If the error is not immediately obvious, please file an issue with a copy of the failed workflow and revert to using version 7.0.0 until it is resolved. - Breaking change: the logic assigning labels was updated and refactored: - in the absence of a label or a label, [default to `docker://node:22-bookworm` instead of `docker://node:20-bullseye` or `host`](https://code.forgejo.org/forgejo/runner/issues/134). - if the `lxc` scheme is set with no argument, it defaults to `lxc://debian:bookworm` instead of `lxc://debian:bullseye`. - the `host` schema cannot have any argument, it can no longer be `host://-self-hosted` - Breaking change: [bash fallback to sh if it is not available](https://code.forgejo.org/forgejo/runner/issues/150). It will use `bash` instead of `sh` when a container image is explicitly specified in the step. If a workflow depens on that behavior, it will need to be modified to explictly set the shell to `sh`. - Breaking change: [sanitize network aliases to be valid DNS names](https://code.forgejo.org/forgejo/act/pulls/190). It is breaking for workflows with services that rely on host names (derived from the service name or the job name) that do not match `[^A-Z0-9-]+`. They will be sanitized and a message displayed in the logs showing the sanitized name. The service can either be renamed to match the constraint so it can be used as is. Or the sanitized name can be used. For instance of a PostgreSQL service runs as `data.base` it will be sanitized as `data_base`. - [secrets that contain multiple lines are masked from the output](https://code.forgejo.org/forgejo/runner/pulls/661). - [sum256 the container name so derivations do not overflow](https://code.forgejo.org/forgejo/act/pulls/191). </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS40My41IiwidXBkYXRlZEluVmVyIjoiNDEuODEuNiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6W119-->
Update code.forgejo.org/forgejo/runner Docker tag to v9
All checks were successful
/ terraform (push) Successful in 44s
Details
/ ansible (push) Successful in 2m5s
Details
17cf2fd841
renovate force-pushed renovate/code.forgejo.org-forgejo-runner-9.x from 17cf2fd841 to ee272be194 2025-07-31 12:00:27 +01:00 Compare
renovate force-pushed renovate/code.forgejo.org-forgejo-runner-9.x from ee272be194 to 08925d2974 2025-08-02 10:00:27 +01:00 Compare
renovate force-pushed renovate/code.forgejo.org-forgejo-runner-9.x from 08925d2974 to 7ad113ca12 2025-08-05 16:00:41 +01:00 Compare
renovate force-pushed renovate/code.forgejo.org-forgejo-runner-9.x from 7ad113ca12 to c8e35fd7a8 2025-08-19 18:00:37 +01:00 Compare
renovate force-pushed renovate/code.forgejo.org-forgejo-runner-9.x from c8e35fd7a8 to d70f44f9cb 2025-08-21 08:00:33 +01:00 Compare
renovate changed title from Update code.forgejo.org/forgejo/runner Docker tag to v9 to Update code.forgejo.org/forgejo/runner Docker tag to v9 - autoclosed 2025-09-01 14:00:26 +01:00
renovate closed this pull request 2025-09-01 14:00:26 +01:00
All checks were successful
/ terraform (push) Successful in 1m20s
Details
/ ansible (push) Successful in 2m55s
Details

Pull request closed

This pull request cannot be reopened because the branch was deleted.
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: systems/infrastructure#256
No description provided.
Delete branch "renovate/code.forgejo.org-forgejo-runner-9.x"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?