- Define FORGEJO_TOKEN as an alias to GITHUB_TOKEN
- Fixes a regression that was introduced in version 5.0.0 by which it was no longer possible to mount the docker socket in each container by specifying
[container].docker_host = ""
. This is now implemented when[container].docker_host = "automount"
is specified.
- Fixes a regression that was introduced in version 5.0.0 by which skipped jobs were marked as failed instead. The workaround is to change the job log level to debug
[log].job_level: debug
.
- Security: the
/opt/hostedtoolcache
directory is now unique to each job instead of being shared to avoid a risk of corruption. It is still advertised in theRUNNER_TOOL_CACHE
environment variable. Custom container images can be built to pre-populate this directory with frequently used tools and some actions (such assetup-go
) will benefit from that.
- Breaking change: the default configuration for
docker_host
is changed to not mounting the docker server socket even when no configuration file is provided. - Add job_level logging option to config to make the logging level of jobs configurable. Change default from "trace" to "info".
- Don't log job output when debug logging is not enabled. This reduces the default amount of log output of the runner.
- Do not panic when the number of arguments of a function evaluated in an expression is incorect.
- Breaking change: fix the default configuration for
docker_host
is changed to not mounting the docker server socket. - Remove debug information from the setup of a workflow.
- Fix crash in some cases when the YAML structure is not as expected.
- Fix CVE-2024-24557
- Add report_interval option to config to allow setting the interval of status and log reports
- Allow graceful shutdowns: when receiving a signal (INT or TERM) wait for running jobs to complete (up to shutdown_timeout).
- Fix label declaration: Runner in daemon mode now takes labels found in config.yml into account when declaration was successful.
- Fix the docker compose example to workaround the race on labels.
- Fix the kubernetes dind example.
- Rewrite ::group:: and ::endgroup:: commands like github.
- Added opencontainers labels to the image
- Upgrade the default container to node:20
- Fixes a regression introduced in 3.4.0 by which a job with no image explicitly set would be bound to the host network instead of a custom network (empty string in the configuration file).
Although this version is able to run actions/upload-artifact@v4 and actions/download-artifact@v4, these actions will fail because it does not run against GitHub.com. A fork of those two actions with this check disabled is made available at:
- https://code.forgejo.org/forgejo/upload-artifact/src/tag/v4
- https://code.forgejo.org/forgejo/download-artifact/src/tag/v4
and they can be used as shown in an example from the end-to-end test suite.
- When running against codeberg.org, the default poll frequency is 30s instead of 2s.
- Fix compatibility issue with actions/{upload,download}-artifact@v4.
- Upgrade ACT v1.20.0 which brings:
[container].options
from the config file is exposed in containers created by the workflows- the expressions in the value of
jobs.<job-id>.runs-on
are evaluated - fix a bug causing the evaluated expression of
jobs.<job-id>.runs-on
to fail if it was an array - mount
act-toolcache:/opt/hostedtoolcache
instead ofact-toolcache:/toolcache
- a few improvements to the readability of the error messages displayed in the logs
amd64
can be used instead ofx86_64
andarm64
intead ofaarch64
when specifying the architecture- fixed YAML parsing bugs preventing dispatch workflows to be parsed correctly
- add support for
runs-on.labels
which is equivalent toruns-on
followed by a list of labels - the expressions in the service
ports
andvolumes
values are evaluated - network aliases are only supported when the network is user specified, not when it is provided by the runner
- If
[runner].insecure
is true in the configuration, insecure cloning actions is allowed
- Support IPv6 with addresses from a private range and NAT for docker:// with --enable-ipv6 and [container].enable_ipv6 lxc:// always
- Support LXC container capabilities via
lxc:lxc://debian:bookworm:k8s
orlxc:lxc://debian:bookworm:docker lxc k8s
- Update ACT v1.16.0 to resolve a race condition when bootstraping LXC templates
The self-hosted
label that was hardwired to be a LXC container
running debian:bullseye
was reworked and documented (user guide and admin guide).
There now are two different schemes: lxc://
for LXC containers and
host://
for running directly on the host.
- Support the
host://
scheme for running directly on the host. - Support the
lxc://
scheme in labels - Update code.forgejo.org/forgejo/act v1.14.0 to implement both self-hosted and LXC schemes
- Update code.forgejo.org/forgejo/act v1.13.0 to keep up with github.com/nektos/act
- Update code.forgejo.org/forgejo/act v1.12.0 to upgrade the node installed in the LXC container to node20
- Update code.forgejo.org/forgejo/act v1.11.0 to resolve a bug preventing actions based on node20 from running, such as checkout@v4.
- Publish a rootless OCI image
- Refactor the release process
- Add support for offline registration.