feat: ipv6 options for network container creation (#1029 )

Here is a final proposal for ipv6 enablement on temporary network created by gitea runner --------- Co-authored-by: Nicolas <bircni@icloud.com> Co-authored-by: Nicolas Schwartz <9308314+StarAurryon@users.noreply.github.com> Reviewed-on: https://gitea.com/gitea/runner/pulls/1029 Reviewed-by: Nicolas <bircni@icloud.com> Co-authored-by: StarAurryon <206206+staraurryon@noreply.gitea.com> Co-committed-by: StarAurryon <206206+staraurryon@noreply.gitea.com>
fix(cleanup): kill Unix step process group on cancel to avoid hang (#1025 )
2026-06-15 14:24:22 +02:00 · 2026-06-15 05:05:20 +00:00 · 2026-06-14 20:52:42 +00:00 · 2026-06-14 20:43:19 +00:00 · 2026-06-14 14:14:43 +00:00 · 2026-06-13 01:56:12 +00:00
113 changed files with 3580 additions and 1454 deletions
--- a/.gitea/workflows/test.yml
+++ b/.gitea/workflows/test.yml
@@ -9,14 +9,36 @@ jobs:
  lint:
    name: check and test
    runs-on: ubuntu-latest
    env:
      # The runner image ships a stale docker.io login; point docker at an empty config so
      # image pulls go straight to anonymous instead of attempting (and failing) that auth
      # first. The path must be a literal: the `runner` context is unavailable in job-level
      # env, so `${{ runner.temp }}` would resolve to empty and config.Dir() would fall back
      # to ~/.docker with the stale credentials.
      DOCKER_CONFIG: /tmp/docker-noauth
    steps:
      - uses: actions/checkout@v6
      - uses: actions/setup-go@v6
        with:
          go-version-file: 'go.mod'
      - name: prepare anonymous docker config
        run: mkdir -p "$DOCKER_CONFIG" && echo '{}' > "$DOCKER_CONFIG/config.json"
      # Pre-pull act/runner's two largest base images so a slow pull can't dominate `make test`;
      # the rest (alpine/ubuntu) pull on demand, absorbed by the make-test -timeout. The host
      # daemon retains them between runs, so this is usually a fast manifest re-check.
      - name: pre-pull test images
        run: |
          for img in node:24-bookworm-slim nginx:alpine; do
            for try in 1 2 3; do docker pull "$img" && break || sleep 5; done
          done
      - name: lint
        run: make lint
      - name: build
        run: make build
      - name: test
        run: make test
      # Build the dind image and run the daemon-facing tests against the docker version it
      # ships, catching daemon-level regressions (e.g. gitea/runner#981) before release. Runs
      # after `make test` so the images it needs are already present on the host daemon.
      - name: test against dind image
        run: make test-dind
--- a/6
+++ b/6
@@ -17,7 +17,7 @@ RUN make clean && make build
 ### DIND VARIANT
 #
 #
-FROM docker:29.5.2-dind AS dind
+FROM docker:29.5.3-dind AS dind
 ARG VERSION=dev
@@ -37,7 +37,7 @@ ENTRYPOINT ["s6-svscan","/etc/s6"]
 ### DIND-ROOTLESS VARIANT
 #
 #
-FROM docker:29.5.2-dind-rootless AS dind-rootless
+FROM docker:29.5.3-dind-rootless AS dind-rootless
 ARG VERSION=dev
@@ -63,7 +63,7 @@ ENTRYPOINT ["s6-svscan","/etc/s6"]
 ### BASIC VARIANT
 #
 #
-FROM alpine:3.23 AS basic
+FROM alpine:3.24 AS basic
 ARG VERSION=dev
--- a/8
+++ b/8
@@ -140,8 +140,12 @@ tidy-check: tidy
 	fi
 .PHONY: test
-test: fmt-check security-check ## test everything
+test: fmt-check security-check ## test everything (integration tests self-skip without docker/network)
-	@$(GO) test -race -short -v -cover -coverprofile coverage.txt ./... && echo "\n==>\033[32m Ok\033[m\n" || exit 1
+	@$(GO) test -race -timeout 20m -v -cover -coverprofile coverage.txt ./... && echo "\n==>\033[32m Ok\033[m\n" || exit 1
 .PHONY: test-dind
 test-dind: ## run the daemon-facing tests against the built dind image (TARGET=dind|dind-rootless)
 	@./scripts/test-dind.sh $(TARGET)
 .PHONY: install
 install: $(GOFILES) ## install the runner binary via `go install`
--- a/README.md
+++ b/README.md
@@ -85,6 +85,44 @@ docker run -e GITEA_INSTANCE_URL=https://your_gitea.com -e GITEA_RUNNER_REGISTRA
 Mount a volume on `/data` if you want the registration file and optional config to survive container recreation (see [scripts/run.sh](scripts/run.sh)).
 ### Image flavours
 The image is published in three flavours, all built from the single multi-stage [Dockerfile](Dockerfile) in this repository. They differ only in how a Docker daemon is made available to the jobs the runner executes; the `gitea-runner` binary inside them is identical.
 | Tag | Build target | Base image | Docker daemon | Process supervisor | Runs as |
 | --- | --- | --- | --- | --- | --- |
 | `latest` (and `<version>`) | `basic` | `alpine` | none — uses an external daemon you provide | [`tini`](https://github.com/krallin/tini) | `root` |
 | `latest-dind` | `dind` | `docker:dind` | bundled, started inside the container | [`s6`](https://skarnet.org/software/s6/) | `root` (privileged) |
 | `latest-dind-rootless` | `dind-rootless` | `docker:dind-rootless` | bundled, started rootless inside the container | [`s6`](https://skarnet.org/software/s6/) | `rootless` (UID 1000) |
 #### `latest` — basic
 The default flavour ships only the runner on a minimal Alpine base. It contains **no Docker daemon of its own**: jobs that use `docker://` images need a daemon supplied from outside the container, typically by bind-mounting the host's socket:
 ```bash
 docker run -e GITEA_INSTANCE_URL=https://your_gitea.com -e GITEA_RUNNER_REGISTRATION_TOKEN=<your_token> \
  -v /var/run/docker.sock:/var/run/docker.sock --name my_runner gitea/runner:latest
 ```
 `tini` is the entrypoint (it reaps zombie processes), and it just runs [`scripts/run.sh`](scripts/run.sh), which registers the runner on first start and then execs `gitea-runner daemon`. This flavour does not need `--privileged`. The trade-off is that jobs share the host's daemon, so they can see other containers and images on that daemon.
 #### `latest-dind` — Docker-in-Docker
 This flavour is based on the official `docker:dind` image and bundles its own Docker daemon, so it needs no external socket — only the `--privileged` flag that Docker-in-Docker requires:
 ```bash
 docker run --privileged -e GITEA_INSTANCE_URL=https://your_gitea.com -e GITEA_RUNNER_REGISTRATION_TOKEN=<your_token> \
  --name my_runner gitea/runner:latest-dind
 ```
 Two processes have to run side by side here (the Docker daemon and the runner), so the entrypoint is the [`s6`](https://skarnet.org/software/s6/) supervision tree under [`scripts/s6`](scripts/s6) instead of `tini`. `s6` starts `dockerd`, and the runner service waits for the daemon to come up (`s6-svwait`) before launching [`run.sh`](scripts/run.sh). Each container has a private daemon isolated from the host's, at the cost of running privileged.
 #### `latest-dind-rootless` — rootless Docker-in-Docker
 Same idea as `dind`, but built on `docker:dind-rootless` so the bundled daemon and the runner run as an unprivileged user (`rootless`, UID 1000) rather than `root`. `DOCKER_HOST` is preset to `unix:///run/user/1000/docker.sock` so the runner talks to the rootless daemon. This reduces the blast radius compared to the privileged `dind` flavour, but rootless Docker carries the usual rootless limitations (networking, cgroups, storage drivers, and some operations that need additional host configuration such as `/etc/subuid` / `/etc/subgid` mappings and unprivileged user-namespace support).
 > **Note on Podman:** these images target the Docker daemon. The bundled `dind`/`dind-rootless` daemons are `dockerd`, not Podman, and the `basic` flavour expects a Docker-compatible socket. Running them under rootless Podman is not a supported configuration, though pointing the `basic` flavour at a Podman socket that emulates the Docker API may work for some workloads.
 ### Configuration
 The runner is configured with a YAML file. Generate a starting point (this matches what ships in the tree):
--- a/act/artifacts/server_test.go
+++ b/act/artifacts/server_test.go
@@ -5,24 +5,25 @@
 package artifacts
 import (
-	"context"
+	"bytes"
 	"compress/gzip"
 	"encoding/json"
 	"fmt"
 	"io"
 	"maps"
 	"net/http"
 	"net/http/httptest"
 	"net/url"
 	"os"
 	"path"
 	"path/filepath"
 	"strings"
 	"testing"
 	"testing/fstest"
-
+	"time"
 	"gitea.com/gitea/runner/act/model"
 	"gitea.com/gitea/runner/act/runner"
 	"github.com/julienschmidt/httprouter"
 	log "github.com/sirupsen/logrus"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 type writableMapFile struct {
@@ -234,89 +235,133 @@ func TestDownloadArtifactFile(t *testing.T) {
 	assert.Equal("content", string(data))
 }
-type TestJobFileInfo struct {
+// TestArtifactFlow drives the real Serve() artifact server over a loopback socket, exercising
-	workdir               string
+// the same upload -> finalize -> list -> download protocol the upload-artifact/download-artifact
-	workflowPath          string
+// actions speak. Running it in-process (rather than from a job container) keeps it network-free
-	eventName             string
+// and reachable everywhere, including when the CI job is itself a container.
 	errorMessage          string
 	platforms             map[string]string
 	containerArchitecture string
 }
 var (
 	artifactsPath = path.Join(os.TempDir(), "test-artifacts")
 	artifactsAddr = "127.0.0.1"
 	artifactsPort = "12345"
 )
 func TestArtifactFlow(t *testing.T) {
-	if testing.Short() {
+	artifactPath := t.TempDir()
-		t.Skip("skipping integration test")
+
 	// Serve the exact routes Serve() wires up, on a real loopback socket via httptest. httptest
 	// picks a free port and Close() tears the server down synchronously — avoiding both the
 	// port-rebind race and Serve()'s detached ListenAndServe goroutine, which logger.Fatal()s
 	// (process exit) on a bind error and can outlive the test's temp-dir cleanup.
 	router := httprouter.New()
 	fsys := readWriteFSImpl{}
 	uploads(router, artifactPath, fsys)
 	downloads(router, artifactPath, fsys)
 	server := httptest.NewServer(router)
 	defer server.Close()
 	baseURL := server.URL
 	client := server.Client()
 	client.Timeout = 5 * time.Second
 	// request performs one HTTP call and returns the status and body. The default transport adds
 	// Accept-Encoding: gzip and transparently decompresses, so gzipped downloads come back plain.
 	request := func(t *testing.T, method, rawURL string, body io.Reader, header http.Header) (int, []byte) {
 		t.Helper()
 		req, err := http.NewRequest(method, rawURL, body)
 		require.NoError(t, err)
 		maps.Copy(req.Header, header)
 		resp, err := client.Do(req)
 		require.NoError(t, err)
 		defer resp.Body.Close()
 		data, err := io.ReadAll(resp.Body)
 		require.NoError(t, err)
 		return resp.StatusCode, data
 	}
-	ctx := context.Background()
+	t.Run("upload-and-download", func(t *testing.T) {
 		const runID, item, content = "1", "my-artifact/data.txt", "hello artifact\n"
-	cancel := Serve(ctx, artifactsPath, artifactsAddr, artifactsPort)
+		status, data := request(t, http.MethodPost, baseURL+"/_apis/pipelines/workflows/"+runID+"/artifacts", nil, nil)
-	defer cancel()
+		require.Equal(t, http.StatusOK, status, string(data))
 		var prep FileContainerResourceURL
 		require.NoError(t, json.Unmarshal(data, &prep))
 		require.Equal(t, baseURL+"/upload/"+runID, prep.FileContainerResourceURL)
-	platforms := map[string]string{
+		status, data = request(t, http.MethodPut, prep.FileContainerResourceURL+"?itemPath="+url.QueryEscape(item), strings.NewReader(content), nil)
-		"ubuntu-latest": "node:24-bookworm", // Don't use node:24-bookworm-slim because it doesn't have curl command, which is used in the tests
+		require.Equal(t, http.StatusOK, status, string(data))
-	}
+		var msg ResponseMessage
 		require.NoError(t, json.Unmarshal(data, &msg))
 		require.Equal(t, "success", msg.Message)
-	tables := []TestJobFileInfo{
+		status, data = request(t, http.MethodPatch, baseURL+"/_apis/pipelines/workflows/"+runID+"/artifacts", nil, nil)
-		{"testdata", "upload-and-download", "push", "", platforms, ""},
+		require.Equal(t, http.StatusOK, status, string(data))
 		{"testdata", "GHSL-2023-004", "push", "", platforms, ""},
 	}
 	log.SetLevel(log.DebugLevel)
-	for _, table := range tables {
+		status, data = request(t, http.MethodGet, baseURL+"/_apis/pipelines/workflows/"+runID+"/artifacts", nil, nil)
-		runTestJobFile(ctx, t, table)
+		require.Equal(t, http.StatusOK, status, string(data))
-	}
+		var list NamedFileContainerResourceURLResponse
-}
+		require.NoError(t, json.Unmarshal(data, &list))
 		require.Equal(t, 1, list.Count)
 		require.Equal(t, "my-artifact", list.Value[0].Name)
-func runTestJobFile(ctx context.Context, t *testing.T, tjfi TestJobFileInfo) {
+		status, data = request(t, http.MethodGet, list.Value[0].FileContainerResourceURL+"?itemPath=my-artifact", nil, nil)
-	t.Run(tjfi.workflowPath, func(t *testing.T) {
+		require.Equal(t, http.StatusOK, status, string(data))
-		fmt.Printf("::group::%s\n", tjfi.workflowPath) //nolint:forbidigo // pre-existing issue from nektos/act
+		var items ContainerItemResponse
 		require.NoError(t, json.Unmarshal(data, &items))
 		require.Len(t, items.Value, 1)
 		require.Equal(t, "file", items.Value[0].ItemType)
 		require.Equal(t, "my-artifact/data.txt", items.Value[0].Path)
-		if err := os.RemoveAll(artifactsPath); err != nil {
+		status, data = request(t, http.MethodGet, items.Value[0].ContentLocation, nil, nil)
-			panic(err)
+		require.Equal(t, http.StatusOK, status)
-		}
+		require.Equal(t, content, string(data))
-		workdir, err := filepath.Abs(tjfi.workdir)
+		stored, err := os.ReadFile(filepath.Join(artifactPath, runID, "my-artifact", "data.txt"))
-		assert.NoError(t, err, workdir) //nolint:testifylint // pre-existing issue from nektos/act
+		require.NoError(t, err)
-		fullWorkflowPath := filepath.Join(workdir, tjfi.workflowPath)
+		require.Equal(t, content, string(stored))
-		runnerConfig := &runner.Config{
+	})
 			Workdir:               workdir,
 			BindWorkdir:           false,
 			EventName:             tjfi.eventName,
 			Platforms:             tjfi.platforms,
 			ReuseContainers:       false,
 			ContainerArchitecture: tjfi.containerArchitecture,
 			GitHubInstance:        "github.com",
 			ArtifactServerPath:    artifactsPath,
 			ArtifactServerAddr:    artifactsAddr,
 			ArtifactServerPort:    artifactsPort,
 		}
-		runner, err := runner.New(runnerConfig)
+	t.Run("gzip-roundtrip", func(t *testing.T) {
-		assert.NoError(t, err, tjfi.workflowPath) //nolint:testifylint // pre-existing issue from nektos/act
+		const runID, item, content = "2", "logs/app.log", "compressed payload\n"
-		planner, err := model.NewWorkflowPlanner(fullWorkflowPath, true)
+		var buf bytes.Buffer
-		assert.NoError(t, err, fullWorkflowPath) //nolint:testifylint // pre-existing issue from nektos/act
+		gz := gzip.NewWriter(&buf)
 		_, err := gz.Write([]byte(content))
 		require.NoError(t, err)
 		require.NoError(t, gz.Close())
-		plan, err := planner.PlanEvent(tjfi.eventName)
+		status, data := request(t, http.MethodPut, baseURL+"/upload/"+runID+"?itemPath="+url.QueryEscape(item),
-		if err == nil {
+			&buf, http.Header{"Content-Encoding": []string{"gzip"}})
-			err = runner.NewPlanExecutor(plan)(ctx)
+		require.Equal(t, http.StatusOK, status, string(data))
 			if tjfi.errorMessage == "" {
 				assert.NoError(t, err, fullWorkflowPath) //nolint:testifylint // pre-existing issue from nektos/act
 			} else {
 				assert.Error(t, err, tjfi.errorMessage) //nolint:testifylint // pre-existing issue from nektos/act
 			}
 		} else {
 			assert.Nil(t, plan)
 		}
-		fmt.Println("::endgroup::") //nolint:forbidigo // pre-existing issue from nektos/act
+		// stored compressed, with the server's gzip marker suffix
 		_, err = os.Stat(filepath.Join(artifactPath, runID, "logs", "app.log.gz__"))
 		require.NoError(t, err)
 		status, data = request(t, http.MethodGet, baseURL+"/download/"+runID+"?itemPath=logs", nil, nil)
 		require.Equal(t, http.StatusOK, status, string(data))
 		var items ContainerItemResponse
 		require.NoError(t, json.Unmarshal(data, &items))
 		require.Len(t, items.Value, 1)
 		require.Equal(t, "logs/app.log", items.Value[0].Path)
 		status, data = request(t, http.MethodGet, items.Value[0].ContentLocation, nil, nil)
 		require.Equal(t, http.StatusOK, status)
 		require.Equal(t, content, string(data))
 	})
 	// GHSL-2023-004: an itemPath that climbs out of the run directory must be neutralised so the
 	// blob cannot be written outside the artifact root.
 	t.Run("GHSL-2023-004", func(t *testing.T) {
 		const runID, content = "3", "contained\n"
 		status, data := request(t, http.MethodPut, baseURL+"/upload/"+runID+"?itemPath="+url.QueryEscape("../../escape.txt"),
 			strings.NewReader(content), nil)
 		require.Equal(t, http.StatusOK, status, string(data))
 		stored, err := os.ReadFile(filepath.Join(artifactPath, runID, "escape.txt"))
 		require.NoError(t, err)
 		require.Equal(t, content, string(stored))
 		_, err = os.Stat(filepath.Join(filepath.Dir(artifactPath), "escape.txt"))
 		require.True(t, os.IsNotExist(err), "upload escaped the artifact root")
 		status, data = request(t, http.MethodGet, baseURL+"/artifact/"+runID+"/escape.txt", nil, nil)
 		require.Equal(t, http.StatusOK, status)
 		require.Equal(t, content, string(data))
 	})
 }
--- a/act/artifacts/testdata/GHSL-2023-004/artifacts.yml
+++ b/act/artifacts/testdata/GHSL-2023-004/artifacts.yml
@@ -1,39 +0,0 @@
 name: "GHSL-2023-0004"
 on: push
 jobs:
  test-artifacts:
    runs-on: ubuntu-latest
    steps:
      - run: echo "hello world" > test.txt
      - name: curl upload
        run: curl --silent --show-error --fail ${ACTIONS_RUNTIME_URL}upload/1?itemPath=../../my-artifact/secret.txt --upload-file test.txt
      - uses: actions/download-artifact@v2
        with:
          name: my-artifact
          path: test-artifacts
      - name: 'Verify Artifact #1'
        run: |
          file="test-artifacts/secret.txt"
          if [ ! -f $file ] ; then
            echo "Expected file does not exist"
            exit 1
          fi
          if [ "$(cat $file)" != "hello world" ] ; then
            echo "File contents of downloaded artifact are incorrect"
            exit 1
          fi
      - name: Verify download should work by clean extra dots
        run: curl --silent --show-error --fail --path-as-is -o out.txt ${ACTIONS_RUNTIME_URL}artifact/1/../../../1/my-artifact/secret.txt
      - name: 'Verify download content'
        run: |
          file="out.txt"
          if [ ! -f $file ] ; then
            echo "Expected file does not exist"
            exit 1
          fi
          if [ "$(cat $file)" != "hello world" ] ; then
            echo "File contents of downloaded artifact are incorrect"
            exit 1
          fi
--- a/act/artifacts/testdata/upload-and-download/artifacts.yml
+++ b/act/artifacts/testdata/upload-and-download/artifacts.yml
@@ -1,230 +0,0 @@
 name: "Test that artifact uploads and downloads succeed"
 on: push
 jobs:
  test-artifacts:
    runs-on: ubuntu-latest
    steps:
      - run: mkdir -p path/to/artifact
      - run: echo hello > path/to/artifact/world.txt
      - uses: actions/upload-artifact@v2
        with:
          name: my-artifact
          path: path/to/artifact/world.txt
      - run: rm -rf path
      - uses: actions/download-artifact@v2
        with:
          name: my-artifact
      - name: Display structure of downloaded files
        run: ls -la
      # Test end-to-end by uploading two artifacts and then downloading them
      - name: Create artifact files
        run: |
          mkdir -p path/to/dir-1
          mkdir -p path/to/dir-2
          mkdir -p path/to/dir-3
          mkdir -p path/to/dir-5
          mkdir -p path/to/dir-6
          mkdir -p path/to/dir-7
          echo "Lorem ipsum dolor sit amet" > path/to/dir-1/file1.txt
          echo "Hello world from file #2" > path/to/dir-2/file2.txt
          echo "This is a going to be a test for a large enough file that should get compressed with GZip. The @actions/artifact package uses GZip to upload files. This text should have a compression ratio greater than 100% so it should get uploaded using GZip" > path/to/dir-3/gzip.txt
          dd if=/dev/random of=path/to/dir-5/file5.rnd bs=1024 count=1024
          dd if=/dev/random of=path/to/dir-6/file6.rnd bs=1024 count=$((10*1024))
          dd if=/dev/random of=path/to/dir-7/file7.rnd bs=1024 count=$((10*1024))
      # Upload a single file artifact
      - name: 'Upload artifact #1'
        uses: actions/upload-artifact@v2
        with:
          name: 'Artifact-A'
          path: path/to/dir-1/file1.txt
      # Upload using a wildcard pattern, name should default to 'artifact' if not provided
      - name: 'Upload artifact #2'
        uses: actions/upload-artifact@v2
        with:
          path: path/**/dir*/
      # Upload a directory that contains a file that will be uploaded with GZip
      - name: 'Upload artifact #3'
        uses: actions/upload-artifact@v2
        with:
          name: 'GZip-Artifact'
          path: path/to/dir-3/
      # Upload a directory that contains a file that will be uploaded with GZip
      - name: 'Upload artifact #4'
        uses: actions/upload-artifact@v2
        with:
          name: 'Multi-Path-Artifact'
          path: |
            path/to/dir-1/*
            path/to/dir-[23]/*
            !path/to/dir-3/*.txt
      # Upload a mid-size file artifact
      - name: 'Upload artifact #5'
        uses: actions/upload-artifact@v2
        with:
          name: 'Mid-Size-Artifact'
          path: path/to/dir-5/file5.rnd
      # Upload a big file artifact
      - name: 'Upload artifact #6'
        uses: actions/upload-artifact@v2
        with:
          name: 'Big-Artifact'
          path: path/to/dir-6/file6.rnd
      # Upload a big file artifact twice
      - name: 'Upload artifact #7 (First)'
        uses: actions/upload-artifact@v2
        with:
          name: 'Big-Uploaded-Twice'
          path: path/to/dir-7/file7.rnd
      # Upload a big file artifact twice
      - name: 'Upload artifact #7 (Second)'
        uses: actions/upload-artifact@v2
        with:
          name: 'Big-Uploaded-Twice'
          path: path/to/dir-7/file7.rnd
      # Verify artifacts. Switch to download-artifact@v2 once it's out of preview
      # Download Artifact #1 and verify the correctness of the content
      - name: 'Download artifact #1'
        uses: actions/download-artifact@v2
        with:
          name: 'Artifact-A'
          path: some/new/path
      - name: 'Verify Artifact #1'
        run: |
          file="some/new/path/file1.txt"
          if [ ! -f $file ] ; then
            echo "Expected file does not exist"
            exit 1
          fi
          if [ "$(cat $file)" != "Lorem ipsum dolor sit amet" ] ; then
            echo "File contents of downloaded artifact are incorrect"
            exit 1
          fi
      # Download Artifact #2 and verify the correctness of the content
      - name: 'Download artifact #2'
        uses: actions/download-artifact@v2
        with:
          name: 'artifact'
          path: some/other/path
      - name: 'Verify Artifact #2'
        run: |
          file1="some/other/path/to/dir-1/file1.txt"
          file2="some/other/path/to/dir-2/file2.txt"
          if [ ! -f $file1 -o ! -f $file2 ] ; then
            echo "Expected files do not exist"
            exit 1
          fi
          if [ "$(cat $file1)" != "Lorem ipsum dolor sit amet" -o "$(cat $file2)" != "Hello world from file #2" ] ; then
            echo "File contents of downloaded artifacts are incorrect"
            exit 1
          fi
      # Download Artifact #3 and verify the correctness of the content
      - name: 'Download artifact #3'
        uses: actions/download-artifact@v2
        with:
          name: 'GZip-Artifact'
          path: gzip/artifact/path
      # Because a directory was used as input during the upload the parent directories, path/to/dir-3/, should not be included in the uploaded artifact
      - name: 'Verify Artifact #3'
        run: |
          gzipFile="gzip/artifact/path/gzip.txt"
          if [ ! -f $gzipFile ] ; then
            echo "Expected file do not exist"
            exit 1
          fi
          if [ "$(cat $gzipFile)" != "This is a going to be a test for a large enough file that should get compressed with GZip. The @actions/artifact package uses GZip to upload files. This text should have a compression ratio greater than 100% so it should get uploaded using GZip" ] ; then
            echo "File contents of downloaded artifact is incorrect"
            exit 1
          fi
      - name: 'Download artifact #4'
        uses: actions/download-artifact@v2
        with:
          name: 'Multi-Path-Artifact'
          path: multi/artifact
      - name: 'Verify Artifact #4'
        run: |
          file1="multi/artifact/dir-1/file1.txt"
          file2="multi/artifact/dir-2/file2.txt"
          if [ ! -f $file1 -o ! -f $file2 ] ; then
            echo "Expected files do not exist"
            exit 1
          fi
          if [ "$(cat $file1)" != "Lorem ipsum dolor sit amet" -o "$(cat $file2)" != "Hello world from file #2" ] ; then
            echo "File contents of downloaded artifacts are incorrect"
            exit 1
          fi
      - name: 'Download artifact #5'
        uses: actions/download-artifact@v2
        with:
          name: 'Mid-Size-Artifact'
          path: mid-size/artifact/path
      - name: 'Verify Artifact #5'
        run: |
          file="mid-size/artifact/path/file5.rnd"
          if [ ! -f $file ] ; then
            echo "Expected file does not exist"
            exit 1
          fi
          if ! diff $file path/to/dir-5/file5.rnd ; then
            echo "File contents of downloaded artifact are incorrect"
            exit 1
          fi
      - name: 'Download artifact #6'
        uses: actions/download-artifact@v2
        with:
          name: 'Big-Artifact'
          path: big/artifact/path
      - name: 'Verify Artifact #6'
        run: |
          file="big/artifact/path/file6.rnd"
          if [ ! -f $file ] ; then
            echo "Expected file does not exist"
            exit 1
          fi
          if ! diff $file path/to/dir-6/file6.rnd ; then
            echo "File contents of downloaded artifact are incorrect"
            exit 1
          fi
      - name: 'Download artifact #7'
        uses: actions/download-artifact@v2
        with:
          name: 'Big-Uploaded-Twice'
          path: big-uploaded-twice/artifact/path
      - name: 'Verify Artifact #7'
        run: |
          file="big-uploaded-twice/artifact/path/file7.rnd"
          if [ ! -f $file ] ; then
            echo "Expected file does not exist"
            exit 1
          fi
          if ! diff $file path/to/dir-7/file7.rnd ; then
            echo "File contents of downloaded artifact are incorrect"
            exit 1
          fi
--- a/act/common/executor_parallel_advanced_test.go
+++ b/act/common/executor_parallel_advanced_test.go
@@ -170,68 +170,6 @@ func TestMaxParallelWithErrors(t *testing.T) {
 	})
 }
 // TestMaxParallelPerformance tests performance characteristics
 func TestMaxParallelPerformance(t *testing.T) {
 	if testing.Short() {
 		t.Skip("Skipping performance test in short mode")
 	}
 	t.Run("ParallelFasterThanSequential", func(t *testing.T) {
 		executors := make([]Executor, 10)
 		for i := range 10 {
 			executors[i] = func(ctx context.Context) error {
 				time.Sleep(50 * time.Millisecond)
 				return nil
 			}
 		}
 		ctx := context.Background()
 		// Sequential (max-parallel=1)
 		start := time.Now()
 		err := NewParallelExecutor(1, executors...)(ctx)
 		sequentialDuration := time.Since(start)
 		assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
 		// Parallel (max-parallel=5)
 		start = time.Now()
 		err = NewParallelExecutor(5, executors...)(ctx)
 		parallelDuration := time.Since(start)
 		assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
 		// Parallel should be significantly faster
 		assert.Less(t, parallelDuration, sequentialDuration/2,
 			"Parallel execution should be at least 2x faster")
 	})
 	t.Run("OptimalWorkerCount", func(t *testing.T) {
 		executors := make([]Executor, 20)
 		for i := range 20 {
 			executors[i] = func(ctx context.Context) error {
 				time.Sleep(10 * time.Millisecond)
 				return nil
 			}
 		}
 		ctx := context.Background()
 		// Test with different worker counts
 		workerCounts := []int{1, 2, 5, 10, 20}
 		durations := make(map[int]time.Duration)
 		for _, count := range workerCounts {
 			start := time.Now()
 			err := NewParallelExecutor(count, executors...)(ctx)
 			durations[count] = time.Since(start)
 			assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
 		}
 		// More workers should generally be faster (up to a point)
 		assert.Less(t, durations[5], durations[1], "5 workers should be faster than 1")
 		assert.Less(t, durations[10], durations[2], "10 workers should be faster than 2")
 	})
 }
 // TestMaxParallelResourceSharing tests resource sharing scenarios
 func TestMaxParallelResourceSharing(t *testing.T) {
 	t.Run("SharedResourceWithMutex", func(t *testing.T) {
--- a/act/common/git/git.go
+++ b/act/common/git/git.go
@@ -66,8 +66,21 @@ func (e *Error) Commit() string {
 	return e.commit
 }
 // goGitMu serializes go-git repository access across the process. go-git is not safe for
 // concurrent use of the same repository (even read access decodes packfiles into shared
 // state), so parallel jobs inspecting the shared workdir repo race without this. The guarded
 // operations are fast local reads; gitea runs one job per process, so the lock is effectively
 // uncontended in production.
 var goGitMu sync.Mutex
 // FindGitRevision get the current git revision
 func FindGitRevision(ctx context.Context, file string) (shortSha, sha string, err error) {
 	goGitMu.Lock()
 	defer goGitMu.Unlock()
 	return findGitRevision(ctx, file)
 }
 func findGitRevision(ctx context.Context, file string) (shortSha, sha string, err error) {
 	logger := common.Logger(ctx)
 	gitDir, err := git.PlainOpenWithOptions(
@@ -99,10 +112,13 @@ func FindGitRevision(ctx context.Context, file string) (shortSha, sha string, er
 // FindGitRef get the current git ref
 func FindGitRef(ctx context.Context, file string) (string, error) {
 	goGitMu.Lock()
 	defer goGitMu.Unlock()
 	logger := common.Logger(ctx)
 	logger.Debugf("Loading revision from git directory")
-	_, ref, err := FindGitRevision(ctx, file)
+	_, ref, err := findGitRevision(ctx, file)
 	if err != nil {
 		return "", err
 	}
@@ -174,6 +190,8 @@ func FindGitRef(ctx context.Context, file string) (string, error) {
 // FindGithubRepo get the repo
 func FindGithubRepo(ctx context.Context, file, githubInstance, remoteName string) (string, error) {
 	goGitMu.Lock()
 	defer goGitMu.Unlock()
 	if remoteName == "" {
 		remoteName = "origin"
 	}
@@ -247,8 +265,23 @@ type NewGitCloneExecutorInput struct {
 func CloneIfRequired(ctx context.Context, refName plumbing.ReferenceName, input NewGitCloneExecutorInput, logger log.FieldLogger) (*git.Repository, bool, error) {
 	r, err := git.PlainOpen(input.Dir)
 	if err == nil {
-		// Reuse existing clone
+		// Verify the cached clone still points to the resolved URL before reusing it.
-		return r, true, nil
+		remote, err := r.Remote("origin")
 		if err == nil && len(remote.Config().URLs) > 0 && remote.Config().URLs[0] == input.URL {
 			// Reuse existing clone
 			return r, true, nil
 		}
 		if err != nil {
 			logger.Debugf("Removing cached clone at %s because origin cannot be read: %v", input.Dir, err)
 		} else if len(remote.Config().URLs) == 0 {
 			logger.Debugf("Removing cached clone at %s because origin has no URL", input.Dir)
 		} else {
 			logger.Debugf("Removing cached clone at %s because origin URL changed from %s to %s", input.Dir, remote.Config().URLs[0], input.URL)
 		}
 		if err := os.RemoveAll(input.Dir); err != nil {
 			return nil, false, fmt.Errorf("remove cached clone %s: %w", input.Dir, err)
 		}
 	}
 	var progressWriter io.Writer
--- a/act/common/git/git_test.go
+++ b/act/common/git/git_test.go
@@ -16,7 +16,6 @@ import (
 	"testing"
 	"time"
 	log "github.com/sirupsen/logrus"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
@@ -50,10 +49,6 @@ func TestFindGitSlug(t *testing.T) {
 	}
 }
 func testDir(t *testing.T) string {
 	return t.TempDir()
 }
 func cleanGitHooks(dir string) error {
 	hooksDir := filepath.Join(dir, ".git", "hooks")
 	files, err := os.ReadDir(hooksDir)
@@ -78,8 +73,7 @@ func cleanGitHooks(dir string) error {
 func TestFindGitRemoteURL(t *testing.T) {
 	assert := assert.New(t)
-	basedir := testDir(t)
+	basedir := t.TempDir()
 	gitConfig()
 	err := gitCmd("init", basedir)
 	assert.NoError(err) //nolint:testifylint // pre-existing issue from nektos/act
 	err = cleanGitHooks(basedir)
@@ -102,8 +96,7 @@ func TestFindGitRemoteURL(t *testing.T) {
 }
 func TestGitFindRef(t *testing.T) {
-	basedir := testDir(t)
+	basedir := t.TempDir()
 	gitConfig()
 	for name, tt := range map[string]struct {
 		Prepare func(t *testing.T, dir string)
@@ -180,36 +173,55 @@ func TestGitFindRef(t *testing.T) {
 }
 func TestGitCloneExecutor(t *testing.T) {
 	// Build a local bare "remote" so this runs offline and fast. The cases below mirror
 	// the tag/branch/sha/short-sha ref paths the executor handles, formerly exercised by
 	// cloning actions/checkout and anchore/scan-action over the network.
 	remoteDir := t.TempDir()
 	require.NoError(t, gitCmd("init", "--bare", "--initial-branch=main", remoteDir))
 	workDir := t.TempDir()
 	require.NoError(t, gitCmd("clone", remoteDir, workDir))
 	require.NoError(t, gitCmd("-C", workDir, "checkout", "-b", "main"))
 	require.NoError(t, gitCmd("-C", workDir, "commit", "--allow-empty", "-m", "initial"))
 	require.NoError(t, gitCmd("-C", workDir, "tag", "v2"))
 	require.NoError(t, gitCmd("-C", workDir, "push", "-u", "origin", "main"))
 	require.NoError(t, gitCmd("-C", workDir, "push", "origin", "v2"))
 	// A branch with a dash in the name (mirrors the historical scan-action@act-fails case).
 	require.NoError(t, gitCmd("-C", workDir, "checkout", "-b", "act-fails"))
 	require.NoError(t, gitCmd("-C", workDir, "commit", "--allow-empty", "-m", "branch-commit"))
 	require.NoError(t, gitCmd("-C", workDir, "push", "origin", "act-fails"))
 	out, err := exec.Command("git", "-C", workDir, "rev-parse", "main").Output()
 	require.NoError(t, err)
 	fullSha := strings.TrimSpace(string(out))
 	for name, tt := range map[string]struct {
-		Err      error
+		Err error
-		URL, Ref string
+		Ref string
 	}{
 		"tag": {
 			Err: nil,
 			URL: "https://github.com/actions/checkout",
 			Ref: "v2",
 		},
 		"branch": {
 			Err: nil,
 			URL: "https://github.com/anchore/scan-action",
 			Ref: "act-fails",
 		},
 		"sha": {
 			Err: nil,
-			URL: "https://github.com/actions/checkout",
+			Ref: fullSha,
 			Ref: "5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f", // v2
 		},
 		"short-sha": {
-			Err: &Error{ErrShortRef, "5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f"},
+			Err: &Error{ErrShortRef, fullSha},
-			URL: "https://github.com/actions/checkout",
+			Ref: fullSha[:7],
 			Ref: "5a4ac90", // v2
 		},
 	} {
 		t.Run(name, func(t *testing.T) {
 			clone := NewGitCloneExecutor(NewGitCloneExecutorInput{
-				URL: tt.URL,
+				URL: remoteDir,
 				Ref: tt.Ref,
-				Dir: testDir(t),
+				Dir: t.TempDir(),
 			})
 			err := clone(context.Background())
@@ -223,13 +235,56 @@ func TestGitCloneExecutor(t *testing.T) {
 	}
 }
 func TestGitCloneExecutorReclonesWhenOriginURLChanges(t *testing.T) {
 	createRemote := func(message string) string {
 		remoteDir := t.TempDir()
 		require.NoError(t, gitCmd("init", "--bare", "--initial-branch=main", remoteDir))
 		workDir := t.TempDir()
 		require.NoError(t, gitCmd("clone", remoteDir, workDir))
 		require.NoError(t, gitCmd("-C", workDir, "checkout", "-b", "main"))
 		require.NoError(t, gitCmd("-C", workDir, "commit", "--allow-empty", "-m", message))
 		require.NoError(t, gitCmd("-C", workDir, "push", "-u", "origin", "main"))
 		return remoteDir
 	}
 	oldRemoteDir := createRemote("old-action")
 	newRemoteDir := createRemote("new-action")
 	cacheDir := t.TempDir()
 	require.NoError(t, NewGitCloneExecutor(NewGitCloneExecutorInput{
 		URL: oldRemoteDir,
 		Ref: "main",
 		Dir: cacheDir,
 	})(t.Context()))
 	markerPath := filepath.Join(cacheDir, "stale-marker")
 	require.NoError(t, os.WriteFile(markerPath, []byte("stale"), 0o644))
 	require.NoError(t, NewGitCloneExecutor(NewGitCloneExecutorInput{
 		URL: newRemoteDir,
 		Ref: "main",
 		Dir: cacheDir,
 	})(t.Context()))
 	originURL, err := findGitRemoteURL(t.Context(), cacheDir, "origin")
 	require.NoError(t, err)
 	assert.Equal(t, newRemoteDir, originURL)
 	out, err := exec.Command("git", "-C", cacheDir, "log", "--oneline", "-1", "--format=%s").Output()
 	require.NoError(t, err)
 	assert.Equal(t, "new-action", strings.TrimSpace(string(out)))
 	_, err = os.Stat(markerPath)
 	require.True(t, os.IsNotExist(err), "stale cached directory should be removed before recloning")
 }
 func TestGitCloneExecutorNonFastForwardRef(t *testing.T) {
 	// Simulate the scenario where a remote ref (e.g. a GitHub PR head ref) changes
 	// non-fast-forward between two fetches. Before the fix, the fetch used Force=false,
 	// causing go-git to return ErrForceNeeded and short-circuit the checkout.
 	gitConfig()
 	// Create a bare "remote" repo with an initial commit on main and a feature branch.
 	remoteDir := t.TempDir()
 	require.NoError(t, gitCmd("init", "--bare", "--initial-branch=main", remoteDir))
@@ -280,8 +335,6 @@ func TestGitCloneExecutorNonFastForwardRef(t *testing.T) {
 }
 func TestGitCloneExecutorOfflineMode(t *testing.T) {
 	gitConfig()
 	// Build a local "remote" with a single commit on main.
 	remoteDir := t.TempDir()
 	require.NoError(t, gitCmd("init", "--bare", "--initial-branch=main", remoteDir))
@@ -327,22 +380,21 @@ func TestGitCloneExecutorOfflineMode(t *testing.T) {
 	})
 }
 func gitConfig() {
 	if os.Getenv("GITHUB_ACTIONS") == "true" {
 		var err error
 		if err = gitCmd("config", "--global", "user.email", "test@test.com"); err != nil {
 			log.Error(err)
 		}
 		if err = gitCmd("config", "--global", "user.name", "Unit Test"); err != nil {
 			log.Error(err)
 		}
 	}
 }
 func gitCmd(args ...string) error {
 	cmd := exec.Command("git", args...)
 	cmd.Stdout = os.Stdout
 	cmd.Stderr = os.Stderr
 	// Inject a deterministic identity and ignore the host's global/system config so commits
 	// succeed regardless of the host having no user.name/user.email (e.g. CI, GITHUB_ACTIONS
 	// unset) or a global commit.gpgsign, and without mutating the developer's ~/.gitconfig.
 	cmd.Env = append(os.Environ(),
 		"GIT_AUTHOR_NAME=Unit Test",
 		"GIT_AUTHOR_EMAIL=test@test.com",
 		"GIT_COMMITTER_NAME=Unit Test",
 		"GIT_COMMITTER_EMAIL=test@test.com",
 		"GIT_CONFIG_GLOBAL=/dev/null",
 		"GIT_CONFIG_SYSTEM=/dev/null",
 	)
 	err := cmd.Run()
 	if exitError, ok := err.(*exec.ExitError); ok {
--- a/act/common/line_writer.go
+++ b/act/common/line_writer.go
@@ -12,6 +12,13 @@ import (
 // LineHandler is a callback function for handling a line
 type LineHandler func(line string) bool
 // Flusher is implemented by writers that buffer a trailing, not-yet-terminated
 // line. Callers should flush once the underlying stream has reached EOF so the
 // final line (when it is not newline-terminated) is not lost.
 type Flusher interface {
 	Flush()
 }
 type lineWriter struct {
 	buffer   bytes.Buffer
 	handlers []LineHandler
@@ -24,6 +31,14 @@ func NewLineWriter(handlers ...LineHandler) io.Writer {
 	return w
 }
 // FlushWriter flushes w if it implements Flusher. It is a no-op otherwise, so
 // callers can flush an io.Writer without knowing its concrete type.
 func FlushWriter(w io.Writer) {
 	if f, ok := w.(Flusher); ok {
 		f.Flush()
 	}
 }
 func (lw *lineWriter) Write(p []byte) (n int, err error) {
 	pBuf := bytes.NewBuffer(p)
 	written := 0
@@ -44,6 +59,17 @@ func (lw *lineWriter) Write(p []byte) (n int, err error) {
 	return written, nil
 }
 // Flush emits any buffered, not-yet-newline-terminated content as a final line.
 // It is safe to call multiple times; subsequent calls with an empty buffer are
 // no-ops.
 func (lw *lineWriter) Flush() {
 	if lw.buffer.Len() == 0 {
 		return
 	}
 	lw.handleLine(lw.buffer.String())
 	lw.buffer.Reset()
 }
 func (lw *lineWriter) handleLine(line string) {
 	for _, h := range lw.handlers {
 		ok := h(line)
--- a/act/common/line_writer_test.go
+++ b/act/common/line_writer_test.go
@@ -5,6 +5,7 @@
 package common
 import (
 	"io"
 	"testing"
 	"github.com/stretchr/testify/assert"
@@ -39,3 +40,33 @@ func TestLineWriter(t *testing.T) {
 	assert.Equal(" and another\n", lines[2])
 	assert.Equal("last line\n", lines[3])
 }
 func TestLineWriterFlush(t *testing.T) {
 	lines := make([]string, 0)
 	lineHandler := func(s string) bool {
 		lines = append(lines, s)
 		return true
 	}
 	lineWriter := NewLineWriter(lineHandler)
 	assert := assert.New(t)
 	_, err := lineWriter.Write([]byte("complete line\npartial line without newline"))
 	assert.NoError(err) //nolint:testifylint // pre-existing pattern from nektos/act
 	// Only the newline-terminated line is emitted before flushing.
 	assert.Equal([]string{"complete line\n"}, lines)
 	// Flushing emits the buffered, not-yet-terminated trailing line.
 	FlushWriter(lineWriter)
 	assert.Equal([]string{"complete line\n", "partial line without newline"}, lines)
 	// Flushing again is a no-op: nothing is buffered.
 	FlushWriter(lineWriter)
 	assert.Len(lines, 2)
 }
 func TestFlushWriterIgnoresNonFlusher(t *testing.T) {
 	// FlushWriter must be a safe no-op for writers that do not buffer lines.
 	assert.NotPanics(t, func() { FlushWriter(io.Discard) })
 }
--- a/act/container/container_types.go
+++ b/act/container/container_types.go
@@ -84,6 +84,12 @@ type NewDockerBuildExecutorInput struct {
 	Platform     string
 }
 // NewDockerNetworkCreateExecutorInput the input for the NewDockerNetworkCreateExecutor function
 type NewDockerNetworkCreateExecutorInput struct {
 	EnableIPv4 *bool
 	EnableIPv6 *bool
 }
 // NewDockerPullExecutorInput the input for the NewDockerPullExecutor function
 type NewDockerPullExecutorInput struct {
 	Image     string
--- a/act/container/docker_auth.go
+++ b/act/container/docker_auth.go
@@ -13,7 +13,6 @@ import (
 	"github.com/distribution/reference"
 	"github.com/docker/cli/cli/config"
 	"github.com/docker/cli/cli/config/credentials"
 	"github.com/moby/moby/api/types/registry"
 )
@@ -26,10 +25,6 @@ func LoadDockerAuthConfig(ctx context.Context, image string) (registry.AuthConfi
 		logger.Warnf("Could not load docker config: %v", err)
 		return registry.AuthConfig{}, err
 	}
 	if !cfg.ContainsAuth() {
 		cfg.CredentialsStore = credentials.DetectDefaultStore(cfg.CredentialsStore)
 	}
 	registryKey := registryAuthConfigKey("docker.io")
 	if image != "" {
 		if registryRef, refErr := reference.ParseNormalizedNamed(image); refErr != nil {
@@ -55,10 +50,6 @@ func LoadDockerAuthConfigs(ctx context.Context) map[string]registry.AuthConfig {
 		logger.Warnf("Could not load docker config: %v", err)
 		return nil
 	}
 	if !cfg.ContainsAuth() {
 		cfg.CredentialsStore = credentials.DetectDefaultStore(cfg.CredentialsStore)
 	}
 	creds, err := cfg.GetAllCredentials()
 	if err != nil {
 		logger.Warnf("Could not get docker auth configs: %v", err)
--- a/act/container/docker_images_test.go
+++ b/act/container/docker_images_test.go
@@ -6,66 +6,64 @@ package container
 import (
 	"context"
-	"io"
+	"fmt"
 	"os"
 	"os/exec"
 	"strings"
 	"testing"
 	"github.com/moby/moby/client"
 	specs "github.com/opencontainers/image-spec/specs-go/v1"
 	log "github.com/sirupsen/logrus"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 func init() {
 	log.SetLevel(log.DebugLevel)
 }
-func TestImageExistsLocally(t *testing.T) {
+// buildScratchImage builds a tiny empty image for the given platform locally (FROM scratch, no
-	if testing.Short() {
+// network or emulation since there is nothing to run) and returns its tag, removing it after
-		t.Skip("skipping integration test")
+// the test.
-	}
+func buildScratchImage(t *testing.T, platform string) string {
-	ctx := context.Background()
+	t.Helper()
-	// to help make this test reliable and not flaky, we need to have
+	tag := fmt.Sprintf("act-test-exists-%s:latest", strings.TrimPrefix(platform, "linux/"))
-	// an image that will exist, and onew that won't exist
+	cmd := exec.Command("docker", "build", "--platform", platform, "-t", tag, "-")
-
+	cmd.Stdin = strings.NewReader("FROM scratch\nLABEL act-test=1\n")
-	// Test if image exists with specific tag
+	// Force BuildKit: it records the requested architecture in the image config for a
-	invalidImageTag, err := ImageExistsLocally(ctx, "library/alpine:this-random-tag-will-never-exist", "linux/amd64")
+	// FROM-scratch build, whereas the classic builder ignores --platform and tags it with the
-	assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
+	// host arch, which would break the per-platform existence assertions below.
-	assert.False(t, invalidImageTag)
+	cmd.Env = append(os.Environ(), "DOCKER_BUILDKIT=1")
-
+	out, err := cmd.CombinedOutput()
-	// Test if image exists with specific architecture (image platform)
+	require.NoError(t, err, string(out))
-	invalidImagePlatform, err := ImageExistsLocally(ctx, "alpine:latest", "windows/amd64")
+	t.Cleanup(func() { _ = exec.Command("docker", "rmi", "-f", tag).Run() })
-	assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
+	return tag
-	assert.False(t, invalidImagePlatform)
+}
-
+
-	// pull an image
+func TestImageExistsLocally(t *testing.T) {
-	cli, err := client.New(client.FromEnv)
+	requireDocker(t)
-	assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
+	ctx := context.Background()
-	defer cli.Close()
+
-
+	// a non-existent image is reported absent
-	// Chose alpine latest because it's so small
+	missing, err := ImageExistsLocally(ctx, "library/alpine:this-random-tag-will-never-exist", "linux/amd64")
-	// maybe we should build an image instead so that tests aren't reliable on dockerhub
+	assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
-	readerDefault, err := cli.ImagePull(ctx, "node:24-bookworm-slim", client.ImagePullOptions{
+	assert.False(t, missing)
-		Platforms: []specs.Platform{{OS: "linux", Architecture: "amd64"}},
+
-	})
+	// Build tiny images for two architectures locally so per-platform existence can be checked
-	assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
+	// offline (formerly pulled node:24-bookworm-slim for amd64 and arm64 over the network).
-	defer readerDefault.Close()
+	amd64Ref := buildScratchImage(t, "linux/amd64")
-	_, err = io.ReadAll(readerDefault)
+	arm64Ref := buildScratchImage(t, "linux/arm64")
-	assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
+
-
+	amd64Exists, err := ImageExistsLocally(ctx, amd64Ref, "linux/amd64")
-	imageDefaultArchExists, err := ImageExistsLocally(ctx, "node:24-bookworm-slim", "linux/amd64")
+	assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
-	assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
+	assert.True(t, amd64Exists)
-	assert.True(t, imageDefaultArchExists)
+
-
+	// a non-host architecture image is detected for its own architecture
-	// Validate if another architecture platform can be pulled
+	arm64Exists, err := ImageExistsLocally(ctx, arm64Ref, "linux/arm64")
-	readerArm64, err := cli.ImagePull(ctx, "node:24-bookworm-slim", client.ImagePullOptions{
+	assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
-		Platforms: []specs.Platform{{OS: "linux", Architecture: "arm64"}},
+	assert.True(t, arm64Exists)
-	})
+
-	assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
+	// a present image is reported absent for a different platform
-	defer readerArm64.Close()
+	wrongPlatform, err := ImageExistsLocally(ctx, amd64Ref, "linux/arm64")
-	_, err = io.ReadAll(readerArm64)
+	assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
-	assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
+	assert.False(t, wrongPlatform)
 	imageArm64Exists, err := ImageExistsLocally(ctx, "node:24-bookworm-slim", "linux/arm64")
 	assert.NoError(t, err) //nolint:testifylint // pre-existing issue from nektos/act
 	assert.True(t, imageArm64Exists)
 }
--- a/act/container/docker_network.go
+++ b/act/container/docker_network.go
@@ -14,7 +14,7 @@ import (
 	"github.com/moby/moby/client"
 )
-func NewDockerNetworkCreateExecutor(name string) common.Executor {
+func NewDockerNetworkCreateExecutor(name string, opts NewDockerNetworkCreateExecutorInput) common.Executor {
 	return func(ctx context.Context) error {
 		cli, err := GetDockerClient(ctx)
 		if err != nil {
@@ -37,8 +37,10 @@ func NewDockerNetworkCreateExecutor(name string) common.Executor {
 		}
 		_, err = cli.NetworkCreate(ctx, name, client.NetworkCreateOptions{
-			Driver: "bridge",
+			Driver:     "bridge",
-			Scope:  "local",
+			Scope:      "local",
 			EnableIPv4: opts.EnableIPv4,
 			EnableIPv6: opts.EnableIPv6,
 		})
 		if err != nil {
 			return err
--- a/act/container/docker_pull_test.go
+++ b/act/container/docker_pull_test.go
@@ -40,6 +40,9 @@ func TestCleanImage(t *testing.T) {
 func TestGetImagePullOptions(t *testing.T) {
 	ctx := context.Background()
 	orig := config.Dir()
 	t.Cleanup(func() { config.SetDir(orig) })
 	config.SetDir("/non-existent/docker")
 	options, err := getImagePullOptions(ctx, NewDockerPullExecutorInput{})
--- a/act/container/docker_run.go
+++ b/act/container/docker_run.go
@@ -20,12 +20,14 @@ import (
 	"slices"
 	"strconv"
 	"strings"
 	"time"
 	"gitea.com/gitea/runner/act/common"
 	"gitea.com/gitea/runner/act/filecollector"
 	"dario.cat/mergo"
 	"github.com/Masterminds/semver"
 	cerrdefs "github.com/containerd/errdefs"
 	"github.com/docker/cli/cli/compose/loader"
 	"github.com/docker/cli/cli/connhelper"
 	"github.com/go-git/go-billy/v5/helper/polyfill"
@@ -44,6 +46,13 @@ import (
 	"github.com/spf13/pflag"
 )
 // drainGracePeriod bounds how long we wait for an output-copy goroutine to
 // finish draining a container's output before returning, so that neither a
 // cancellation (waitForCommand) nor a normal container exit (wait) truncates
 // the tail of the log. It is a safety bound: in the common case the stream
 // reaches EOF and the goroutine returns well before this elapses.
 const drainGracePeriod = 2 * time.Second
 // NewContainer creates a reference to a container
 func NewContainer(input *NewContainerInput) ExecutionsEnvironment {
 	cr := new(containerReference)
@@ -152,6 +161,8 @@ func (cr *containerReference) Copy(destPath string, files ...*FileEntry) common.
 func (cr *containerReference) CopyDir(destPath, srcPath string, useGitIgnore bool) common.Executor {
 	return common.NewPipelineExecutor(
 		common.NewInfoExecutor("docker cp src=%s dst=%s", srcPath, destPath),
 		cr.connect(),
 		cr.find(),
 		cr.copyDir(destPath, srcPath, useGitIgnore),
 		func(ctx context.Context) error {
 			// If this fails, then folders have wrong permissions on non root container
@@ -167,6 +178,16 @@ func (cr *containerReference) GetContainerArchive(ctx context.Context, srcPath s
 	if common.Dryrun(ctx) {
 		return nil, errors.New("DRYRUN is not supported in GetContainerArchive")
 	}
 	// Direct entry point (no pipeline) — revalidate cr.id ourselves.
 	if err := cr.connect()(ctx); err != nil {
 		return nil, err
 	}
 	if err := cr.find()(ctx); err != nil {
 		return nil, err
 	}
 	if cr.id == "" {
 		return nil, cr.missingContainerError("get archive %s", srcPath)
 	}
 	result, err := cr.cli.CopyFromContainer(ctx, cr.id, client.CopyFromContainerOptions{SourcePath: srcPath})
 	if err != nil {
 		return nil, err
@@ -216,6 +237,10 @@ type containerReference struct {
 	input *NewContainerInput
 	UID   int
 	GID   int
 	// attachDone is closed by the attach() streaming goroutine once it has
 	// drained and flushed the container's output. wait() blocks on it so the
 	// tail of the log lands before the step proceeds.
 	attachDone chan struct{}
 	LinuxContainerEnvironmentExtensions
 }
@@ -314,10 +339,22 @@ func (cr *containerReference) Close() common.Executor {
 	}
 }
 // missingContainerError is the shared "container X does not exist" error
 // used by ops that need a live cr.id.
 func (cr *containerReference) missingContainerError(format string, args ...any) error {
 	return fmt.Errorf("container %q does not exist; cannot "+format, append([]any{cr.input.Name}, args...)...)
 }
 func (cr *containerReference) find() common.Executor {
 	return func(ctx context.Context) error {
 		if cr.id != "" {
-			return nil
+			// Validate cached id; clear only on definitive NotFound so a
 			// transient daemon error doesn't abort cleanup pipelines.
 			_, err := cr.cli.ContainerInspect(ctx, cr.id, client.ContainerInspectOptions{})
 			if !cerrdefs.IsNotFound(err) {
 				return nil
 			}
 			cr.id = ""
 		}
 		containers, err := cr.cli.ContainerList(ctx, client.ContainerListOptions{
 			All: true,
@@ -335,7 +372,6 @@ func (cr *containerReference) find() common.Executor {
 			}
 		}
 		cr.id = ""
 		return nil
 	}
 }
@@ -592,6 +628,9 @@ func (cr *containerReference) extractFromImageEnv(env *map[string]string) common
 func (cr *containerReference) exec(cmd []string, env map[string]string, user, workdir string) common.Executor {
 	return func(ctx context.Context) error {
 		if cr.id == "" {
 			return cr.missingContainerError("exec %v", cmd)
 		}
 		logger := common.Logger(ctx)
 		// Fix slashes when running on Windows
 		if runtime.GOOS == "windows" {
@@ -703,7 +742,9 @@ func (cr *containerReference) tryReadGID() common.Executor {
 func (cr *containerReference) waitForCommand(ctx context.Context, isTerminal bool, resp client.HijackedResponse, _ client.ExecCreateResult, _, _ string) error {
 	logger := common.Logger(ctx)
-	cmdResponse := make(chan error)
+	// Buffered so the copy goroutine never blocks on send if the grace-period
 	// drain below times out and no one is left to receive.
 	cmdResponse := make(chan error, 1)
 	go func() {
 		var outWriter io.Writer
@@ -722,6 +763,11 @@ func (cr *containerReference) waitForCommand(ctx context.Context, isTerminal boo
 		} else {
 			_, err = io.Copy(outWriter, resp.Reader)
 		}
 		// Flush any buffered, not-yet-newline-terminated trailing line so the
 		// final line of a command's output is not lost (e.g. an error message
 		// printed without a trailing newline before the process exits).
 		common.FlushWriter(outWriter)
 		common.FlushWriter(errWriter)
 		cmdResponse <- err
 	}()
@@ -733,6 +779,16 @@ func (cr *containerReference) waitForCommand(ctx context.Context, isTerminal boo
 			logger.Warnf("Failed to send CTRL+C: %+s", err)
 		}
 		// Give the copy goroutine a brief grace period to drain output already
 		// produced by the command before we return, so cancellation does not
 		// truncate the tail of the log. The goroutine exits once the hijacked
 		// stream is closed by resp.Close() in the caller's defer.
 		select {
 		case <-cmdResponse:
 		case <-time.After(drainGracePeriod):
 			logger.Warn("Timed out draining command output after cancellation")
 		}
 		// we return the context canceled error to prevent other steps
 		// from executing
 		return ctx.Err()
@@ -746,6 +802,9 @@ func (cr *containerReference) waitForCommand(ctx context.Context, isTerminal boo
 }
 func (cr *containerReference) CopyTarStream(ctx context.Context, destPath string, tarStream io.Reader) error {
 	if cr.id == "" {
 		return cr.missingContainerError("copy to %s", destPath)
 	}
 	// Mkdir
 	buf := &bytes.Buffer{}
 	tw := tar.NewWriter(buf)
@@ -779,6 +838,9 @@ func (cr *containerReference) CopyTarStream(ctx context.Context, destPath string
 func (cr *containerReference) copyDir(dstPath, srcPath string, useGitIgnore bool) common.Executor {
 	return func(ctx context.Context) error {
 		if cr.id == "" {
 			return cr.missingContainerError("copy directory to %s", dstPath)
 		}
 		logger := common.Logger(ctx)
 		tarFile, err := os.CreateTemp("", "act")
 		if err != nil {
@@ -853,6 +915,9 @@ func (cr *containerReference) copyDir(dstPath, srcPath string, useGitIgnore bool
 func (cr *containerReference) copyContent(dstPath string, files ...*FileEntry) common.Executor {
 	return func(ctx context.Context) error {
 		if cr.id == "" {
 			return cr.missingContainerError("copy to %s", dstPath)
 		}
 		logger := common.Logger(ctx)
 		var buf bytes.Buffer
 		tw := tar.NewWriter(&buf)
@@ -909,14 +974,23 @@ func (cr *containerReference) attach() common.Executor {
 		if errWriter == nil {
 			errWriter = os.Stderr
 		}
 		done := make(chan struct{})
 		cr.attachDone = done
 		go func() {
 			defer close(done)
 			var copyErr error
 			if !isTerminal || os.Getenv("NORAW") != "" {
-				_, err = stdcopy.StdCopy(outWriter, errWriter, out.Reader)
+				_, copyErr = stdcopy.StdCopy(outWriter, errWriter, out.Reader)
 			} else {
-				_, err = io.Copy(outWriter, out.Reader)
+				_, copyErr = io.Copy(outWriter, out.Reader)
 			}
-			if err != nil {
+			// Flush any buffered, not-yet-newline-terminated trailing line once
-				common.Logger(ctx).Error(err)
+			// the stream reaches EOF, so the final line of the container's
 			// output is not lost when it is not newline-terminated.
 			common.FlushWriter(outWriter)
 			common.FlushWriter(errWriter)
 			if copyErr != nil {
 				common.Logger(ctx).Error(copyErr)
 			}
 		}()
 		return nil
@@ -955,6 +1029,18 @@ func (cr *containerReference) wait() common.Executor {
 		logger.Debugf("Return status: %v", statusCode)
 		// The container has exited; wait for the attach() streaming goroutine to
 		// finish draining and flushing its output before returning, so the tail
 		// of the log is not lost. Bounded so a stuck stream cannot hang the step.
 		if cr.attachDone != nil {
 			select {
 			case <-cr.attachDone:
 			case <-time.After(drainGracePeriod):
 				logger.Warn("Timed out draining container output")
 			}
 			cr.attachDone = nil
 		}
 		if statusCode == 0 {
 			return nil
 		}
--- a/act/container/docker_run_test.go
+++ b/act/container/docker_run_test.go
@@ -8,6 +8,7 @@ import (
 	"bufio"
 	"bytes"
 	"context"
 	"encoding/binary"
 	"errors"
 	"io"
 	"net"
@@ -19,6 +20,8 @@ import (
 	"gitea.com/gitea/runner/act/common"
 	cerrdefs "github.com/containerd/errdefs"
 	"github.com/moby/moby/api/pkg/stdcopy"
 	"github.com/moby/moby/api/types/container"
 	mobyclient "github.com/moby/moby/client"
 	"github.com/sirupsen/logrus/hooks/test"
@@ -28,14 +31,10 @@ import (
 )
 func TestDocker(t *testing.T) {
-	if testing.Short() {
+	requireDocker(t)
 		t.Skip("skipping integration test")
 	}
 	ctx := context.Background()
 	client, err := GetDockerClient(ctx)
-	if err != nil {
+	require.NoError(t, err)
 		t.Skipf("skipping integration test: %v", err)
 	}
 	defer client.Close()
 	dockerBuild := NewDockerBuildExecutor(NewDockerBuildExecutorInput{
@@ -92,6 +91,11 @@ func (m *mockDockerClient) ExecInspect(ctx context.Context, execID string, opts
 	return args.Get(0).(mobyclient.ExecInspectResult), args.Error(1)
 }
 func (m *mockDockerClient) ContainerAttach(ctx context.Context, containerID string, opts mobyclient.ContainerAttachOptions) (mobyclient.ContainerAttachResult, error) {
 	args := m.Called(ctx, containerID, opts)
 	return args.Get(0).(mobyclient.ContainerAttachResult), args.Error(1)
 }
 func (m *mockDockerClient) ContainerWait(ctx context.Context, containerID string, opts mobyclient.ContainerWaitOptions) mobyclient.ContainerWaitResult {
 	args := m.Called(ctx, containerID, opts)
 	return args.Get(0).(mobyclient.ContainerWaitResult)
@@ -102,6 +106,16 @@ func (m *mockDockerClient) CopyToContainer(ctx context.Context, id string, optio
 	return args.Get(0).(mobyclient.CopyToContainerResult), args.Error(1)
 }
 func (m *mockDockerClient) ContainerInspect(ctx context.Context, id string, opts mobyclient.ContainerInspectOptions) (mobyclient.ContainerInspectResult, error) {
 	args := m.Called(ctx, id, opts)
 	return args.Get(0).(mobyclient.ContainerInspectResult), args.Error(1)
 }
 func (m *mockDockerClient) ContainerList(ctx context.Context, opts mobyclient.ContainerListOptions) (mobyclient.ContainerListResult, error) {
 	args := m.Called(ctx, opts)
 	return args.Get(0).(mobyclient.ContainerListResult), args.Error(1)
 }
 type endlessReader struct {
 	io.Reader
 }
@@ -199,6 +213,71 @@ func TestDockerExecFailure(t *testing.T) {
 	client.AssertExpectations(t)
 }
 // stdcopyFrame wraps payload in a single Docker multiplexed-stream frame, the
 // format StdCopy expects: an 8-byte header (stream type + 4-byte big-endian
 // length) followed by the payload.
 func stdcopyFrame(stream stdcopy.StdType, payload string) []byte {
 	b := make([]byte, 8+len(payload))
 	b[0] = byte(stream)
 	binary.BigEndian.PutUint32(b[4:8], uint32(len(payload)))
 	copy(b[8:], payload)
 	return b
 }
 // TestDockerAttachFlushesTrailingLine verifies that wait() blocks until the
 // attach() streaming goroutine has drained and flushed the container's output,
 // so a final line without a trailing newline is not lost.
 func TestDockerAttachFlushesTrailingLine(t *testing.T) {
 	ctx := context.Background()
 	framed := bytes.NewBuffer(stdcopyFrame(stdcopy.Stdout, "line one\nlast line without newline"))
 	var lines []string
 	logWriter := common.NewLineWriter(func(s string) bool {
 		lines = append(lines, s)
 		return true
 	})
 	client := &mockDockerClient{}
 	client.On("ContainerAttach", ctx, "123", mock.AnythingOfType("client.ContainerAttachOptions")).
 		Return(mobyclient.ContainerAttachResult{
 			HijackedResponse: mobyclient.HijackedResponse{
 				Conn:   &mockConn{},
 				Reader: bufio.NewReader(framed),
 			},
 		}, nil)
 	statusCh := make(chan container.WaitResponse, 1)
 	statusCh <- container.WaitResponse{StatusCode: 0}
 	errCh := make(chan error, 1)
 	client.On("ContainerWait", ctx, "123", mobyclient.ContainerWaitOptions{Condition: container.WaitConditionNotRunning}).
 		Return(mobyclient.ContainerWaitResult{
 			Result: (<-chan container.WaitResponse)(statusCh),
 			Error:  (<-chan error)(errCh),
 		})
 	cr := &containerReference{
 		id:  "123",
 		cli: client,
 		input: &NewContainerInput{
 			Image:  "image",
 			Stdout: logWriter,
 			Stderr: logWriter,
 		},
 	}
 	require.NoError(t, cr.attach()(ctx))
 	require.NoError(t, cr.wait()(ctx))
 	// wait() must have blocked until the goroutine drained AND flushed; the
 	// trailing, non-newline-terminated line must therefore be present. Reading
 	// lines here is race-free because wait() synchronizes on attachDone, which
 	// the goroutine closes after the final append.
 	assert.Equal(t, []string{"line one\n", "last line without newline"}, lines)
 	client.AssertExpectations(t)
 }
 func TestDockerWaitFailure(t *testing.T) {
 	ctx := context.Background()
@@ -302,6 +381,134 @@ func TestDockerCopyTarStreamErrorInMkdir(t *testing.T) {
 	client.AssertExpectations(t)
 }
 // find() must drop a stale cached id so later Copy/Exec don't hit the
 // daemon with a torn-down container.
 func TestFindRevalidatesStaleID(t *testing.T) {
 	ctx := context.Background()
 	notFound := cerrdefs.ErrNotFound.WithMessage("No such container")
 	boom := errors.New("daemon unreachable")
 	newCR := func(id string) (*containerReference, *mockDockerClient) {
 		client := &mockDockerClient{}
 		return &containerReference{id: id, cli: client, input: &NewContainerInput{Name: "job-1"}}, client
 	}
 	listOpts := mobyclient.ContainerListOptions{All: true}
 	inspectOpts := mobyclient.ContainerInspectOptions{}
 	t.Run("stale id cleared, name lookup empty", func(t *testing.T) {
 		cr, client := newCR("stale")
 		client.On("ContainerInspect", ctx, "stale", inspectOpts).Return(mobyclient.ContainerInspectResult{}, notFound)
 		client.On("ContainerList", ctx, listOpts).Return(mobyclient.ContainerListResult{}, nil)
 		require.NoError(t, cr.find()(ctx))
 		assert.Empty(t, cr.id)
 		client.AssertExpectations(t)
 	})
 	t.Run("stale id cleared, name lookup repopulates", func(t *testing.T) {
 		cr, client := newCR("stale")
 		client.On("ContainerInspect", ctx, "stale", inspectOpts).Return(mobyclient.ContainerInspectResult{}, notFound)
 		client.On("ContainerList", ctx, listOpts).Return(mobyclient.ContainerListResult{Items: []container.Summary{
 			{ID: "other", Names: []string{"/somebody-else"}},
 			{ID: "fresh", Names: []string{"/job-1"}},
 		}}, nil)
 		require.NoError(t, cr.find()(ctx))
 		assert.Equal(t, "fresh", cr.id)
 		client.AssertExpectations(t)
 	})
 	t.Run("live id kept", func(t *testing.T) {
 		cr, client := newCR("live")
 		client.On("ContainerInspect", ctx, "live", inspectOpts).Return(mobyclient.ContainerInspectResult{}, nil)
 		require.NoError(t, cr.find()(ctx))
 		assert.Equal(t, "live", cr.id)
 		client.AssertExpectations(t)
 	})
 	t.Run("transient inspect error trusts cache", func(t *testing.T) {
 		cr, client := newCR("live")
 		client.On("ContainerInspect", ctx, "live", inspectOpts).Return(mobyclient.ContainerInspectResult{}, boom)
 		require.NoError(t, cr.find()(ctx))
 		assert.Equal(t, "live", cr.id)
 		client.AssertExpectations(t)
 	})
 	t.Run("list error propagates", func(t *testing.T) {
 		cr, client := newCR("")
 		client.On("ContainerList", ctx, listOpts).Return(mobyclient.ContainerListResult{}, boom)
 		require.ErrorIs(t, cr.find()(ctx), boom)
 		client.AssertExpectations(t)
 	})
 }
 // Every daemon entry point fails fast with a clear, container-named
 // error when no live cr.id is known.
 func TestRejectsMissingContainer(t *testing.T) {
 	ctx := context.Background()
 	client := &mockDockerClient{}
 	client.On("ContainerList", ctx, mobyclient.ContainerListOptions{All: true}).Return(mobyclient.ContainerListResult{}, nil)
 	cr := &containerReference{cli: client, input: &NewContainerInput{Name: "job-1"}}
 	check := func(op string, err error) {
 		t.Helper()
 		require.Error(t, err, op)
 		assert.Contains(t, err.Error(), `container "job-1" does not exist`, op)
 	}
 	check("copyContent", cr.copyContent("/var/run/act", &FileEntry{Name: "x", Mode: 0o644})(ctx))
 	check("copyDir", cr.copyDir("/var/run/act", "/src", false)(ctx))
 	check("CopyTarStream", cr.CopyTarStream(ctx, "/var/run/act", &bytes.Buffer{}))
 	check("exec", cr.exec([]string{"echo"}, nil, "", "")(ctx))
 	_, err := cr.GetContainerArchive(ctx, "/var/run/act/x")
 	check("GetContainerArchive", err)
 }
 // End-to-end: a stale cr.id is cleared, repopulated from name lookup,
 // and the Copy completes against the fresh id.
 func TestPublicCopyPipelineHandlesStaleID(t *testing.T) {
 	ctx := context.Background()
 	client := &mockDockerClient{}
 	client.On("ContainerInspect", ctx, "stale", mobyclient.ContainerInspectOptions{}).
 		Return(mobyclient.ContainerInspectResult{}, cerrdefs.ErrNotFound.WithMessage("gone"))
 	client.On("ContainerList", ctx, mobyclient.ContainerListOptions{All: true}).
 		Return(mobyclient.ContainerListResult{Items: []container.Summary{
 			{ID: "fresh", Names: []string{"/job-1"}},
 		}}, nil)
 	client.On("CopyToContainer", ctx, "fresh", mock.MatchedBy(func(opts mobyclient.CopyToContainerOptions) bool {
 		return opts.DestinationPath == "/var/run/act"
 	})).Return(mobyclient.CopyToContainerResult{}, nil)
 	cr := &containerReference{id: "stale", cli: client, input: &NewContainerInput{Name: "job-1"}}
 	require.NoError(t, cr.Copy("/var/run/act", &FileEntry{Name: "x", Mode: 0o644})(ctx))
 	assert.Equal(t, "fresh", cr.id)
 	client.AssertExpectations(t)
 }
 // TestDockerCopyToSymlinkPath is a regression test for gitea/runner#981. Most base images
 // symlink /var/run to /run, so copying into /var/run/act traverses that symlink. The broken
 // docker 29.5.1 daemon fails the extraction with "mkdirat var/run: file exists" (fixed in
 // 29.5.2). Running against the daemon shipped in the dind image, this catches a bad bump.
 func TestDockerCopyToSymlinkPath(t *testing.T) {
 	requireDocker(t)
 	ctx := context.Background()
 	rc := NewContainer(&NewContainerInput{
 		Image:      "alpine:latest",
 		Entrypoint: []string{"sleep", "30"},
 		Name:       "act-test-symlink-" + time.Now().Format("20060102150405.000000"),
 		AutoRemove: true,
 	})
 	require.NoError(t, rc.Pull(false)(ctx))
 	require.NoError(t, rc.Create(nil, nil)(ctx))
 	require.NoError(t, rc.Start(false)(ctx))
 	t.Cleanup(func() {
 		_ = rc.Remove()(ctx)
 		_ = rc.Close()(ctx)
 	})
 	// CopyTarStream first creates the destination directory by extracting a tar at "/",
 	// which makes the daemon mkdir var, then var/run (the symlink), then act — the exact
 	// step that fails on the broken daemon.
 	err := rc.CopyTarStream(ctx, "/var/run/act", &bytes.Buffer{})
 	require.NoError(t, err)
 }
 // Type assert containerReference implements ExecutionsEnvironment
 var _ ExecutionsEnvironment = &containerReference{}
--- a/act/container/docker_socket_test.go
+++ b/act/container/docker_socket_test.go
@@ -18,9 +18,19 @@ func init() {
 var originalCommonSocketLocations = CommonSocketLocations
 func isolateSocketEnv(t *testing.T) {
 	t.Helper()
 	t.Cleanup(func() { CommonSocketLocations = originalCommonSocketLocations })
 	if host, ok := os.LookupEnv("DOCKER_HOST"); ok {
 		t.Setenv("DOCKER_HOST", host)
 	} else {
 		t.Cleanup(func() { os.Unsetenv("DOCKER_HOST") })
 	}
 }
 func TestGetSocketAndHostWithSocket(t *testing.T) {
 	// Arrange
-	CommonSocketLocations = originalCommonSocketLocations
+	isolateSocketEnv(t)
 	dockerHost := "unix:///my/docker/host.sock"
 	socketURI := "/path/to/my.socket"
 	t.Setenv("DOCKER_HOST", dockerHost)
@@ -48,9 +58,9 @@ func TestGetSocketAndHostNoSocket(t *testing.T) {
 func TestGetSocketAndHostOnlySocket(t *testing.T) {
 	// Arrange
 	isolateSocketEnv(t)
 	socketURI := "/path/to/my.socket"
 	os.Unsetenv("DOCKER_HOST")
 	CommonSocketLocations = originalCommonSocketLocations
 	defaultSocket, defaultSocketFound := socketLocation()
 	// Act
@@ -65,7 +75,7 @@ func TestGetSocketAndHostOnlySocket(t *testing.T) {
 func TestGetSocketAndHostDontMount(t *testing.T) {
 	// Arrange
-	CommonSocketLocations = originalCommonSocketLocations
+	isolateSocketEnv(t)
 	dockerHost := "unix:///my/docker/host.sock"
 	t.Setenv("DOCKER_HOST", dockerHost)
@@ -79,7 +89,7 @@ func TestGetSocketAndHostDontMount(t *testing.T) {
 func TestGetSocketAndHostNoHostNoSocket(t *testing.T) {
 	// Arrange
-	CommonSocketLocations = originalCommonSocketLocations
+	isolateSocketEnv(t)
 	os.Unsetenv("DOCKER_HOST")
 	defaultSocket, found := socketLocation()
@@ -97,6 +107,7 @@ func TestGetSocketAndHostNoHostNoSocket(t *testing.T) {
 // > This happens if neither DOCKER_HOST nor --container-daemon-socket has a value, but socketLocation() returns a URI
 func TestGetSocketAndHostNoHostNoSocketDefaultLocation(t *testing.T) {
 	// Arrange
 	isolateSocketEnv(t)
 	mySocketFile, tmpErr := os.CreateTemp(t.TempDir(), "act-*.sock")
 	mySocket := mySocketFile.Name()
 	unixSocket := "unix://" + mySocket
@@ -119,6 +130,7 @@ func TestGetSocketAndHostNoHostNoSocketDefaultLocation(t *testing.T) {
 func TestGetSocketAndHostNoHostInvalidSocket(t *testing.T) {
 	// Arrange
 	isolateSocketEnv(t)
 	os.Unsetenv("DOCKER_HOST")
 	mySocket := "/my/socket/path.sock"
 	CommonSocketLocations = []string{"/unusual", "/socket", "/location"}
@@ -136,6 +148,7 @@ func TestGetSocketAndHostNoHostInvalidSocket(t *testing.T) {
 func TestGetSocketAndHostOnlySocketValidButUnusualLocation(t *testing.T) {
 	// Arrange
 	isolateSocketEnv(t)
 	socketURI := "unix:///path/to/my.socket"
 	CommonSocketLocations = []string{"/unusual", "/location"}
 	os.Unsetenv("DOCKER_HOST")
--- a/act/container/docker_stub.go
+++ b/act/container/docker_stub.go
@@ -61,7 +61,7 @@ func NewDockerVolumeRemoveExecutor(volume string, force bool) common.Executor {
 	}
 }
-func NewDockerNetworkCreateExecutor(name string) common.Executor {
+func NewDockerNetworkCreateExecutor(name string, opts NewDockerNetworkCreateExecutorInput) common.Executor {
 	return func(ctx context.Context) error {
 		return nil
 	}
--- a/act/container/helpers_test.go
+++ b/act/container/helpers_test.go
@@ -0,0 +1,27 @@
 // Copyright 2026 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 package container
 import (
 	"context"
 	"testing"
 	mobyclient "github.com/moby/moby/client"
 )
 // requireDocker skips the test unless a reachable docker daemon is available.
 // GetDockerClient succeeds even without a running daemon (its ping is best-effort),
 // so the daemon has to be pinged explicitly here to decide whether to skip.
 func requireDocker(t *testing.T) {
 	t.Helper()
 	ctx := context.Background()
 	cli, err := GetDockerClient(ctx)
 	if err != nil {
 		t.Skipf("skipping: docker client unavailable: %v", err)
 	}
 	defer cli.Close()
 	if _, err := cli.Ping(ctx, mobyclient.PingOptions{}); err != nil {
 		t.Skipf("skipping: docker daemon unreachable: %v", err)
 	}
 }
--- a/act/container/host_environment.go
+++ b/act/container/host_environment.go
@@ -16,9 +16,7 @@ import (
 	"os/exec"
 	"path/filepath"
 	"runtime"
 	"strconv"
 	"strings"
 	"sync"
 	"sync/atomic"
 	"time"
@@ -44,9 +42,6 @@ type HostEnvironment struct {
 	CleanUp      func()
 	StdOut       io.Writer
 	AllocatePTY  bool // allocate a pseudo-TTY for each step's process
 	mu          sync.Mutex
 	runningPIDs map[int]struct{}
 }
 func (e *HostEnvironment) Create(_, _ []string) common.Executor {
@@ -327,6 +322,30 @@ func (e *HostEnvironment) exec(ctx context.Context, command []string, cmdline st
 	cmd.Stderr = e.StdOut
 	cmd.Dir = wd
 	cmd.SysProcAttr = getSysProcAttr(cmdline, false)
 	// A step often launches a process tree (a shell that starts a child which
 	// spawns further background or GUI processes). The default context
 	// cancellation only kills the direct child, leaving the rest of the tree
 	// running; and because the orphans inherit cmd's stdout/stderr pipe,
 	// cmd.Wait() would block forever, hanging the runner. Kill the whole tree on
 	// cancellation — via a Job Object on Windows and the process group on Unix
 	// (see processKiller) — and bound the wait so a leftover pipe writer can
 	// never hang Wait indefinitely.
 	var killer atomic.Pointer[processKiller]
 	cmd.Cancel = func() error {
 		if k := killer.Load(); k != nil {
 			return k.Kill()
 		}
 		if cmd.Process != nil {
 			return cmd.Process.Kill()
 		}
 		return nil
 	}
 	// Once the step process has exited, give its I/O pipes at most this long to
 	// drain before Wait force-closes them and returns (Go's WaitDelay). This
 	// also covers a step that backgrounds a process holding the pipe open.
 	cmd.WaitDelay = 10 * time.Second
 	var ppty *os.File
 	var tty *os.File
 	defer func() {
@@ -353,23 +372,19 @@ func (e *HostEnvironment) exec(ctx context.Context, command []string, cmdline st
 		go copyPtyOutput(writer, ppty, finishLog)
 		go writeKeepAlive(ppty)
 	}
 	// Split Start/Wait so the PID can be registered before the process can exit;
 	// cmd.Run() would block until exit, by which time the PID may have been reused.
 	if err := cmd.Start(); err != nil {
 		return err
 	}
-	if cmd.Process != nil {
+	// Capture the started process for tree-kill on cancellation: a Job Object on
-		e.mu.Lock()
+	// Windows (children spawned afterwards are auto-included) and the process
-		if e.runningPIDs == nil {
+	// group on Unix. On failure (e.g. Windows nested-job restrictions) we fall
-			e.runningPIDs = map[int]struct{}{}
+	// back to the default single-process kill; WaitDelay + end-of-job cleanup
-		}
+	// still apply.
-		e.runningPIDs[cmd.Process.Pid] = struct{}{}
+	if k, kerr := newProcessKiller(cmd.Process); kerr != nil {
-		e.mu.Unlock()
+		common.Logger(ctx).Warnf("process tree kill setup failed, falling back to single-process kill: %v", kerr)
-		defer func(pid int) {
+	} else {
-			e.mu.Lock()
+		killer.Store(k)
-			delete(e.runningPIDs, pid)
+		defer k.Close()
 			e.mu.Unlock()
 		}(cmd.Process.Pid)
 	}
 	err = cmd.Wait()
 	if err != nil {
@@ -413,6 +428,24 @@ func (e *HostEnvironment) UpdateFromEnv(srcPath string, env *map[string]string)
 	return parseEnvFile(e, srcPath, env)
 }
 // removeAll is the filesystem delete used by removeAllWithContext. A package
 // var so tests can substitute a blocking stub without patching os.RemoveAll.
 var removeAll = os.RemoveAll
 // removeAllWithContext runs removeAll in a goroutine and returns once it
 // finishes or ctx is cancelled. On cancellation the goroutine is left running —
 // a delete blocked inside a syscall cannot be interrupted (see runWithTimeout).
 func removeAllWithContext(ctx context.Context, path string) error {
 	done := make(chan error, 1)
 	go func() { done <- removeAll(path) }()
 	select {
 	case err := <-done:
 		return err
 	case <-ctx.Done():
 		return ctx.Err()
 	}
 }
 func removePathWithRetry(ctx context.Context, path string) error {
 	if path == "" {
 		return nil
@@ -432,64 +465,168 @@ func removePathWithRetry(ctx context.Context, path string) error {
 			case <-time.After(delay):
 			}
 		}
-		lastErr = os.RemoveAll(path)
+		lastErr = removeAllWithContext(ctx, path)
 		if lastErr == nil {
 			return nil
 		}
 		if errors.Is(lastErr, context.DeadlineExceeded) {
 			return lastErr
 		}
 	}
 	return lastErr
 }
 // buildWindowsWorkspaceKillScript builds a PowerShell command that `taskkill
 // /T /F`s every process tree whose ExecutablePath or CommandLine references one
 // of the given absolute workspace dirs, releasing file handles for cleanup.
 //
 // Win32_Process is used because it exposes both ExecutablePath and CommandLine
 // (Get-Process doesn't, wmic is deprecated). Both match the dir+separator
 // prefix, so a sibling dir sharing a name prefix (job1 vs job10) is spared.
 // Ordinal String methods, not -like, so path metacharacters ([ ] ? *) stay
 // literal.
 //
 // Pure function so the quote-escaping can be unit-tested without PowerShell.
 func buildWindowsWorkspaceKillScript(dirs []string) string {
 	quoted := make([]string, len(dirs))
 	for i, d := range dirs {
 		// Single-quoted PowerShell literal; escape ' by doubling it.
 		quoted[i] = "'" + strings.ReplaceAll(d, "'", "''") + "'"
 	}
 	return `$paths = @(` + strings.Join(quoted, ",") + `)
 $selfPid = $PID
 Get-CimInstance Win32_Process -ErrorAction SilentlyContinue | Where-Object {
    if ($_.ProcessId -eq $selfPid) { return $false }
    foreach ($p in $paths) {
        $prefix = $p + '\'
        if ($_.ExecutablePath -and $_.ExecutablePath.StartsWith($prefix, [System.StringComparison]::OrdinalIgnoreCase)) { return $true }
        if ($_.CommandLine -and $_.CommandLine.IndexOf($prefix, [System.StringComparison]::OrdinalIgnoreCase) -ge 0) { return $true }
    }
    return $false
 } | ForEach-Object {
    & taskkill.exe /PID $_.ProcessId /T /F 2>$null | Out-Null
 }
 `
 }
 func (e *HostEnvironment) terminateRunningProcesses(ctx context.Context) {
 	if runtime.GOOS != "windows" {
 		return
 	}
 	e.mu.Lock()
 	pids := make([]int, 0, len(e.runningPIDs))
 	for pid := range e.runningPIDs {
 		pids = append(pids, pid)
 	}
 	e.mu.Unlock()
-	if len(pids) == 0 {
+	// Detached: exec.CommandContext won't start on a cancelled ctx, and a
 	// server cancel has already cancelled the parent ctx.
 	killCtx, killCancel := context.WithTimeout(context.Background(), 30*time.Second)
 	defer killCancel()
 	logger := common.Logger(ctx)
 	// Workspace dirs we own. Any process running from or referencing one is a
 	// leftover job process. ToolCache is shared across jobs; Workdir only when
 	// we own it (else it's a caller-provided checkout, e.g. act local mode).
 	owned := []string{e.Path, e.TmpDir}
 	if e.CleanWorkdir {
 		owned = append(owned, e.Workdir)
 	}
 	dirs := make([]string, 0, len(owned))
 	for _, d := range owned {
 		if d == "" {
 			continue
 		}
 		abs, err := filepath.Abs(d)
 		if err != nil {
 			continue
 		}
 		dirs = append(dirs, abs)
 	}
 	if len(dirs) == 0 {
 		return
 	}
-	logger := common.Logger(ctx)
+	script := buildWindowsWorkspaceKillScript(dirs)
-	for _, pid := range pids {
+
-		// Best-effort: forcibly terminate process tree to release file handles
+	cmd := exec.CommandContext(killCtx, "powershell.exe", "-NoProfile", "-NonInteractive", "-Command", script)
-		// so that workspace cleanup can succeed on Windows.
+	out, err := cmd.CombinedOutput()
-		cmd := exec.CommandContext(ctx, "taskkill", "/PID", strconv.Itoa(pid), "/T", "/F")
+	if err != nil {
-		out, err := cmd.CombinedOutput()
+		logger.Debugf("workspace process-tree kill via PowerShell failed: %v output=%s", err, strings.TrimSpace(string(out)))
-		if err != nil {
+	}
-			logger.Debugf("taskkill failed for pid=%d: %v output=%s", pid, err, strings.TrimSpace(string(out)))
+}
-		}
+
 // hostCleanupTimeout bounds each filesystem-teardown phase of the host
 // environment so a single stalled delete cannot wedge the runner slot forever.
 // A var (not const) so tests can shrink it.
 var hostCleanupTimeout = 30 * time.Second
 // runWithTimeout runs fn in a goroutine and returns once it finishes or timeout
 // elapses, whichever comes first. On timeout the goroutine is left running — an
 // os.RemoveAll blocked inside a delete syscall (AV/EDR filter drivers, an
 // unresponsive network mount, a dying disk) cannot be interrupted — and
 // context.DeadlineExceeded is returned. Leaking the goroutine and the scratch
 // state it was deleting is strictly better than blocking the caller forever and
 // permanently losing the runner's capacity slot; the leaked scratch dir is
 // reclaimed later by the runner's idle stale-dir sweep.
 func runWithTimeout(fn func(), timeout time.Duration) error {
 	done := make(chan struct{})
 	go func() {
 		defer close(done)
 		fn()
 	}()
 	timer := time.NewTimer(timeout)
 	defer timer.Stop()
 	select {
 	case <-done:
 		return nil
 	case <-timer.C:
 		return context.DeadlineExceeded
 	}
 }
 func (e *HostEnvironment) Remove() common.Executor {
 	return func(ctx context.Context) error {
 		logger := common.Logger(ctx)
 		// Ensure any lingering child processes are ended before attempting
 		// to remove the workspace (Windows file locks otherwise prevent cleanup).
 		e.terminateRunningProcesses(ctx)
 		// Only removes per-job misc state. Must not remove the cache/toolcache root.
 		// Bound it: CleanUp is a caller-supplied, typically unbounded os.RemoveAll,
 		// and a delete stalled by a filesystem filter driver would otherwise hang
 		// the job forever at "Cleaning up container" and hold the capacity slot.
 		if e.CleanUp != nil {
-			e.CleanUp()
+			logger.Debugf("running host environment cleanup callback")
 			if err := runWithTimeout(e.CleanUp, hostCleanupTimeout); err != nil {
 				logger.Warnf("host environment cleanup did not finish within %s; continuing job completion, scratch state may be leaked and is reclaimed by the idle stale-dir sweep", hostCleanupTimeout)
 			} else {
 				logger.Debugf("host environment cleanup callback finished")
 			}
 		}
-		logger := common.Logger(ctx)
+
 		// Detach: a cancelled ctx would skip removePathWithRetry's retries,
 		// which absorb Windows file-handle release lag after the kill above.
 		rmCtx, rmCancel := context.WithTimeout(context.Background(), hostCleanupTimeout)
 		defer rmCancel()
 		var errs []error
-		if err := removePathWithRetry(ctx, e.Path); err != nil {
+		if err := removePathWithRetry(rmCtx, e.Path); err != nil {
 			logger.Warnf("failed to remove host misc state %s: %v", e.Path, err)
 			errs = append(errs, err)
 		}
 		if e.CleanWorkdir {
-			if err := removePathWithRetry(ctx, e.Workdir); err != nil {
+			if err := removePathWithRetry(rmCtx, e.Workdir); err != nil {
 				logger.Warnf("failed to remove host workspace %s: %v", e.Workdir, err)
 				errs = append(errs, err)
 			}
 		}
-		return errors.Join(errs...)
+		for _, err := range errs {
 			if !errors.Is(err, context.DeadlineExceeded) {
 				return errors.Join(errs...)
 			}
 		}
 		// Bounded teardown timed out; warnings already logged above. Do not
 		// fail job completion — leaked scratch is reclaimed by the idle sweep.
 		return nil
 	}
 }
--- a/act/container/host_environment_test.go
+++ b/act/container/host_environment_test.go
@@ -15,6 +15,7 @@ import (
 	"runtime"
 	"strings"
 	"testing"
 	"time"
 	"gitea.com/gitea/runner/act/common"
@@ -187,3 +188,176 @@ func TestHostEnvironmentRemoveCleansWorkdirWhenOwned(t *testing.T) {
 	_, err := os.Stat(workdir)
 	assert.ErrorIs(t, err, os.ErrNotExist)
 }
 func TestRemoveAllWithContextDoesNotHangOnStuckDelete(t *testing.T) {
 	release := make(chan struct{})
 	stubDone := make(chan struct{})
 	orig := removeAll
 	removeAll = func(string) error {
 		defer close(stubDone)
 		<-release
 		return nil
 	}
 	// removeAllWithContext intentionally leaks the delete goroutine on timeout,
 	// and that goroutine still references removeAll. Unblock it and wait for it
 	// to return before restoring the var, so the restore can't race the read.
 	t.Cleanup(func() {
 		close(release)
 		<-stubDone
 		removeAll = orig
 	})
 	ctx, cancel := context.WithTimeout(context.Background(), 100*time.Millisecond)
 	defer cancel()
 	err := removeAllWithContext(ctx, t.TempDir())
 	require.ErrorIs(t, err, context.DeadlineExceeded)
 }
 // TestHostEnvironmentRemoveDoesNotHangOnStuckCleanUp guards against a stalled
 // CleanUp callback (e.g. an os.RemoveAll blocked by an AV/EDR filter driver or
 // an unresponsive mount) wedging the runner slot forever at "Cleaning up
 // container". Remove must time out the callback and complete job teardown.
 func TestHostEnvironmentRemoveDoesNotHangOnStuckCleanUp(t *testing.T) {
 	// Keep the suite fast: shrink the per-phase teardown timeout for this test.
 	orig := hostCleanupTimeout
 	hostCleanupTimeout = 100 * time.Millisecond
 	t.Cleanup(func() { hostCleanupTimeout = orig })
 	logger := logrus.New()
 	ctx := common.WithLogger(context.Background(), logrus.NewEntry(logger))
 	base := t.TempDir()
 	path := filepath.Join(base, "misc", "hostexecutor")
 	require.NoError(t, os.MkdirAll(path, 0o700))
 	release := make(chan struct{})
 	t.Cleanup(func() { close(release) }) // unblock the leaked goroutine at test end
 	e := &HostEnvironment{
 		Path: path,
 		CleanUp: func() {
 			<-release // simulate a delete syscall stuck indefinitely
 		},
 		StdOut: os.Stdout,
 	}
 	done := make(chan error, 1)
 	go func() { done <- e.Remove()(ctx) }()
 	select {
 	case err := <-done:
 		require.NoError(t, err)
 	case <-time.After(10 * time.Second):
 		t.Fatal("Remove() hung on a stuck CleanUp callback")
 	}
 }
 // TestHostEnvironmentRemoveDoesNotHangOnStuckPathRemoval guards against a
 // stalled os.RemoveAll on the misc/workspace paths (same AV/EDR wedge as
 // #1023) wedging job completion after the CleanUp callback has already timed
 // out or finished.
 func TestHostEnvironmentRemoveDoesNotHangOnStuckPathRemoval(t *testing.T) {
 	origTimeout := hostCleanupTimeout
 	hostCleanupTimeout = 100 * time.Millisecond
 	t.Cleanup(func() { hostCleanupTimeout = origTimeout })
 	release := make(chan struct{})
 	stubDone := make(chan struct{})
 	origRemoveAll := removeAll
 	removeAll = func(string) error {
 		defer close(stubDone)
 		<-release
 		return nil
 	}
 	// The stuck delete goroutine outlives the timed-out Remove and still reads
 	// removeAll; unblock it and wait before restoring to avoid a restore/read race.
 	t.Cleanup(func() {
 		close(release)
 		<-stubDone
 		removeAll = origRemoveAll
 	})
 	logger := logrus.New()
 	ctx := common.WithLogger(context.Background(), logrus.NewEntry(logger))
 	base := t.TempDir()
 	path := filepath.Join(base, "misc", "hostexecutor")
 	require.NoError(t, os.MkdirAll(path, 0o700))
 	e := &HostEnvironment{
 		Path:   path,
 		StdOut: os.Stdout,
 	}
 	done := make(chan error, 1)
 	go func() { done <- e.Remove()(ctx) }()
 	select {
 	case err := <-done:
 		require.NoError(t, err)
 	case <-time.After(10 * time.Second):
 		t.Fatal("Remove() hung on a stuck path removal")
 	}
 }
 func TestBuildWindowsWorkspaceKillScript(t *testing.T) {
 	t.Run("single dir", func(t *testing.T) {
 		s := buildWindowsWorkspaceKillScript([]string{`C:\workspace\job1`})
 		assert.Contains(t, s, `$paths = @('C:\workspace\job1')`)
 		// Self-PID guard is essential — without it the script could taskkill
 		// the PowerShell process running it.
 		assert.Contains(t, s, "$selfPid = $PID")
 		assert.Contains(t, s, "$_.ProcessId -eq $selfPid")
 		// Must match both ExecutablePath (binaries from the workspace) and
 		// CommandLine (system binaries invoked with workspace paths in args),
 		// both bounded by dir+separator so a name-prefix sibling is spared.
 		assert.Contains(t, s, `$prefix = $p + '\'`)
 		assert.Contains(t, s, "$_.ExecutablePath.StartsWith($prefix")
 		assert.Contains(t, s, "$_.CommandLine.IndexOf($prefix")
 		// Each matched PID must be tree-killed, not just stopped.
 		assert.Contains(t, s, "taskkill.exe /PID $_.ProcessId /T /F")
 	})
 	t.Run("multiple dirs comma-separated", func(t *testing.T) {
 		s := buildWindowsWorkspaceKillScript([]string{
 			`C:\work\path`,
 			`C:\work\workdir`,
 			`C:\Users\runner\AppData\Local\Temp\job-42`,
 		})
 		assert.Contains(t, s, `'C:\work\path'`)
 		assert.Contains(t, s, `'C:\work\workdir'`)
 		assert.Contains(t, s, `'C:\Users\runner\AppData\Local\Temp\job-42'`)
 		// Commas between entries — no trailing comma, no leading comma.
 		assert.Contains(t, s, `'C:\work\path','C:\work\workdir',`)
 	})
 	t.Run("path with single quote is escaped", func(t *testing.T) {
 		// In PowerShell single-quoted strings the only special char is the
 		// quote itself, escaped by doubling. A workspace path that ever
 		// contained `'` would inject a command into the script otherwise.
 		s := buildWindowsWorkspaceKillScript([]string{`C:\work\it's\path`})
 		assert.Contains(t, s, `'C:\work\it''s\path'`)
 		// And it must NOT appear unescaped — otherwise the quote would
 		// terminate the literal early.
 		assert.NotContains(t, s, `'C:\work\it's\path'`)
 	})
 	t.Run("path with wildcard metacharacters is matched literally", func(t *testing.T) {
 		// A path containing [ ] ? * must be embedded verbatim and matched with
 		// ordinal String methods, not -like, otherwise the metacharacters would
 		// be interpreted as wildcards and the leftover process could escape.
 		s := buildWindowsWorkspaceKillScript([]string{`C:\work\[job]?1`})
 		assert.Contains(t, s, `'C:\work\[job]?1'`)
 		assert.NotContains(t, s, "-like")
 		assert.Contains(t, s, "StartsWith")
 		assert.Contains(t, s, "IndexOf")
 	})
 	t.Run("empty dir list still produces a valid script", func(t *testing.T) {
 		s := buildWindowsWorkspaceKillScript(nil)
 		// Empty array literal — script runs, matches nothing, is a no-op.
 		assert.Contains(t, s, "$paths = @()")
 		assert.Contains(t, s, "Get-CimInstance Win32_Process")
 	})
 }
--- a/act/container/process_other.go
+++ b/act/container/process_other.go
@@ -0,0 +1,29 @@
 // Copyright 2026 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 //go:build plan9
 package container
 import "os"
 // processKiller falls back to single-process termination on platforms without
 // a process-group / Job Object tree-kill. The Job Object (Windows) and process
 // group (Unix) based tree-kills live in process_windows.go / process_unix.go;
 // here we just kill the direct child, matching the previous default behaviour.
 type processKiller struct {
 	p *os.Process
 }
 func newProcessKiller(p *os.Process) (*processKiller, error) {
 	return &processKiller{p: p}, nil
 }
 func (k *processKiller) Kill() error {
 	if k == nil || k.p == nil {
 		return nil
 	}
 	return k.p.Kill()
 }
 func (k *processKiller) Close() error { return nil }
--- a/act/container/process_unix.go
+++ b/act/container/process_unix.go
@@ -0,0 +1,56 @@
 // Copyright 2026 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 //go:build !windows && !plan9
 package container
 import (
 	"errors"
 	"os"
 	"syscall"
 )
 // processKiller terminates a step process together with its whole process
 // group, which is the Unix counterpart of the Windows Job Object tree-kill.
 //
 // Background: a step often launches a process tree (a shell that starts a child
 // which in turn spawns further background processes). The default
 // exec.CommandContext cancellation only kills the direct child, so cancelling a
 // job left the rest of the tree running. Because those orphans inherited the
 // step's stdout/stderr pipe, cmd.Wait() also blocked forever and the runner
 // hung.
 //
 // Steps are started with Setpgid (or Setsid for the PTY path, see
 // getSysProcAttr), which makes the step process the leader of a new process
 // group whose ID equals its PID. Signalling the negative PID delivers to every
 // process still in that group, so we can tear down the whole tree atomically on
 // cancellation, which also closes the inherited pipe handles so cmd.Wait() can
 // return.
 type processKiller struct {
 	pgid int
 }
 // newProcessKiller captures the process group of p (an already-started
 // process). Because the step is launched with Setpgid/Setsid, p is a group
 // leader and its PGID equals its PID; children spawned afterwards stay in the
 // same group unless they explicitly create their own.
 func newProcessKiller(p *os.Process) (*processKiller, error) {
 	return &processKiller{pgid: p.Pid}, nil
 }
 // Kill sends SIGKILL to the entire process group (the step process and every
 // descendant that stayed in the group). A missing group (ESRCH) means the
 // processes already exited and is not treated as an error.
 func (k *processKiller) Kill() error {
 	if k == nil || k.pgid <= 0 {
 		return nil
 	}
 	if err := syscall.Kill(-k.pgid, syscall.SIGKILL); err != nil && !errors.Is(err, syscall.ESRCH) {
 		return err
 	}
 	return nil
 }
 // Close is a no-op on Unix; there is no job handle to release.
 func (k *processKiller) Close() error { return nil }
--- a/act/container/process_unix_test.go
+++ b/act/container/process_unix_test.go
@@ -0,0 +1,100 @@
 // Copyright 2026 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 //go:build !windows && !plan9
 package container
 import (
 	"fmt"
 	"os"
 	"os/exec"
 	"path/filepath"
 	"strconv"
 	"strings"
 	"syscall"
 	"testing"
 	"time"
 	"github.com/stretchr/testify/require"
 )
 // processAlive reports whether pid refers to a still-running process. Signal 0
 // performs error checking without delivering a signal: a nil error (or EPERM)
 // means the process exists, ESRCH means it is gone.
 //
 // On Linux, zombie processes (state Z in /proc/<pid>/stat) appear alive to
 // kill(0) but have already terminated — their corpse lingers until the parent
 // calls wait(). In a Docker container the child may be reparented to a PID 1
 // that does not reap promptly, so we treat zombies as not alive.
 func processAlive(pid int) bool {
 	err := syscall.Kill(pid, 0)
 	if err != nil {
 		return false
 	}
 	// On Linux /proc is available; check whether the process is a zombie.
 	if b, readErr := os.ReadFile(fmt.Sprintf("/proc/%d/stat", pid)); readErr == nil {
 		// Format: "pid (comm) state ..." — state follows the closing ')' of the
 		// command name (which may itself contain spaces and parens).
 		rest := string(b)
 		if idx := strings.LastIndex(rest, ") "); idx >= 0 {
 			fields := strings.Fields(rest[idx+2:])
 			if len(fields) > 0 && fields[0] == "Z" {
 				return false // zombie: terminated but not yet reaped
 			}
 		}
 	}
 	return true
 }
 // TestProcessKillerKillsTree verifies that a process group captured by the
 // killer is terminated together with a child the step spawns afterwards. This
 // mirrors a step that launches a child which spawns further processes, where
 // cancelling the job must take down the whole tree, not just the direct child.
 func TestProcessKillerKillsTree(t *testing.T) {
 	dir := t.TempDir()
 	pidFile := filepath.Join(dir, "child.pid")
 	// Parent shell backgrounds a long-lived child (writing its PID to a file)
 	// and then sleeps. With job control off (non-interactive sh) the backgrounded
 	// child stays in the parent's process group, so the group kill must reach it.
 	script := fmt.Sprintf(`sleep 600 & echo $! > %q; sleep 600`, pidFile)
 	cmd := exec.Command("/bin/sh", "-c", script)
 	// Launch as its own process-group leader, exactly like a real step does (see
 	// getSysProcAttr), so the killer's PGID == the process PID.
 	cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true}
 	require.NoError(t, cmd.Start())
 	t.Cleanup(func() {
 		_ = syscall.Kill(-cmd.Process.Pid, syscall.SIGKILL)
 		_ = cmd.Wait()
 	})
 	killer, err := newProcessKiller(cmd.Process)
 	require.NoError(t, err)
 	defer killer.Close()
 	// Wait for the backgrounded child PID to be reported.
 	var childPID int
 	require.Eventually(t, func() bool {
 		b, e := os.ReadFile(pidFile)
 		if e != nil {
 			return false
 		}
 		s := strings.TrimSpace(string(b))
 		if s == "" {
 			return false
 		}
 		childPID, _ = strconv.Atoi(s)
 		return childPID > 0 && processAlive(childPID)
 	}, 20*time.Second, 100*time.Millisecond, "child process should start")
 	// Killing the group must terminate both the parent and the backgrounded child.
 	require.NoError(t, killer.Kill())
 	// Reap the parent so it does not linger as a zombie (which would still report
 	// as alive); SIGKILL makes Wait return promptly.
 	_ = cmd.Wait()
 	require.Eventually(t, func() bool {
 		return !processAlive(childPID)
 	}, 20*time.Second, 100*time.Millisecond, "backgrounded child should be terminated")
 }
--- a/act/container/process_windows.go
+++ b/act/container/process_windows.go
@@ -0,0 +1,71 @@
 // Copyright 2026 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 package container
 import (
 	"os"
 	"golang.org/x/sys/windows"
 )
 // processKiller terminates a step process together with its entire descendant
 // tree via a Windows Job Object.
 //
 // Background: a step often launches a process tree (a shell that starts a
 // child which in turn spawns further GUI or background processes). The default
 // exec.CommandContext cancellation only kills the direct child, so cancelling a
 // job left the rest of the tree running. Because those orphans inherited the
 // step's stdout/stderr pipe, cmd.Wait() also blocked forever and the runner hung.
 //
 // Assigning the step process to a Job Object lets us kill the whole tree
 // atomically on cancellation (TerminateJobObject), which also closes the
 // inherited pipe handles so cmd.Wait() can return.
 type processKiller struct {
 	job windows.Handle
 }
 // newProcessKiller creates a Job Object and assigns p (an already-started
 // process) to it. Children spawned by p afterwards are automatically part of
 // the job. The job does NOT use JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE, so closing
 // the handle on normal completion does not kill legitimate background
 // processes; the tree is only torn down by an explicit Kill (cancellation).
 func newProcessKiller(p *os.Process) (*processKiller, error) {
 	job, err := windows.CreateJobObject(nil, nil)
 	if err != nil {
 		return nil, err
 	}
 	h, err := windows.OpenProcess(windows.PROCESS_SET_QUOTA|windows.PROCESS_TERMINATE, false, uint32(p.Pid))
 	if err != nil {
 		windows.CloseHandle(job)
 		return nil, err
 	}
 	defer windows.CloseHandle(h)
 	if err := windows.AssignProcessToJobObject(job, h); err != nil {
 		windows.CloseHandle(job)
 		return nil, err
 	}
 	return &processKiller{job: job}, nil
 }
 // Kill terminates every process currently assigned to the job (the step process
 // and all of its descendants).
 func (k *processKiller) Kill() error {
 	if k == nil || k.job == 0 {
 		return nil
 	}
 	return windows.TerminateJobObject(k.job, 1)
 }
 // Close releases the job handle. It does not terminate the processes.
 func (k *processKiller) Close() error {
 	if k == nil || k.job == 0 {
 		return nil
 	}
 	h := k.job
 	k.job = 0
 	return windows.CloseHandle(h)
 }
--- a/act/container/process_windows_test.go
+++ b/act/container/process_windows_test.go
@@ -0,0 +1,78 @@
 // Copyright 2026 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 package container
 import (
 	"fmt"
 	"os"
 	"os/exec"
 	"path/filepath"
 	"strconv"
 	"strings"
 	"testing"
 	"time"
 	"github.com/stretchr/testify/require"
 	"golang.org/x/sys/windows"
 )
 // processAlive reports whether pid refers to a still-running process.
 func processAlive(pid int) bool {
 	h, err := windows.OpenProcess(windows.PROCESS_QUERY_LIMITED_INFORMATION, false, uint32(pid))
 	if err != nil {
 		return false
 	}
 	defer windows.CloseHandle(h)
 	var code uint32
 	if err := windows.GetExitCodeProcess(h, &code); err != nil {
 		return false
 	}
 	const stillActive = 259 // STILL_ACTIVE
 	return code == stillActive
 }
 // TestProcessKillerKillsTree verifies that a process assigned to the Job Object
 // is terminated together with a child it spawns afterwards. This mirrors a step
 // that launches a child which spawns further processes, where cancelling the
 // job must take down the whole tree, not just the direct child.
 func TestProcessKillerKillsTree(t *testing.T) {
 	dir := t.TempDir()
 	pidFile := filepath.Join(dir, "child.pid")
 	// Parent powershell spawns a detached, long-lived child powershell (writing
 	// its PID to a file) and then sleeps. The child is launched AFTER the parent
 	// has been assigned to the job, so it must be captured by the job too.
 	script := fmt.Sprintf(
 		`$c = Start-Process powershell -PassThru -ArgumentList '-NoProfile','-Command','Start-Sleep -Seconds 600'; `+
 			`Set-Content -LiteralPath %q -Value $c.Id; Start-Sleep -Seconds 600`, pidFile)
 	cmd := exec.Command("powershell.exe", "-NoProfile", "-Command", script)
 	require.NoError(t, cmd.Start())
 	t.Cleanup(func() { _ = cmd.Process.Kill() })
 	killer, err := newProcessKiller(cmd.Process)
 	require.NoError(t, err)
 	defer killer.Close()
 	// Wait for the child PID to be reported.
 	var childPID int
 	require.Eventually(t, func() bool {
 		b, e := os.ReadFile(pidFile)
 		if e != nil {
 			return false
 		}
 		s := strings.TrimSpace(string(b))
 		if s == "" {
 			return false
 		}
 		childPID, _ = strconv.Atoi(s)
 		return childPID > 0 && processAlive(childPID)
 	}, 20*time.Second, 200*time.Millisecond, "child process should start")
 	// Killing the job must terminate both the parent and the detached child.
 	require.NoError(t, killer.Kill())
 	require.Eventually(t, func() bool {
 		return !processAlive(cmd.Process.Pid) && !processAlive(childPID)
 	}, 20*time.Second, 200*time.Millisecond, "parent and child should both be terminated")
 }
--- a/act/model/workflow.go
+++ b/act/model/workflow.go
@@ -325,14 +325,20 @@ func (j *Job) Needs() []string {
 // RunsOn list for Job
 func (j *Job) RunsOn() []string {
-	switch j.RawRunsOn.Kind {
+	return RunsOnFromNode(j.RawRunsOn)
 }
 // RunsOnFromNode parses the runs-on labels from a raw runs-on node, so callers can evaluate a
 // copy of the node (avoiding mutation of the shared Job) before reading the labels.
 func RunsOnFromNode(rawRunsOn yaml.Node) []string {
 	switch rawRunsOn.Kind {
 	case yaml.MappingNode:
 		var val struct {
 			Group  string
 			Labels yaml.Node
 		}
-		if !decodeNode(j.RawRunsOn, &val) {
+		if !decodeNode(rawRunsOn, &val) {
 			return nil
 		}
@@ -344,7 +350,7 @@ func (j *Job) RunsOn() []string {
 		return labels
 	default:
-		return nodeAsStringSlice(j.RawRunsOn)
+		return nodeAsStringSlice(rawRunsOn)
 	}
 }
@@ -645,6 +651,33 @@ type Step struct {
 	TimeoutMinutes     string            `yaml:"timeout-minutes"`
 }
 // Clone returns a deep copy safe to mutate independently of s. Job steps are shared across
 // parallel matrix runs, which mutate per-job fields (ID, Number, Shell) and evaluate the If/Env
 // yaml.Nodes in place, so each job must own its copy.
 func (s *Step) Clone() *Step {
 	clone := *s
 	clone.If = CloneYamlNode(s.If)
 	clone.Env = CloneYamlNode(s.Env)
 	clone.With = maps.Clone(s.With)
 	return &clone
 }
 // CloneYamlNode returns a deep copy of a yaml.Node so callers can evaluate it in place without
 // mutating a node shared across parallel jobs.
 func CloneYamlNode(n yaml.Node) yaml.Node {
 	clone := n
 	if n.Content != nil {
 		clone.Content = make([]*yaml.Node, len(n.Content))
 		for i, child := range n.Content {
 			if child != nil {
 				childClone := CloneYamlNode(*child)
 				clone.Content[i] = &childClone
 			}
 		}
 	}
 	return clone
 }
 // String gets the name of step
 func (s *Step) String() string {
 	if s.Name != "" {
--- a/act/model/workflow_test.go
+++ b/act/model/workflow_test.go
@@ -9,9 +9,29 @@ import (
 	"testing"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"go.yaml.in/yaml/v4"
 )
 // TestStepCloneIsolatesMutableFields guards the parallel-matrix race fix: combinations share the
 // job's *Step, and Clone() must hand each a copy whose If/Env nodes and With map can be mutated
 // independently. A shallow copy would share Env.Content's backing array (and the With map) and
 // leak writes across combinations.
 func TestStepCloneIsolatesMutableFields(t *testing.T) {
 	var orig Step
 	require.NoError(t, yaml.Unmarshal([]byte("if: ${{ env.X == 'a' }}\nenv:\n  KEY: original\nwith:\n  arg: original\n"), &orig))
 	require.Len(t, orig.Env.Content, 2) // [key, value]
 	clone := orig.Clone()
 	clone.If.Value = "changed"
 	clone.Env.Content[1].Value = "changed"
 	clone.With["arg"] = "changed"
 	assert.Equal(t, "${{ env.X == 'a' }}", orig.If.Value, "If must not be shared with the clone")
 	assert.Equal(t, "original", orig.Env.Content[1].Value, "Env nodes must not be shared with the clone")
 	assert.Equal(t, "original", orig.With["arg"], "With map must not be shared with the clone")
 }
 func TestReadWorkflow_ScheduleEvent(t *testing.T) {
 	yaml := `
 name: local-action-docker-url
--- a/act/runner/action.go
+++ b/act/runner/action.go
@@ -436,13 +436,11 @@ func newStepContainer(ctx context.Context, step step, image string, cmd, entrypo
 	if rc.IsHostEnv(ctx) {
 		networkMode = "default"
 	}
-	stepContainer := container.NewContainer(&container.NewContainerInput{
+	stepContainer := ContainerNewContainer(&container.NewContainerInput{
 		Cmd:          cmd,
 		Entrypoint:   entrypoint,
 		WorkingDir:   rc.JobContainer.ToContainerPath(rc.Config.Workdir),
 		Image:        image,
 		Username:     rc.Config.Secrets["DOCKER_USERNAME"],
 		Password:     rc.Config.Secrets["DOCKER_PASSWORD"],
 		Name:         createContainerName(rc.jobContainerName(), "STEP-"+stepModel.ID),
 		Env:          envList,
 		Mounts:       mounts,
@@ -455,7 +453,7 @@ func newStepContainer(ctx context.Context, step step, image string, cmd, entrypo
 		Platform:     rc.Config.ContainerArchitecture,
 		Options:      rc.Config.ContainerOptions,
 		AutoRemove:   rc.Config.AutoRemove,
-		ValidVolumes: rc.Config.ValidVolumes,
+		ValidVolumes: rc.validVolumes(),
 		AllocatePTY:  rc.Config.AllocatePTY,
 	})
 	return stepContainer
--- a/act/runner/action_cache_test.go
+++ b/act/runner/action_cache_test.go
@@ -8,64 +8,139 @@ import (
 	"archive/tar"
 	"bytes"
 	"context"
 	"fmt"
 	"io"
 	"os"
 	"os/exec"
 	"path/filepath"
 	"strings"
 	"testing"
 	"time"
 	"gitea.com/gitea/runner/act/common"
 	"gitea.com/gitea/runner/act/model"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
-func TestActionCache(t *testing.T) {
+func runGit(t *testing.T, dir string, args ...string) {
-	if testing.Short() {
+	t.Helper()
-		t.Skip("skipping integration test")
+	if dir != "" {
 		args = append([]string{"-C", dir}, args...)
 	}
 	cmd := exec.Command("git", args...)
 	// Fixed identity and host-config isolation so commits succeed offline regardless of the
 	// host's git config (mirrors gitCmd in act/common/git).
 	cmd.Env = append(os.Environ(),
 		"GIT_AUTHOR_NAME=test", "GIT_AUTHOR_EMAIL=test@example.com",
 		"GIT_COMMITTER_NAME=test", "GIT_COMMITTER_EMAIL=test@example.com",
 		"GIT_CONFIG_GLOBAL=/dev/null", "GIT_CONFIG_SYSTEM=/dev/null",
 	)
 	out, err := cmd.CombinedOutput()
 	require.NoError(t, err, string(out))
 }
 // TestShortShaActionRejected verifies a `uses` ref that is a shortened commit SHA is rejected
 // with a clear error. The action is resolved from a local repo (via DefaultActionInstance) so
 // this runs offline.
 func TestShortShaActionRejected(t *testing.T) {
 	// a local "remote" action repo at <root>/actions/hello-world-docker-action
 	actionRoot := t.TempDir()
 	repo := filepath.Join(actionRoot, "actions", "hello-world-docker-action")
 	require.NoError(t, os.MkdirAll(repo, 0o755))
 	runGit(t, "", "init", "--initial-branch=main", repo)
 	require.NoError(t, os.WriteFile(filepath.Join(repo, "action.yml"),
 		[]byte("name: hello\nruns:\n  using: node24\n  main: index.js\n"), 0o644))
 	runGit(t, repo, "add", ".")
 	runGit(t, repo, "commit", "-m", "initial")
 	out, err := exec.Command("git", "-C", repo, "rev-parse", "HEAD").Output()
 	require.NoError(t, err)
 	shortSha := strings.TrimSpace(string(out))[:7]
 	// a workflow that uses the action at the short SHA
 	wfDir := filepath.Join(t.TempDir(), "wf")
 	require.NoError(t, os.MkdirAll(wfDir, 0o755))
 	wf := fmt.Sprintf("on: push\njobs:\n  test:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/hello-world-docker-action@%s\n", shortSha)
 	require.NoError(t, os.WriteFile(filepath.Join(wfDir, "push.yml"), []byte(wf), 0o644))
 	runner, err := New(&Config{
 		Workdir:               wfDir,
 		EventName:             "push",
 		Platforms:             map[string]string{"ubuntu-latest": baseImage},
 		GitHubInstance:        "github.com",
 		DefaultActionInstance: actionRoot,
 		ContainerMaxLifetime:  time.Hour,
 	})
 	require.NoError(t, err)
 	planner, err := model.NewWorkflowPlanner(wfDir, true)
 	require.NoError(t, err)
 	plan, err := planner.PlanEvent("push")
 	require.NoError(t, err)
 	err = runner.NewPlanExecutor(plan)(common.WithDryrun(context.Background(), true))
 	require.Error(t, err)
 	assert.Contains(t, err.Error(), "shortened version of a commit SHA")
 }
 func TestActionCache(t *testing.T) {
 	a := assert.New(t)
 	ctx := context.Background()
 	// Build a local bare repo with a `js` action dir so this runs offline (formerly cloned
 	// github.com/nektos/act-test-actions over the network). allowAnySHA1InWant lets the
 	// "Fetch Sha" case fetch a commit hash directly.
 	remoteDir := t.TempDir()
 	runGit(t, "", "init", "--bare", "--initial-branch=main", remoteDir)
 	runGit(t, remoteDir, "config", "uploadpack.allowAnySHA1InWant", "true")
 	workDir := t.TempDir()
 	runGit(t, "", "clone", remoteDir, workDir)
 	require.NoError(t, os.MkdirAll(filepath.Join(workDir, "js"), 0o755))
 	require.NoError(t, os.WriteFile(filepath.Join(workDir, "js", "action.yml"),
 		[]byte("name: js\nruns:\n  using: node24\n  main: index.js\n"), 0o644))
 	require.NoError(t, os.WriteFile(filepath.Join(workDir, "js", "index.js"),
 		[]byte("console.log('hello');\n"), 0o644))
 	runGit(t, workDir, "add", ".")
 	runGit(t, workDir, "commit", "-m", "initial")
 	runGit(t, workDir, "push", "-u", "origin", "main")
 	out, err := exec.Command("git", "-C", workDir, "rev-parse", "main").Output()
 	require.NoError(t, err)
 	fullSha := strings.TrimSpace(string(out))
 	cache := &GoGitActionCache{
 		Path: t.TempDir(),
 	}
-	ctx := context.Background()
+	cacheDir := "local/act-test-actions"
 	cacheDir := "nektos/act-test-actions"
 	repo := "https://github.com/nektos/act-test-actions"
 	refs := []struct {
-		Name     string
+		Name string
-		CacheDir string
+		Ref  string
 		Repo     string
 		Ref      string
 	}{
-		{
+		{Name: "Fetch Branch Name", Ref: "main"},
-			Name:     "Fetch Branch Name",
+		{Name: "Fetch Branch Name Absolutely", Ref: "refs/heads/main"},
-			CacheDir: cacheDir,
+		{Name: "Fetch HEAD", Ref: "HEAD"},
-			Repo:     repo,
+		{Name: "Fetch Sha", Ref: fullSha},
 			Ref:      "main",
 		},
 		{
 			Name:     "Fetch Branch Name Absolutely",
 			CacheDir: cacheDir,
 			Repo:     repo,
 			Ref:      "refs/heads/main",
 		},
 		{
 			Name:     "Fetch HEAD",
 			CacheDir: cacheDir,
 			Repo:     repo,
 			Ref:      "HEAD",
 		},
 		{
 			Name:     "Fetch Sha",
 			CacheDir: cacheDir,
 			Repo:     repo,
 			Ref:      "de984ca37e4df4cb9fd9256435a3b82c4a2662b1",
 		},
 	}
 	for _, c := range refs {
 		t.Run(c.Name, func(t *testing.T) {
-			sha, err := cache.Fetch(ctx, c.CacheDir, c.Repo, c.Ref, "")
+			sha, err := cache.Fetch(ctx, cacheDir, remoteDir, c.Ref, "")
 			if !a.NoError(err) || !a.NotEmpty(sha) { //nolint:testifylint // pre-existing issue from nektos/act
 				return
 			}
-			atar, err := cache.GetTarArchive(ctx, c.CacheDir, sha, "js")
+			atar, err := cache.GetTarArchive(ctx, cacheDir, sha, "js")
-			if !a.NoError(err) || !a.NotEmpty(atar) { //nolint:testifylint // pre-existing issue from nektos/act
+			// NotNil, not NotEmpty: atar is a live io.PipeReader whose producer goroutine is
 			// writing concurrently; NotEmpty deep-reflects over its internals and races.
 			if !a.NoError(err) || !a.NotNil(atar) { //nolint:testifylint // pre-existing issue from nektos/act
 				return
 			}
 			// GetTarArchive streams from a background goroutine walking the shared repo.
 			// Drain and close so it finishes before the next subtest fetches into the same
 			// repo; otherwise the lingering walk races with that fetch.
 			defer func() {
 				_, _ = io.Copy(io.Discard, atar)
 				_ = atar.Close()
 			}()
 			mytar := tar.NewReader(atar)
 			th, err := mytar.Next()
 			if !a.NoError(err) || !a.NotEqual(0, th.Size) { //nolint:testifylint // pre-existing issue from nektos/act
--- a/act/runner/action_test.go
+++ b/act/runner/action_test.go
@@ -258,6 +258,54 @@ func TestActionRunner(t *testing.T) {
 	}
 }
 func TestNewStepContainerDoesNotUseDockerSecrets(t *testing.T) {
 	cm := &containerMock{}
 	var captured *container.NewContainerInput
 	origContainerNewContainer := ContainerNewContainer
 	ContainerNewContainer = func(input *container.NewContainerInput) container.ExecutionsEnvironment {
 		captured = input
 		return cm
 	}
 	defer func() {
 		ContainerNewContainer = origContainerNewContainer
 	}()
 	ctx := context.Background()
 	rc := &RunContext{
 		Name: "job",
 		Config: &Config{
 			Secrets: map[string]string{
 				"DOCKER_USERNAME": "docker-user",
 				"DOCKER_PASSWORD": "docker-password",
 			},
 		},
 		Run: &model.Run{
 			JobID: "job",
 			Workflow: &model.Workflow{
 				Name: "test",
 				Jobs: map[string]*model.Job{
 					"job": {},
 				},
 			},
 		},
 		JobContainer: cm,
 		StepResults:  map[string]*model.StepResult{},
 	}
 	env := map[string]string{}
 	step := &stepMock{}
 	step.On("getRunContext").Return(rc)
 	step.On("getStepModel").Return(&model.Step{ID: "action"})
 	step.On("getEnv").Return(&env)
 	_ = newStepContainer(ctx, step, "registry.example.com/action:tag", nil, nil)
 	// DOCKER_USERNAME/DOCKER_PASSWORD should not be injected as pull credentials for docker action containers.
 	assert.Empty(t, captured.Username)
 	assert.Empty(t, captured.Password)
 	step.AssertExpectations(t)
 }
 func TestMaybeCopyToActionDirHoldsCloneLock(t *testing.T) {
 	ctx := context.Background()
--- a/act/runner/command.go
+++ b/act/runner/command.go
@@ -48,10 +48,13 @@ func (rc *RunContext) commandHandler(ctx context.Context) common.LineHandler {
 		if resumeCommand != "" && command != resumeCommand {
 			// There should not be any emojis in the log output for Gitea.
 			// The code in the switch statement is the same.
 			// Return true (not false) so the line still reaches the raw_output
 			// log handler; otherwise everything between ::stop-commands:: and
 			// its end token is silently dropped from the step log.
 			logger.Infof("%s", line)
-			return false
+			return true
 		}
-		arg = unescapeCommandData(arg)
+		arg = UnescapeCommandData(arg)
 		kvPairs = unescapeKvPairs(kvPairs)
 		switch command {
 		case "set-env":
@@ -151,7 +154,7 @@ func parseKeyValuePairs(kvPairs, separator string) map[string]string {
 	return rtn
 }
-func unescapeCommandData(arg string) string {
+func UnescapeCommandData(arg string) string {
 	escapeMap := map[string]string{
 		"%25": "%",
 		"%0D": "\r",
--- a/act/runner/command_test.go
+++ b/act/runner/command_test.go
@@ -28,6 +28,29 @@ func TestSetEnv(t *testing.T) {
 	a.Equal("valz", rc.Env["x"])
 }
 func TestStopCommandsKeepsSuppressedLinesInLog(t *testing.T) {
 	a := assert.New(t)
 	ctx := context.Background()
 	rc := new(RunContext)
 	handler := rc.commandHandler(ctx)
 	// Stop command processing until the matching end token is seen.
 	a.True(handler("::stop-commands::my-end-token\n"))
 	// A command-shaped line while stopped must not be executed (env unchanged),
 	// but must still return true so it reaches the raw_output log handler and is
 	// not dropped from the step log.
 	a.True(handler("::set-env name=x::valz\n"))
 	a.NotContains(rc.Env, "x")
 	// The matching end token resumes command processing.
 	a.True(handler("::my-end-token::\n"))
 	// Commands are processed again after resuming.
 	a.True(handler("::set-env name=y::valy\n"))
 	a.Equal("valy", rc.Env["y"])
 }
 func TestSetOutput(t *testing.T) {
 	a := assert.New(t)
 	ctx := context.Background()
--- a/act/runner/expression.go
+++ b/act/runner/expression.go
@@ -562,15 +562,15 @@ func getWorkflowSecrets(ctx context.Context, rc *RunContext) map[string]string {
 			secrets = rc.caller.runContext.Config.Secrets
 		}
-		if secrets == nil {
+		// Interpolate into a new map. secrets may be the shared Config.Secrets (or the job's
-			secrets = map[string]string{}
+		// map), which other parallel jobs read concurrently (e.g. log masking), so mutating it
-		}
+		// in place is a data race.
-
+		interpolated := make(map[string]string, len(secrets))
 		for k, v := range secrets {
-			secrets[k] = rc.caller.runContext.ExprEval.Interpolate(ctx, v)
+			interpolated[k] = rc.caller.runContext.ExprEval.Interpolate(ctx, v)
 		}
-		return secrets
+		return interpolated
 	}
 	return rc.Config.Secrets
--- a/act/runner/helpers_test.go
+++ b/act/runner/helpers_test.go
@@ -0,0 +1,66 @@
 // Copyright 2026 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 package runner
 import (
 	"context"
 	"net"
 	"os/exec"
 	"runtime"
 	"testing"
 	"time"
 	"gitea.com/gitea/runner/act/container"
 	mobyclient "github.com/moby/moby/client"
 )
 // requireLinuxDocker skips on non-Linux hosts. Some integration workflows need Docker features
 // that only a Linux daemon provides (host networking, host /proc bind mounts); Docker Desktop
 // on macOS/Windows does not, so those tests can only run on Linux.
 func requireLinuxDocker(t *testing.T) {
 	t.Helper()
 	if runtime.GOOS != "linux" {
 		t.Skip("skipping: requires a Linux Docker host")
 	}
 }
 // requireDocker skips the test unless a reachable docker daemon is available.
 // GetDockerClient succeeds even without a running daemon (its ping is best-effort),
 // so the daemon has to be pinged explicitly here to decide whether to skip.
 func requireDocker(t *testing.T) {
 	t.Helper()
 	ctx := context.Background()
 	cli, err := container.GetDockerClient(ctx)
 	if err != nil {
 		t.Skipf("skipping: docker client unavailable: %v", err)
 	}
 	defer cli.Close()
 	if _, err := cli.Ping(ctx, mobyclient.PingOptions{}); err != nil {
 		t.Skipf("skipping: docker daemon unreachable: %v", err)
 	}
 }
 // requireNetwork skips the test unless github.com is reachable. A few tests exercise behaviour
 // that inherently needs the network (force-pulling an image, resolving a remote short-sha ref);
 // gating lets the rest of the suite run offline without these failing.
 func requireNetwork(t *testing.T) {
 	t.Helper()
 	conn, err := net.DialTimeout("tcp", "github.com:443", 3*time.Second)
 	if err != nil {
 		t.Skipf("skipping: network unavailable: %v", err)
 	}
 	_ = conn.Close()
 }
 // requireHostTools skips the test unless every named executable is on PATH. Used by the
 // self-hosted (host environment) suite, which runs steps directly on the host.
 func requireHostTools(t *testing.T, tools ...string) {
 	t.Helper()
 	for _, tool := range tools {
 		if _, err := exec.LookPath(tool); err != nil {
 			t.Skipf("skipping: required host tool %q not found: %v", tool, err)
 		}
 	}
 }
--- a/act/runner/job_executor.go
+++ b/act/runner/job_executor.go
@@ -5,15 +5,46 @@
 package runner
 import (
 	"archive/tar"
 	"bytes"
 	"context"
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io"
 	"net/http"
 	"path"
 	"slices"
 	"strconv"
 	"strings"
 	"time"
 	"unicode"
 	"gitea.com/gitea/runner/act/common"
 	"gitea.com/gitea/runner/act/container"
 	"gitea.com/gitea/runner/act/model"
 )
 const maxJobSummaryBytes = 1024 * 1024
 // jobSummaryTruncationMarker is appended to a summary that exceeded the size limit
 // so the rendered output makes the truncation visible instead of silently cutting off.
 const jobSummaryTruncationMarker = "\n\n---\n\n*Job summary truncated: it exceeded the maximum allowed size.*\n"
 var (
 	jobSummaryUploadRetryDelay = time.Second
 	// jobSummaryUploadRequestTimeout bounds a single step upload request. It is kept
 	// below jobSummaryUploadPhaseTimeout so one slow or unreachable request times out
 	// and lets the remaining steps still upload within the phase budget, instead of a
 	// single stuck request consuming the whole phase.
 	jobSummaryUploadRequestTimeout = 5 * time.Second
 	// jobSummaryUploadPhaseTimeout bounds the total time spent uploading all step
 	// summaries. The uploads run inside the job cleanup budget that is also used to
 	// stop and remove the container, so a slow or unreachable endpoint must not be
 	// allowed to consume it; this keeps the remaining budget available for teardown.
 	jobSummaryUploadPhaseTimeout = 15 * time.Second
 )
 type jobInfo interface {
 	matrix() map[string]any
 	steps() []*model.Step
@@ -80,8 +111,10 @@ func newJobExecutor(info jobInfo, sf stepFactory, rc *RunContext) common.Executo
 			return common.NewErrorExecutor(err)
 		}
 		stepIdx := stepModel.Number
 		preExec := step.pre()
 		preSteps = append(preSteps, useStepLogger(rc, stepModel, stepStagePre, func(ctx context.Context) error {
 			rc.CurrentStepIndex = stepIdx
 			preErr := preExec(ctx)
 			if preErr != nil {
 				reportStepError(ctx, preErr)
@@ -93,6 +126,7 @@ func newJobExecutor(info jobInfo, sf stepFactory, rc *RunContext) common.Executo
 		stepExec := step.main()
 		steps = append(steps, useStepLogger(rc, stepModel, stepStageMain, func(ctx context.Context) error {
 			rc.CurrentStepIndex = stepIdx
 			err := stepExec(ctx)
 			if err != nil {
 				reportStepError(ctx, err)
@@ -104,6 +138,7 @@ func newJobExecutor(info jobInfo, sf stepFactory, rc *RunContext) common.Executo
 		postFn := step.post()
 		postExec := useStepLogger(rc, stepModel, stepStagePost, func(ctx context.Context) error {
 			rc.CurrentStepIndex = stepIdx
 			err := postFn(ctx)
 			if err != nil {
 				reportStepError(ctx, err)
@@ -129,6 +164,7 @@ func newJobExecutor(info jobInfo, sf stepFactory, rc *RunContext) common.Executo
 			defer cancel()
 			logger := common.Logger(ctx)
 			tryUploadJobSummary(ctx, rc)
 			// For Gitea
 			// We don't need to call `stopServiceContainers` here since it will be called by following `info.stopContainer`
 			// logger.Infof("Cleaning up services for job %s", rc.JobName)
@@ -183,18 +219,25 @@ func newJobExecutor(info jobInfo, sf stepFactory, rc *RunContext) common.Executo
 func setJobResult(ctx context.Context, info jobInfo, rc *RunContext, success bool) {
 	logger := common.Logger(ctx)
-	jobResult := "success"
+	// Matrix combinations share one *model.Job and run in parallel; serialize the
-	// we have only one result for a whole matrix build, so we need
+	// read-modify-write of the job result so a failing combination is not lost-updated by a
-	// to keep an existing result state if we run a matrix
+	// concurrent succeeding one.
-	if len(info.matrix()) > 0 && rc.Run.Job().Result != "" {
+	job := rc.Run.Job()
-		jobResult = rc.Run.Job().Result
+	jobResult := func() string {
-	}
+		defer lockJob(job)()
 		result := "success"
 		// we have only one result for a whole matrix build, so we need
 		// to keep an existing result state if we run a matrix
 		if len(info.matrix()) > 0 && job.Result != "" {
 			result = job.Result
 		}
 		if !success {
 			result = "failure"
 		}
 		info.result(result)
 		return result
 	}()
 	if !success {
 		jobResult = "failure"
 	}
 	info.result(jobResult)
 	if rc.caller != nil {
 		// set reusable workflow job result
 		rc.caller.setReusedWorkflowJobResult(rc.JobName, jobResult) // For Gitea
@@ -220,10 +263,188 @@ func setJobOutputs(ctx context.Context, rc *RunContext) {
 			callerOutputs[k] = ee.Interpolate(ctx, ee.Interpolate(ctx, v.Value))
 		}
-		rc.caller.runContext.Run.Job().Outputs = callerOutputs
+		// Matrix combinations of a reusable-workflow caller share the caller's *model.Job;
 		// serialize the write so parallel combos don't race on its Outputs field.
 		callerJob := rc.caller.runContext.Run.Job()
 		defer lockJob(callerJob)()
 		callerJob.Outputs = callerOutputs
 	}
 }
 func tryUploadJobSummary(ctx context.Context, rc *RunContext) {
 	if rc == nil || rc.JobContainer == nil || rc.Config == nil {
 		return
 	}
 	// Bound the whole upload phase so a slow or unreachable endpoint cannot consume
 	// the job cleanup budget reserved for stopping and removing the container.
 	ctx, cancel := context.WithTimeout(ctx, jobSummaryUploadPhaseTimeout)
 	defer cancel()
 	env := rc.GetEnv()
 	caps := strings.TrimSpace(env["GITEA_ACTIONS_CAPABILITIES"])
 	if !hasJobSummaryCapability(caps) {
 		// Server did not advertise support. Do not attempt upload.
 		return
 	}
 	runtimeURL := strings.TrimSpace(env["ACTIONS_RUNTIME_URL"])
 	runtimeToken := strings.TrimSpace(env["ACTIONS_RUNTIME_TOKEN"])
 	runID := strings.TrimSpace(env["GITEA_RUN_ID"])
 	if runtimeURL == "" || runtimeToken == "" || runID == "" {
 		return
 	}
 	if rc.Run == nil || rc.Run.Job() == nil {
 		return
 	}
 	// The numeric ActionRunJob ID is not exposed in the proto Task message or task context,
 	// but the server signs it into the ACTIONS_RUNTIME_TOKEN JWT claims. We decode the
 	// unverified claims to retrieve it; the server re-verifies the token on the request.
 	jobID := extractJobIDFromRuntimeToken(runtimeToken)
 	if jobID <= 0 {
 		return
 	}
 	base := strings.TrimRight(runtimeURL, "/") + "/_apis/pipelines/workflows/" + runID +
 		"/jobs/" + strconv.FormatInt(jobID, 10) + "/steps/"
 	actPath := rc.JobContainer.GetActPath()
 	// Reuse a single client across all step uploads so connections can be pooled.
 	client := &http.Client{Timeout: jobSummaryUploadRequestTimeout}
 	for i := range rc.Run.Job().Steps {
 		summaryPath := path.Join(actPath, "workflow", "step-summary-"+strconv.Itoa(i)+".md")
 		body, ok := readSingleFileFromContainerArchive(ctx, rc.JobContainer, summaryPath, maxJobSummaryBytes)
 		if !ok || len(body) == 0 {
 			continue
 		}
 		uploadJobSummary(ctx, client, base+strconv.Itoa(i)+"/summary", runtimeToken, body)
 	}
 }
 // extractJobIDFromRuntimeToken returns the JobID claim from an ACTIONS_RUNTIME_TOKEN JWT
 // without verifying its signature. Returns 0 if the token is unparseable or has no JobID.
 func extractJobIDFromRuntimeToken(token string) int64 {
 	parts := strings.Split(token, ".")
 	if len(parts) != 3 {
 		return 0
 	}
 	payload, err := base64.RawURLEncoding.DecodeString(parts[1])
 	if err != nil {
 		return 0
 	}
 	var claims struct {
 		JobID int64 `json:"JobID"`
 	}
 	if err := json.Unmarshal(payload, &claims); err != nil {
 		return 0
 	}
 	return claims.JobID
 }
 func hasJobSummaryCapability(caps string) bool {
 	return slices.Contains(strings.FieldsFunc(caps, func(r rune) bool {
 		return r == ',' || unicode.IsSpace(r)
 	}), "job-summary")
 }
 func uploadJobSummary(ctx context.Context, client *http.Client, url, runtimeToken string, body []byte) {
 	logger := common.Logger(ctx)
 	var lastStatus int
 	var lastErr error
 	for attempt := 0; attempt < 2; attempt++ {
 		status, err := putJobSummary(ctx, client, url, runtimeToken, body)
 		if err == nil && status/100 == 2 {
 			return
 		}
 		lastStatus = status
 		lastErr = err
 		if attempt == 1 || !isTransientJobSummaryUploadFailure(status, err) {
 			break
 		}
 		timer := time.NewTimer(jobSummaryUploadRetryDelay)
 		select {
 		case <-ctx.Done():
 			timer.Stop()
 			lastErr = ctx.Err()
 			attempt = 1
 		case <-timer.C:
 		}
 	}
 	// Best-effort only; do not fail job, but log because capability was advertised.
 	if lastErr != nil {
 		logger.WithError(lastErr).Warn("job summary upload failed")
 		return
 	}
 	logger.Warnf("job summary upload failed: status=%d", lastStatus)
 }
 func putJobSummary(ctx context.Context, client *http.Client, url, runtimeToken string, body []byte) (int, error) {
 	req, err := http.NewRequestWithContext(ctx, http.MethodPut, url, bytes.NewReader(body))
 	if err != nil {
 		return 0, err
 	}
 	req.Header.Set("Authorization", "Bearer "+runtimeToken)
 	req.Header.Set("Content-Type", "text/markdown; charset=utf-8")
 	resp, err := client.Do(req)
 	if err != nil {
 		return 0, err
 	}
 	defer resp.Body.Close()
 	_, _ = io.Copy(io.Discard, resp.Body)
 	return resp.StatusCode, nil
 }
 func isTransientJobSummaryUploadFailure(status int, err error) bool {
 	return err != nil || status == http.StatusRequestTimeout || status == http.StatusTooManyRequests || status/100 == 5
 }
 func readSingleFileFromContainerArchive(ctx context.Context, env container.ExecutionsEnvironment, p string, maxBytes int64) ([]byte, bool) {
 	rc, err := env.GetContainerArchive(ctx, p)
 	if err != nil {
 		return nil, false
 	}
 	defer rc.Close()
 	tr := tar.NewReader(rc)
 	for {
 		header, err := tr.Next()
 		if err == io.EOF {
 			return nil, false
 		}
 		if err != nil {
 			return nil, false
 		}
 		if header.Typeflag != tar.TypeReg {
 			continue
 		}
 		if !archiveEntryMatchesPath(header.Name, p) {
 			continue
 		}
 		// Summaries larger than the limit are truncated rather than dropped, so the
 		// user still gets the leading content (mirroring how GitHub caps oversized
 		// step summaries instead of discarding them). Read one extra byte so an
 		// over-limit file is detected from the actual stream rather than trusting
 		// header.Size, then cap the returned content at maxBytes.
 		b, err := io.ReadAll(io.LimitReader(tr, maxBytes+1))
 		if err != nil {
 			return nil, false
 		}
 		if int64(len(b)) > maxBytes {
 			// Reserve room for the marker so the marked-up result still fits in maxBytes.
 			marker := []byte(jobSummaryTruncationMarker)
 			keep := max(maxBytes-int64(len(marker)), 0)
 			b = append(b[:keep], marker...)
 			common.Logger(ctx).Warnf("job summary truncated: path=%s max=%d", p, maxBytes)
 		}
 		return b, true
 	}
 }
 func archiveEntryMatchesPath(entryName, requestedPath string) bool {
 	entryName = path.Clean(strings.TrimPrefix(entryName, "/"))
 	requestedPath = path.Clean(strings.TrimPrefix(requestedPath, "/"))
 	return entryName == requestedPath || entryName == path.Base(requestedPath)
 }
 func useStepLogger(rc *RunContext, stepModel *model.Step, stage stepStage, executor common.Executor) common.Executor {
 	return func(ctx context.Context) error {
 		ctx = withStepLogger(ctx, stepModel.Number, stepModel.ID, rc.ExprEval.Interpolate(ctx, stepModel.String()), stage.String())
@@ -241,6 +462,11 @@ func useStepLogger(rc *RunContext, stepModel *model.Step, stage stepStage, execu
 		oldout, olderr := rc.JobContainer.ReplaceLogWriter(logWriter, logWriter)
 		defer rc.JobContainer.ReplaceLogWriter(oldout, olderr)
 		// Flush any buffered, not-yet-newline-terminated trailing line once the
 		// step has finished, so the final line of the step's output is not lost
 		// when it is not newline-terminated.
 		defer common.FlushWriter(logWriter)
 		return executor(ctx)
 	}
 }
--- a/act/runner/job_executor_test.go
+++ b/act/runner/job_executor_test.go
@@ -5,34 +5,39 @@
 package runner
 import (
 	"archive/tar"
 	"bytes"
 	"context"
 	"encoding/base64"
 	"errors"
 	"fmt"
 	"io"
 	"net/http"
 	"net/http/httptest"
 	"slices"
 	"strconv"
 	"strings"
 	"testing"
 	"time"
 	"gitea.com/gitea/runner/act/common"
 	"gitea.com/gitea/runner/act/container"
 	"gitea.com/gitea/runner/act/model"
 	logrustest "github.com/sirupsen/logrus/hooks/test"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/mock"
 	"github.com/stretchr/testify/require"
 )
 func TestJobExecutor(t *testing.T) {
-	if testing.Short() {
+	// Dryrun only checks syntax/planning; all cases resolve locally, so this runs offline.
 		t.Skip("skipping integration test")
 	}
 	tables := []TestJobFileInfo{
 		{workdir, "uses-and-run-in-one-step", "push", "Invalid run/uses syntax for job:test step:Test", platforms, secrets},
 		{workdir, "uses-github-empty", "push", "Expected format {org}/{repo}[/path]@ref", platforms, secrets},
 		{workdir, "uses-github-noref", "push", "Expected format {org}/{repo}[/path]@ref", platforms, secrets},
 		{workdir, "uses-github-root", "push", "", platforms, secrets},
 		{workdir, "uses-github-path", "push", "", platforms, secrets},
 		{workdir, "uses-docker-url", "push", "", platforms, secrets},
 		{workdir, "uses-github-full-sha", "push", "", platforms, secrets},
 		{workdir, "uses-github-short-sha", "push", "Unable to resolve action `actions/hello-world-docker-action@b136eb8`, the provided ref `b136eb8` is the shortened version of a commit SHA, which is not supported. Please use the full commit SHA `b136eb8894c5cb1dd5807da824be97ccdf9b5423` instead", platforms, secrets},
 		{workdir, "job-nil-step", "push", "invalid Step 0: missing run or uses key", platforms, secrets},
 	}
 	// These tests are sufficient to only check syntax.
@@ -341,3 +346,331 @@ func TestNewJobExecutor(t *testing.T) {
 		})
 	}
 }
 func TestHasJobSummaryCapability(t *testing.T) {
 	assert.True(t, hasJobSummaryCapability("cache,job-summary artifacts"))
 	assert.True(t, hasJobSummaryCapability("cache,\njob-summary\tartifacts"))
 	assert.False(t, hasJobSummaryCapability("not-job-summary,job-summary-v2"))
 }
 // fakeRuntimeToken builds a JWT-shaped string whose middle (claims) segment encodes
 // the given JobID. The header and signature segments are filler — the runner does not
 // verify the signature; the server does.
 func fakeRuntimeToken(jobID int64) string {
 	header := base64.RawURLEncoding.EncodeToString([]byte(`{"alg":"HS256","typ":"JWT"}`))
 	claims := base64.RawURLEncoding.EncodeToString(fmt.Appendf(nil, `{"JobID":%d}`, jobID))
 	sig := base64.RawURLEncoding.EncodeToString([]byte("sig"))
 	return header + "." + claims + "." + sig
 }
 func newJobSummaryRC(env map[string]string, jobContainer container.ExecutionsEnvironment, stepCount int) *RunContext {
 	steps := make([]*model.Step, stepCount)
 	for i := range steps {
 		steps[i] = &model.Step{ID: strconv.Itoa(i)}
 	}
 	return &RunContext{
 		Config:       &Config{},
 		JobContainer: jobContainer,
 		Env:          env,
 		Run: &model.Run{
 			JobID: "test",
 			Workflow: &model.Workflow{
 				Jobs: map[string]*model.Job{
 					"test": {Steps: steps},
 				},
 			},
 		},
 	}
 }
 func TestTryUploadJobSummaryRetriesTransientFailure(t *testing.T) {
 	oldDelay := jobSummaryUploadRetryDelay
 	jobSummaryUploadRetryDelay = 0
 	defer func() {
 		jobSummaryUploadRetryDelay = oldDelay
 	}()
 	runtimeToken := fakeRuntimeToken(34)
 	requests := 0
 	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		requests++
 		assert.Equal(t, http.MethodPut, r.Method)
 		assert.Equal(t, "/_apis/pipelines/workflows/12/jobs/34/steps/0/summary", r.URL.Path)
 		assert.Equal(t, "Bearer "+runtimeToken, r.Header.Get("Authorization"))
 		assert.Equal(t, "text/markdown; charset=utf-8", r.Header.Get("Content-Type"))
 		body, err := io.ReadAll(r.Body)
 		assert.NoError(t, err)
 		assert.Equal(t, []byte("# summary"), body)
 		if requests == 1 {
 			w.WriteHeader(http.StatusInternalServerError)
 			return
 		}
 		w.WriteHeader(http.StatusNoContent)
 	}))
 	defer server.Close()
 	ctx := context.Background()
 	cm := &containerMock{}
 	cm.On("GetContainerArchive", mock.Anything, "/var/run/act/workflow/step-summary-0.md").Return(
 		io.NopCloser(bytes.NewReader(tarArchive(t, tarEntry{name: "step-summary-0.md", body: "# summary"}))),
 		nil,
 	).Once()
 	rc := newJobSummaryRC(map[string]string{
 		"GITEA_ACTIONS_CAPABILITIES": "cache, job-summary",
 		"ACTIONS_RUNTIME_URL":        server.URL,
 		"ACTIONS_RUNTIME_TOKEN":      runtimeToken,
 		"GITEA_RUN_ID":               "12",
 	}, cm, 1)
 	tryUploadJobSummary(ctx, rc)
 	assert.Equal(t, 2, requests)
 	cm.AssertExpectations(t)
 }
 func TestTryUploadJobSummaryStopsAtPhaseTimeout(t *testing.T) {
 	oldPhase := jobSummaryUploadPhaseTimeout
 	jobSummaryUploadPhaseTimeout = 100 * time.Millisecond
 	defer func() {
 		jobSummaryUploadPhaseTimeout = oldPhase
 	}()
 	runtimeToken := fakeRuntimeToken(34)
 	// The server blocks until either the request context is cancelled (the behaviour
 	// under test: the phase timeout aborts the in-flight upload) or the test tears it
 	// down. Without the phase timeout the upload would hang until the 30s client
 	// timeout instead of releasing the cleanup budget. The release channel guarantees
 	// the handler always returns so server.Close() cannot itself hang.
 	release := make(chan struct{})
 	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		select {
 		case <-r.Context().Done():
 		case <-release:
 		}
 	}))
 	defer server.Close()
 	defer close(release)
 	ctx := context.Background()
 	cm := &containerMock{}
 	cm.On("GetContainerArchive", mock.Anything, "/var/run/act/workflow/step-summary-0.md").Return(
 		io.NopCloser(bytes.NewReader(tarArchive(t, tarEntry{name: "step-summary-0.md", body: "# summary"}))),
 		nil,
 	).Once()
 	rc := newJobSummaryRC(map[string]string{
 		"GITEA_ACTIONS_CAPABILITIES": "job-summary",
 		"ACTIONS_RUNTIME_URL":        server.URL,
 		"ACTIONS_RUNTIME_TOKEN":      runtimeToken,
 		"GITEA_RUN_ID":               "12",
 	}, cm, 1)
 	done := make(chan struct{})
 	go func() {
 		defer close(done)
 		tryUploadJobSummary(ctx, rc)
 	}()
 	select {
 	case <-done:
 	case <-time.After(5 * time.Second):
 		t.Fatal("tryUploadJobSummary did not honour the phase timeout")
 	}
 	cm.AssertExpectations(t)
 }
 func TestTryUploadJobSummaryUploadsEachStepIndependently(t *testing.T) {
 	runtimeToken := fakeRuntimeToken(34)
 	type upload struct {
 		path string
 		body string
 	}
 	var got []upload
 	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		body, err := io.ReadAll(r.Body)
 		assert.NoError(t, err)
 		got = append(got, upload{r.URL.Path, string(body)})
 		w.WriteHeader(http.StatusNoContent)
 	}))
 	defer server.Close()
 	ctx := context.Background()
 	cm := &containerMock{}
 	// Three steps: 0 has content, 1 has empty content (skipped), 2 has content.
 	cm.On("GetContainerArchive", mock.Anything, "/var/run/act/workflow/step-summary-0.md").Return(
 		io.NopCloser(bytes.NewReader(tarArchive(t, tarEntry{name: "step-summary-0.md", body: "first"}))),
 		nil,
 	).Once()
 	cm.On("GetContainerArchive", mock.Anything, "/var/run/act/workflow/step-summary-1.md").Return(
 		io.NopCloser(bytes.NewReader(tarArchive(t, tarEntry{name: "step-summary-1.md", body: ""}))),
 		nil,
 	).Once()
 	cm.On("GetContainerArchive", mock.Anything, "/var/run/act/workflow/step-summary-2.md").Return(
 		io.NopCloser(bytes.NewReader(tarArchive(t, tarEntry{name: "step-summary-2.md", body: "third"}))),
 		nil,
 	).Once()
 	rc := newJobSummaryRC(map[string]string{
 		"GITEA_ACTIONS_CAPABILITIES": "job-summary",
 		"ACTIONS_RUNTIME_URL":        server.URL,
 		"ACTIONS_RUNTIME_TOKEN":      runtimeToken,
 		"GITEA_RUN_ID":               "12",
 	}, cm, 3)
 	tryUploadJobSummary(ctx, rc)
 	assert.Equal(t, []upload{
 		{"/_apis/pipelines/workflows/12/jobs/34/steps/0/summary", "first"},
 		{"/_apis/pipelines/workflows/12/jobs/34/steps/2/summary", "third"},
 	}, got)
 	cm.AssertExpectations(t)
 }
 func TestTryUploadJobSummaryRequiresExactCapability(t *testing.T) {
 	requests := 0
 	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		requests++
 		w.WriteHeader(http.StatusNoContent)
 	}))
 	defer server.Close()
 	rc := newJobSummaryRC(map[string]string{
 		"GITEA_ACTIONS_CAPABILITIES": "not-job-summary,job-summary-v2",
 		"ACTIONS_RUNTIME_URL":        server.URL,
 		"ACTIONS_RUNTIME_TOKEN":      fakeRuntimeToken(34),
 		"GITEA_RUN_ID":               "12",
 	}, &containerMock{}, 1)
 	tryUploadJobSummary(context.Background(), rc)
 	assert.Equal(t, 0, requests)
 }
 func TestTryUploadJobSummarySkipsWhenJobIDMissingFromToken(t *testing.T) {
 	requests := 0
 	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		requests++
 		w.WriteHeader(http.StatusNoContent)
 	}))
 	defer server.Close()
 	rc := newJobSummaryRC(map[string]string{
 		"GITEA_ACTIONS_CAPABILITIES": "job-summary",
 		"ACTIONS_RUNTIME_URL":        server.URL,
 		"ACTIONS_RUNTIME_TOKEN":      "not-a-jwt",
 		"GITEA_RUN_ID":               "12",
 	}, &containerMock{}, 1)
 	tryUploadJobSummary(context.Background(), rc)
 	assert.Equal(t, 0, requests)
 }
 func TestExtractJobIDFromRuntimeToken(t *testing.T) {
 	assert.Equal(t, int64(42), extractJobIDFromRuntimeToken(fakeRuntimeToken(42)))
 	assert.Equal(t, int64(0), extractJobIDFromRuntimeToken("not-a-jwt"))
 	assert.Equal(t, int64(0), extractJobIDFromRuntimeToken("a.b.c"))
 	assert.Equal(t, int64(0), extractJobIDFromRuntimeToken(""))
 }
 func TestReadSingleFileFromContainerArchiveFindsMatchingRegularFile(t *testing.T) {
 	ctx := context.Background()
 	cm := &containerMock{}
 	cm.On("GetContainerArchive", ctx, "/var/run/act/workflow/SUMMARY.md").Return(
 		io.NopCloser(bytes.NewReader(tarArchive(t,
 			tarEntry{name: "workflow", typeflag: tar.TypeDir},
 			tarEntry{name: "other.md", body: "wrong"},
 			tarEntry{name: "SUMMARY.md", body: "right"},
 		))),
 		nil,
 	).Once()
 	body, ok := readSingleFileFromContainerArchive(ctx, cm, "/var/run/act/workflow/SUMMARY.md", 1024)
 	assert.True(t, ok)
 	assert.Equal(t, []byte("right"), body)
 	cm.AssertExpectations(t)
 }
 func TestReadSingleFileFromContainerArchiveTruncatesWhenTooLarge(t *testing.T) {
 	logger, hook := logrustest.NewNullLogger()
 	ctx := common.WithLogger(context.Background(), logger)
 	cm := &containerMock{}
 	content := strings.Repeat("a", 300)
 	cm.On("GetContainerArchive", ctx, "/var/run/act/workflow/SUMMARY.md").Return(
 		io.NopCloser(bytes.NewReader(tarArchive(t, tarEntry{name: "SUMMARY.md", body: content}))),
 		nil,
 	).Once()
 	const maxBytes = 200
 	body, ok := readSingleFileFromContainerArchive(ctx, cm, "/var/run/act/workflow/SUMMARY.md", maxBytes)
 	// Oversized summaries are truncated to the limit (reserving room for the marker)
 	// rather than dropped entirely, and the truncation marker is appended.
 	assert.True(t, ok)
 	assert.LessOrEqual(t, len(body), maxBytes)
 	keep := maxBytes - len(jobSummaryTruncationMarker)
 	assert.Equal(t, []byte(content[:keep]+jobSummaryTruncationMarker), body)
 	if assert.Len(t, hook.Entries, 1) {
 		assert.Contains(t, hook.Entries[0].Message, "job summary truncated")
 	}
 	cm.AssertExpectations(t)
 }
 func TestReadSingleFileFromContainerArchiveKeepsExactLimitWithoutWarning(t *testing.T) {
 	logger, hook := logrustest.NewNullLogger()
 	ctx := common.WithLogger(context.Background(), logger)
 	cm := &containerMock{}
 	cm.On("GetContainerArchive", ctx, "/var/run/act/workflow/SUMMARY.md").Return(
 		io.NopCloser(bytes.NewReader(tarArchive(t, tarEntry{name: "SUMMARY.md", body: "abc"}))),
 		nil,
 	).Once()
 	body, ok := readSingleFileFromContainerArchive(ctx, cm, "/var/run/act/workflow/SUMMARY.md", 3)
 	// A summary that is exactly at the limit is kept whole and not flagged as truncated.
 	assert.True(t, ok)
 	assert.Equal(t, []byte("abc"), body)
 	assert.Empty(t, hook.Entries)
 	cm.AssertExpectations(t)
 }
 type tarEntry struct {
 	name     string
 	body     string
 	typeflag byte
 }
 func tarArchive(t *testing.T, entries ...tarEntry) []byte {
 	t.Helper()
 	buf := &bytes.Buffer{}
 	tw := tar.NewWriter(buf)
 	for _, entry := range entries {
 		typeflag := entry.typeflag
 		if typeflag == 0 {
 			typeflag = tar.TypeReg
 		}
 		header := &tar.Header{
 			Name:     entry.name,
 			Typeflag: typeflag,
 			Mode:     0o644,
 			Size:     int64(len(entry.body)),
 		}
 		if typeflag == tar.TypeDir {
 			header.Mode = 0o755
 			header.Size = 0
 		}
 		require.NoError(t, tw.WriteHeader(header))
 		if typeflag == tar.TypeReg {
 			_, err := tw.Write([]byte(entry.body))
 			require.NoError(t, err)
 		}
 	}
 	require.NoError(t, tw.Close())
 	return buf.Bytes()
 }
--- a/act/runner/logger.go
+++ b/act/runner/logger.go
@@ -10,6 +10,7 @@ import (
 	"fmt"
 	"io"
 	"os"
 	"slices"
 	"strings"
 	"sync"
@@ -166,9 +167,29 @@ func withStepLogger(ctx context.Context, stepNumber int, stepID, stepName, stage
 type entryProcessor func(entry *logrus.Entry) *logrus.Entry
 func AppendSecretMasker(oldnew []string, v string) []string {
 	ret := oldnew
 	for l := range strings.SplitSeq(v, "\n") {
 		tm := strings.TrimSpace(l)
 		// formatted JSON secrets could otherwise mask {,[,],} everywhere
 		if len(tm) > 1 {
 			ret = append(ret, tm, "***")
 		}
 	}
 	return ret
 }
 // valueMasker applies secrets and ::add-mask:: patterns to every log entry, including
 // raw_output (command/stream) lines; there is no bypass by field.
 func valueMasker(insecureSecrets bool, secrets map[string]string) entryProcessor {
 	var oldnew []string
 	for _, v := range secrets {
 		oldnew = AppendSecretMasker(oldnew, v)
 	}
 	oldnew = slices.Clip(oldnew)
 	defReplacer := strings.NewReplacer(oldnew...)
 	return func(entry *logrus.Entry) *logrus.Entry {
 		if insecureSecrets {
 			return entry
@@ -176,16 +197,16 @@ func valueMasker(insecureSecrets bool, secrets map[string]string) entryProcessor
 		masks := Masks(entry.Context)
-		for _, v := range secrets {
+		if len(*masks) == 0 {
-			if v != "" {
+			entry.Message = defReplacer.Replace(entry.Message)
-				entry.Message = strings.ReplaceAll(entry.Message, v, "***")
+		} else {
-			}
+			cmasker := oldnew
 		}
-		for _, v := range *masks {
+			for _, v := range *masks {
-			if v != "" {
+				cmasker = AppendSecretMasker(cmasker, v)
 				entry.Message = strings.ReplaceAll(entry.Message, v, "***")
 			}
 			entry.Message = strings.NewReplacer(cmasker...).Replace(entry.Message)
 		}
 		return entry
--- a/act/runner/logger_test.go
+++ b/act/runner/logger_test.go
@@ -0,0 +1,52 @@
 // Copyright 2026 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 package runner
 import (
 	"strings"
 	"testing"
 	"github.com/sirupsen/logrus"
 	"github.com/stretchr/testify/assert"
 )
 func TestValueMasker(t *testing.T) {
 	table := []struct {
 		name       string
 		lines      string
 		secrets    map[string]string
 		masks      []string
 		disallowed []string
 	}{
 		{
 			name:  "Multiline Private Key",
 			lines: "cat << EOF > private.key\nPRIVATE_KEY_BEGIN\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\nPRIVATE_KEY_END\nEOF",
 			secrets: map[string]string{
 				"PRIVATE_KEY": "PRIVATE_KEY_BEGIN\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\nPRIVATE_KEY_END",
 			},
 			disallowed: []string{"KEY", "dsdfseffefsefes", "PRIVATE_KEY_END"},
 		},
 		{
 			name:       "Multiline Private Key in masks",
 			lines:      "cat << EOF > private.key\nPRIVATE_KEY_BEGIN\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\nPRIVATE_KEY_END\nEOF",
 			masks:      []string{"PRIVATE_KEY_BEGIN\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\ndsdfseffefsefes\nPRIVATE_KEY_END"},
 			disallowed: []string{"KEY", "dsdfseffefsefes", "PRIVATE_KEY_END"},
 		},
 	}
 	for _, entry := range table {
 		t.Run(entry.name, func(t *testing.T) {
 			ctx := WithMasks(t.Context(), &entry.masks)
 			masker := valueMasker(false, entry.secrets)
 			for line := range strings.SplitSeq(entry.lines, "\n") {
 				lentry := masker(&logrus.Entry{
 					Context: ctx,
 					Message: line,
 				})
 				for _, line := range entry.disallowed {
 					assert.NotContains(t, lentry.Message, line)
 				}
 			}
 		})
 	}
 }
--- a/act/runner/reusable_workflow.go
+++ b/act/runner/reusable_workflow.go
@@ -10,6 +10,7 @@ import (
 	"fmt"
 	"net/url"
 	"path"
 	"path/filepath"
 	"regexp"
 	"strings"
@@ -27,7 +28,9 @@ func newLocalReusableWorkflowExecutor(rc *RunContext) common.Executor {
 		workflowDir = strings.TrimPrefix(workflowDir, "./")
 		return common.NewPipelineExecutor(
-			newReusableWorkflowExecutor(rc, workflowDir, fileName),
+			// resolve the local workflow against the workspace root, not the process
 			// working directory, so it is found regardless of where the runner is invoked
 			newReusableWorkflowExecutor(rc, filepath.Join(rc.Config.Workdir, workflowDir), fileName),
 		)
 	}
@@ -284,7 +287,11 @@ func setReusedWorkflowCallerResult(rc *RunContext, runner Runner) common.Executo
 			if rc.caller != nil {
 				rc.caller.setReusedWorkflowJobResult(rc.JobName, reusedWorkflowJobResult)
 			} else {
 				// Serialize this shared Job.Result write against the other matrix combos
 				// and setJobResult (same lockJob key).
 				unlock := lockJob(rc.Run.Job())
 				rc.result(reusedWorkflowJobResult)
 				unlock()
 				logger.WithField("jobResult", reusedWorkflowJobResult).Infof("Job %s", reusedWorkflowJobResultMessage)
 			}
 		}
--- a/act/runner/run_context.go
+++ b/act/runner/run_context.go
@@ -20,7 +20,9 @@ import (
 	"path/filepath"
 	"regexp"
 	"runtime"
 	"slices"
 	"strings"
 	"sync"
 	"time"
 	"gitea.com/gitea/runner/act/common"
@@ -34,15 +36,19 @@ import (
 // RunContext contains info about current job
 type RunContext struct {
-	Name                string
+	Name        string
-	Config              *Config
+	Config      *Config
-	Matrix              map[string]any
+	Matrix      map[string]any
-	Run                 *model.Run
+	Run         *model.Run
-	EventJSON           string
+	EventJSON   string
-	Env                 map[string]string
+	Env         map[string]string
-	GlobalEnv           map[string]string // to pass env changes of GITHUB_ENV and set-env correctly, due to dirty Env field
+	GlobalEnv   map[string]string // to pass env changes of GITHUB_ENV and set-env correctly, due to dirty Env field
-	ExtraPath           []string
+	ExtraPath   []string
-	CurrentStep         string
+	CurrentStep string
 	// CurrentStepIndex is the index of the top-level job step currently executing
 	// (model.Step.Number). Composite sub-steps inherit the outer step's index by
 	// walking the Parent chain; see topLevelRunContext.
 	CurrentStepIndex    int
 	StepResults         map[string]*model.StepResult
 	IntraActionState    map[string]map[string]string
 	ExprEval            ExpressionEvaluator
@@ -55,6 +61,18 @@ type RunContext struct {
 	Masks               []string
 	cleanUpJobContainer common.Executor
 	caller              *caller // job calling this RunContext (reusable workflows)
 	// summaryFileInitialized tracks which per-step summary files (workflow/step-summary-N.md)
 	// have already been created on the JobContainer. The runner sets up file-command files
 	// via JobContainer.Copy at the start of every phase, which truncates them — fine for
 	// GITHUB_ENV/OUTPUT/STATE/PATH (consumed per phase) but wrong for GITHUB_STEP_SUMMARY,
 	// which has accumulating semantics. We initialize each step's summary file exactly once
 	// so writes from later phases and from composite sub-steps append to the same file.
 	// Only populated on the top-level RunContext; child RCs walk Parent via topLevelRunContext.
 	summaryFileInitialized map[int]bool
 	// outputTemplate is this combination's pristine snapshot of the job's output expressions,
 	// captured before execution so each matrix combo interpolates from the originals rather
 	// than from a sibling's already-resolved values written into the shared Job.Outputs.
 	outputTemplate map[string]string
 }
 func (rc *RunContext) AddMask(mask string) {
@@ -130,17 +148,34 @@ func getDockerDaemonSocketMountPath(daemonPath string) string {
 	return daemonPath
 }
 // containerDaemonSocket returns the configured Docker daemon socket, applying the default
 // without mutating the shared Config. Parallel jobs in a plan share one *Config, so a job
 // must never write to it.
 func (rc *RunContext) containerDaemonSocket() string {
 	if rc.Config.ContainerDaemonSocket == "" {
 		return "/var/run/docker.sock"
 	}
 	return rc.Config.ContainerDaemonSocket
 }
 // validVolumes returns the volumes allowed on this job's containers: the configured base
 // plus the volumes the runner mounts automatically. It derives a fresh slice every call and
 // never mutates the shared Config (see containerDaemonSocket).
 func (rc *RunContext) validVolumes() []string {
 	name := rc.jobContainerName()
 	volumes := slices.Clone(rc.Config.ValidVolumes)
 	// TODO: add a new configuration to control whether the docker daemon can be mounted
 	return append(volumes, "act-toolcache", name, name+"-env",
 		getDockerDaemonSocketMountPath(rc.containerDaemonSocket()))
 }
 // Returns the binds and mounts for the container, resolving paths as appopriate
 func (rc *RunContext) GetBindsAndMounts() ([]string, map[string]string) {
 	name := rc.jobContainerName()
 	if rc.Config.ContainerDaemonSocket == "" {
 		rc.Config.ContainerDaemonSocket = "/var/run/docker.sock"
 	}
 	binds := []string{}
-	if rc.Config.ContainerDaemonSocket != "-" {
+	if daemonSocket := rc.containerDaemonSocket(); daemonSocket != "-" {
-		daemonPath := getDockerDaemonSocketMountPath(rc.Config.ContainerDaemonSocket)
+		daemonPath := getDockerDaemonSocketMountPath(daemonSocket)
 		binds = append(binds, fmt.Sprintf("%s:%s", daemonPath, "/var/run/docker.sock"))
 	}
@@ -179,14 +214,6 @@ func (rc *RunContext) GetBindsAndMounts() ([]string, map[string]string) {
 		mounts[name] = ext.ToContainerPath(rc.Config.Workdir)
 	}
 	// For Gitea
 	// add some default binds and mounts to ValidVolumes
 	rc.Config.ValidVolumes = append(rc.Config.ValidVolumes, "act-toolcache")
 	rc.Config.ValidVolumes = append(rc.Config.ValidVolumes, name)
 	rc.Config.ValidVolumes = append(rc.Config.ValidVolumes, name+"-env")
 	// TODO: add a new configuration to control whether the docker daemon can be mounted
 	rc.Config.ValidVolumes = append(rc.Config.ValidVolumes, getDockerDaemonSocketMountPath(rc.Config.ContainerDaemonSocket))
 	return binds, mounts
 }
@@ -432,7 +459,7 @@ func (rc *RunContext) startJobContainer() common.Executor {
 			Platform:       rc.Config.ContainerArchitecture,
 			Options:        rc.options(ctx),
 			AutoRemove:     rc.Config.AutoRemove,
-			ValidVolumes:   rc.Config.ValidVolumes,
+			ValidVolumes:   rc.validVolumes(),
 			AllocatePTY:    rc.Config.AllocatePTY,
 		})
 		if rc.JobContainer == nil {
@@ -444,7 +471,8 @@ func (rc *RunContext) startJobContainer() common.Executor {
 			rc.pullServicesImages(rc.Config.ForcePull),
 			rc.JobContainer.Pull(rc.Config.ForcePull),
 			rc.stopJobContainer(),
-			container.NewDockerNetworkCreateExecutor(networkName).IfBool(createAndDeleteNetwork),
+			container.NewDockerNetworkCreateExecutor(networkName, rc.Config.ContainerNetworkCreateOptions).
 				IfBool(createAndDeleteNetwork),
 			rc.startServiceContainers(networkName),
 			rc.JobContainer.Create(rc.Config.ContainerCapAdd, rc.Config.ContainerCapDrop),
 			rc.JobContainer.Start(false),
@@ -586,14 +614,29 @@ func (rc *RunContext) ActionCacheDir() string {
 }
 // Interpolate outputs after a job is done
 // jobMutexes serializes per-job result/output aggregation across the matrix combinations that
 // share one *model.Job and run in parallel. Keyed by the shared *model.Job (mirrors the
 // per-directory AcquireCloneLock pattern).
 var jobMutexes sync.Map // key: *model.Job; value: *sync.Mutex
 func lockJob(job *model.Job) func() {
 	v, _ := jobMutexes.LoadOrStore(job, &sync.Mutex{})
 	mu := v.(*sync.Mutex)
 	mu.Lock()
 	return mu.Unlock
 }
 func (rc *RunContext) interpolateOutputs() common.Executor {
 	return func(ctx context.Context) error {
 		ee := rc.NewExpressionEvaluator(ctx)
-		for k, v := range rc.Run.Job().Outputs {
+		job := rc.Run.Job()
-			interpolated := ee.Interpolate(ctx, v)
+		// Matrix combinations share this Job and its Outputs map. Interpolate from this combo's
-			if v != interpolated {
+		// pristine snapshot (outputTemplate) and write under the lock, so each combo overwrites
-				rc.Run.Job().Outputs[k] = interpolated
+		// with its own resolved values (last wins, as on GitHub) instead of the first combo's
-			}
+		// resolved values freezing the shared template against later combos.
 		defer lockJob(job)()
 		for k, v := range rc.outputTemplate {
 			job.Outputs[k] = ee.Interpolate(ctx, v)
 		}
 		return nil
 	}
@@ -660,7 +703,29 @@ func (rc *RunContext) result(result string) {
 }
 func (rc *RunContext) steps() []*model.Step {
-	return rc.Run.Job().Steps
+	// Return per-job copies of the steps. Matrix combinations run in parallel and share the
 	// workflow model, but step execution mutates per-job fields and evaluates the If/Env nodes
 	// in place, so the *model.Step instances must not be shared across jobs (see Step.Clone).
 	shared := rc.Run.Job().Steps
 	steps := make([]*model.Step, len(shared))
 	for i, step := range shared {
 		if step == nil {
 			continue
 		}
 		steps[i] = step.Clone()
 	}
 	return steps
 }
 // topLevelRunContext walks the Parent chain to the outermost RunContext. Composite
 // actions create child RunContexts whose sub-steps need to share the outer job step's
 // summary file path so that nested writes accumulate under the right step_index.
 func (rc *RunContext) topLevelRunContext() *RunContext {
 	top := rc
 	for top.Parent != nil {
 		top = top.Parent
 	}
 	return top
 }
 // Executor returns a pipeline executor for all the steps in the job
@@ -737,12 +802,15 @@ func (rc *RunContext) runsOnPlatformNames(ctx context.Context) []string {
 		return []string{}
 	}
-	if err := rc.ExprEval.EvaluateYamlNode(ctx, &job.RawRunsOn); err != nil {
+	// Evaluate a copy: RawRunsOn is shared across parallel matrix jobs, so interpolating it in
 	// place would race and leak one matrix combination's runs-on into the others.
 	rawRunsOn := model.CloneYamlNode(job.RawRunsOn)
 	if err := rc.ExprEval.EvaluateYamlNode(ctx, &rawRunsOn); err != nil {
 		common.Logger(ctx).Errorf("Error while evaluating runs-on: %v", err)
 		return []string{}
 	}
-	return job.RunsOn()
+	return model.RunsOnFromNode(rawRunsOn)
 }
 func (rc *RunContext) platformImage(ctx context.Context) string {
@@ -1108,21 +1176,18 @@ func setActionRuntimeVars(rc *RunContext, env map[string]string) {
 }
 func (rc *RunContext) handleCredentials(ctx context.Context) (string, string, error) {
 	// TODO: remove below 2 lines when we can release act with breaking changes
 	username := rc.Config.Secrets["DOCKER_USERNAME"]
 	password := rc.Config.Secrets["DOCKER_PASSWORD"]
 	container := rc.Run.Job().Container()
 	if container == nil || container.Credentials == nil {
-		return username, password, nil
+		return "", "", nil
 	}
-	if container.Credentials != nil && len(container.Credentials) != 2 {
+	if len(container.Credentials) != 2 {
 		err := errors.New("invalid property count for key 'credentials:'")
 		return "", "", err
 	}
 	ee := rc.NewExpressionEvaluator(ctx)
 	var username, password string
 	if username = ee.Interpolate(ctx, container.Credentials["username"]); username == "" {
 		err := errors.New("failed to interpolate container.credentials.username")
 		return "", "", err
@@ -1165,12 +1230,9 @@ func (rc *RunContext) handleServiceCredentials(ctx context.Context, creds map[st
 // GetServiceBindsAndMounts returns the binds and mounts for the service container, resolving paths as appopriate
 func (rc *RunContext) GetServiceBindsAndMounts(svcVolumes []string) ([]string, map[string]string) {
 	if rc.Config.ContainerDaemonSocket == "" {
 		rc.Config.ContainerDaemonSocket = "/var/run/docker.sock"
 	}
 	binds := []string{}
-	if rc.Config.ContainerDaemonSocket != "-" {
+	if daemonSocket := rc.containerDaemonSocket(); daemonSocket != "-" {
-		daemonPath := getDockerDaemonSocketMountPath(rc.Config.ContainerDaemonSocket)
+		daemonPath := getDockerDaemonSocketMountPath(daemonSocket)
 		binds = append(binds, fmt.Sprintf("%s:%s", daemonPath, "/var/run/docker.sock"))
 	}
--- a/act/runner/run_context_test.go
+++ b/act/runner/run_context_test.go
@@ -170,6 +170,38 @@ func TestRunContext_EvalBool(t *testing.T) {
 	}
 }
 func TestRunContextHandleCredentialsDoesNotUseDockerSecrets(t *testing.T) {
 	workflow, err := model.ReadWorkflow(strings.NewReader(`
 name: test
 on: push
 jobs:
  job:
    runs-on: ubuntu-latest
    steps: []
 `))
 	require.NoError(t, err)
 	rc := &RunContext{
 		Config: &Config{
 			Secrets: map[string]string{
 				"DOCKER_USERNAME": "docker-user",
 				"DOCKER_PASSWORD": "docker-password",
 			},
 			Env: map[string]string{},
 		},
 		Run: &model.Run{
 			JobID:    "job",
 			Workflow: workflow,
 		},
 	}
 	// DOCKER_USERNAME/DOCKER_PASSWORD secrets should not be used as implicit job container pull credentials.
 	username, password, err := rc.handleCredentials(t.Context())
 	require.NoError(t, err)
 	assert.Empty(t, username)
 	assert.Empty(t, password)
 }
 func TestRunContext_GetBindsAndMounts(t *testing.T) {
 	rctemplate := &RunContext{
 		Name: "TestRCName",
@@ -281,6 +313,44 @@ func TestRunContext_GetBindsAndMounts(t *testing.T) {
 	})
 }
 func TestRunContextValidVolumes(t *testing.T) {
 	rc := &RunContext{
 		Name:   "job",
 		Run:    &model.Run{Workflow: &model.Workflow{Name: "wf"}},
 		Config: &Config{ValidVolumes: []string{"my-vol", "/host/path"}},
 	}
 	name := rc.jobContainerName()
 	got := rc.validVolumes()
 	// the configured volumes plus the four the runner mounts automatically
 	assert.Subset(t, got, []string{"my-vol", "/host/path", "act-toolcache", name, name + "-env", "/var/run/docker.sock"})
 	// deriving the list must never mutate or grow the shared Config slice: parallel matrix
 	// combinations share one *Config, and the previous in-place append was a data race.
 	assert.Equal(t, []string{"my-vol", "/host/path"}, rc.Config.ValidVolumes)
 	assert.Len(t, rc.validVolumes(), len(got), "repeated calls must be stable, not accumulate")
 }
 // TestInterpolateOutputsIsPerMatrixCombo guards the matrix-output fix: combinations share one
 // *model.Job, so each must interpolate from its own pristine snapshot. Otherwise the first
 // combo's resolved value freezes the shared template and later combos can't resolve their own.
 func TestInterpolateOutputsIsPerMatrixCombo(t *testing.T) {
 	job := &model.Job{Outputs: map[string]string{"o": "${{ matrix.v }}"}}
 	run := &model.Run{JobID: "j", Workflow: &model.Workflow{Name: "w", Jobs: map[string]*model.Job{"j": job}}}
 	r := &runnerImpl{config: &Config{}}
 	ctx := context.Background()
 	rcA := r.newRunContext(ctx, run, map[string]any{"v": "a"})
 	rcB := r.newRunContext(ctx, run, map[string]any{"v": "b"})
 	require.NoError(t, rcA.interpolateOutputs()(ctx))
 	require.NoError(t, rcB.interpolateOutputs()(ctx))
 	// Last combo wins (matching GitHub) instead of being frozen to combo A's "a".
 	require.Equal(t, "b", job.Outputs["o"])
 }
 func TestGetGitHubContext(t *testing.T) {
 	log.SetLevel(log.DebugLevel)
--- a/act/runner/runner.go
+++ b/act/runner/runner.go
@@ -8,12 +8,14 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
 	"maps"
 	"os"
 	"runtime"
 	"sync"
 	"time"
 	"gitea.com/gitea/runner/act/common"
 	"gitea.com/gitea/runner/act/container"
 	"gitea.com/gitea/runner/act/model"
 	docker_container "github.com/moby/moby/api/types/container"
@@ -27,47 +29,48 @@ type Runner interface {
 // Config contains the config for a new runner
 type Config struct {
-	Actor                              string                       // the user that triggered the event
+	Actor                              string                                        // the user that triggered the event
-	Workdir                            string                       // path to working directory
+	Workdir                            string                                        // path to working directory
-	ActionCacheDir                     string                       // path used for caching action contents
+	ActionCacheDir                     string                                        // path used for caching action contents
-	ActionOfflineMode                  bool                         // when offline, use cached action contents
+	ActionOfflineMode                  bool                                          // when offline, use cached action contents
-	BindWorkdir                        bool                         // bind the workdir to the job container
+	BindWorkdir                        bool                                          // bind the workdir to the job container
-	EventName                          string                       // name of event to run
+	EventName                          string                                        // name of event to run
-	EventPath                          string                       // path to JSON file to use for event.json in containers
+	EventPath                          string                                        // path to JSON file to use for event.json in containers
-	DefaultBranch                      string                       // name of the main branch for this repository
+	DefaultBranch                      string                                        // name of the main branch for this repository
-	ReuseContainers                    bool                         // reuse containers to maintain state
+	ReuseContainers                    bool                                          // reuse containers to maintain state
-	ForcePull                          bool                         // force pulling of the image, even if already present
+	ForcePull                          bool                                          // force pulling of the image, even if already present
-	ForceRebuild                       bool                         // force rebuilding local docker image action
+	ForceRebuild                       bool                                          // force rebuilding local docker image action
-	LogOutput                          bool                         // log the output from docker run
+	LogOutput                          bool                                          // log the output from docker run
-	JSONLogger                         bool                         // use json or text logger
+	JSONLogger                         bool                                          // use json or text logger
-	LogPrefixJobID                     bool                         // switches from the full job name to the job id
+	LogPrefixJobID                     bool                                          // switches from the full job name to the job id
-	Env                                map[string]string            // env for containers
+	Env                                map[string]string                             // env for containers
-	Inputs                             map[string]string            // manually passed action inputs
+	Inputs                             map[string]string                             // manually passed action inputs
-	Secrets                            map[string]string            // list of secrets
+	Secrets                            map[string]string                             // list of secrets
-	Vars                               map[string]string            // list of vars
+	Vars                               map[string]string                             // list of vars
-	Token                              string                       // GitHub token
+	Token                              string                                        // GitHub token
-	InsecureSecrets                    bool                         // switch hiding output when printing to terminal
+	InsecureSecrets                    bool                                          // switch hiding output when printing to terminal
-	Platforms                          map[string]string            // list of platforms
+	Platforms                          map[string]string                             // list of platforms
-	Privileged                         bool                         // use privileged mode
+	Privileged                         bool                                          // use privileged mode
-	UsernsMode                         string                       // user namespace to use
+	UsernsMode                         string                                        // user namespace to use
-	ContainerArchitecture              string                       // Desired OS/architecture platform for running containers
+	ContainerArchitecture              string                                        // Desired OS/architecture platform for running containers
-	ContainerDaemonSocket              string                       // Path to Docker daemon socket
+	ContainerDaemonSocket              string                                        // Path to Docker daemon socket
-	ContainerOptions                   string                       // Options for the job container
+	ContainerOptions                   string                                        // Options for the job container
-	UseGitIgnore                       bool                         // controls if paths in .gitignore should not be copied into container, default true
+	UseGitIgnore                       bool                                          // controls if paths in .gitignore should not be copied into container, default true
-	GitHubInstance                     string                       // GitHub instance to use, default "github.com"
+	GitHubInstance                     string                                        // GitHub instance to use, default "github.com"
-	ContainerCapAdd                    []string                     // list of kernel capabilities to add to the containers
+	ContainerCapAdd                    []string                                      // list of kernel capabilities to add to the containers
-	ContainerCapDrop                   []string                     // list of kernel capabilities to remove from the containers
+	ContainerCapDrop                   []string                                      // list of kernel capabilities to remove from the containers
-	AutoRemove                         bool                         // controls if the container is automatically removed upon workflow completion
+	AutoRemove                         bool                                          // controls if the container is automatically removed upon workflow completion
-	ArtifactServerPath                 string                       // the path where the artifact server stores uploads
+	ArtifactServerPath                 string                                        // the path where the artifact server stores uploads
-	ArtifactServerAddr                 string                       // the address the artifact server binds to
+	ArtifactServerAddr                 string                                        // the address the artifact server binds to
-	ArtifactServerPort                 string                       // the port the artifact server binds to
+	ArtifactServerPort                 string                                        // the port the artifact server binds to
-	NoSkipCheckout                     bool                         // do not skip actions/checkout
+	NoSkipCheckout                     bool                                          // do not skip actions/checkout
-	RemoteName                         string                       // remote name in local git repo config
+	RemoteName                         string                                        // remote name in local git repo config
-	ReplaceGheActionWithGithubCom      []string                     // Use actions from GitHub Enterprise instance to GitHub
+	ReplaceGheActionWithGithubCom      []string                                      // Use actions from GitHub Enterprise instance to GitHub
-	ReplaceGheActionTokenWithGithubCom string                       // Token of private action repo on GitHub.
+	ReplaceGheActionTokenWithGithubCom string                                        // Token of private action repo on GitHub.
-	Matrix                             map[string]map[string]bool   // Matrix config to run
+	Matrix                             map[string]map[string]bool                    // Matrix config to run
-	ContainerNetworkMode               docker_container.NetworkMode // the network mode of job containers (the value of --network)
+	ContainerNetworkMode               docker_container.NetworkMode                  // the network mode of job containers (the value of --network)
-	ActionCache                        ActionCache                  // Use a custom ActionCache Implementation
+	ContainerNetworkCreateOptions      container.NewDockerNetworkCreateExecutorInput // the default network create options
 	ActionCache                        ActionCache                                   // Use a custom ActionCache Implementation
 	PresetGitHubContext   *model.GithubContext         // the preset github context, overrides some fields like DefaultBranch, Env, Secrets etc.
 	EventJSON             string                       // the content of JSON file to use for event.json in containers, overrides EventPath
@@ -250,7 +253,14 @@ func (runner *runnerImpl) NewPlanExecutor(plan *model.Plan) common.Executor {
 						return executor(common.WithJobErrorContainer(WithJobLogger(ctx, rc.Run.JobID, jobName, rc.Config, &rc.Masks, matrix)))
 					})
 				}
-				pipeline = append(pipeline, common.NewParallelExecutor(maxParallel, stageExecutor...))
+				// Run all matrix combinations of this job, then drop its aggregation mutex: the
 				// combos are the only users of it, so once they finish the jobMutexes entry can be
 				// released, keeping the map from growing unbounded over a long-lived runner.
 				stageParallel := common.NewParallelExecutor(maxParallel, stageExecutor...)
 				pipeline = append(pipeline, func(ctx context.Context) error {
 					defer jobMutexes.Delete(job)
 					return stageParallel(ctx)
 				})
 			}
 			// For pipeline execution:
@@ -334,6 +344,11 @@ func (runner *runnerImpl) newRunContext(ctx context.Context, run *model.Run, mat
 	}
 	rc.ExprEval = rc.NewExpressionEvaluator(ctx)
 	rc.Name = rc.ExprEval.Interpolate(ctx, run.String())
 	// Snapshot the job's pristine output expressions now, before any matrix combo runs and
 	// rewrites the shared Job.Outputs (see interpolateOutputs).
 	if job := run.Job(); job != nil {
 		rc.outputTemplate = maps.Clone(job.Outputs)
 	}
 	return rc
 }
--- a/act/runner/runner_test.go
+++ b/act/runner/runner_test.go
@@ -188,14 +188,17 @@ func (j *TestJobFileInfo) runTest(ctx context.Context, t *testing.T, cfg *Config
 		EventPath:             cfg.EventPath,
 		Platforms:             j.platforms,
 		ReuseContainers:       false,
 		ForceRebuild:          true,
 		Env:                   cfg.Env,
 		Secrets:               cfg.Secrets,
 		Inputs:                cfg.Inputs,
 		GitHubInstance:        "github.com",
 		DefaultActionInstance: cfg.DefaultActionInstance,
 		ContainerArchitecture: cfg.ContainerArchitecture,
 		ContainerMaxLifetime:  time.Hour,
 		Matrix:                cfg.Matrix,
 		ActionCache:           cfg.ActionCache,
 		ValidVolumes:          []string{"**"}, // allow workflow-declared volumes (e.g. container-volumes)
 	}
 	runner, err := New(runnerConfig)
@@ -223,18 +226,14 @@ type TestConfig struct {
 }
 func TestRunEvent(t *testing.T) {
-	if testing.Short() {
+	requireDocker(t)
 		t.Skip("skipping integration test")
 	}
 	ctx := context.Background()
 	tables := []TestJobFileInfo{
 		// Shells
 		{workdir, "shells/defaults", "push", "", platforms, secrets},
 		{workdir, "shells/pwsh", "push", "", map[string]string{"ubuntu-latest": "catthehacker/ubuntu:pwsh-latest"}, secrets}, // custom image with pwsh
 		{workdir, "shells/bash", "push", "", platforms, secrets},
 		{workdir, "shells/python", "push", "", map[string]string{"ubuntu-latest": "node:24-bookworm"}, secrets}, // slim doesn't have python
 		{workdir, "shells/sh", "push", "", platforms, secrets},
 		// Local action
@@ -246,11 +245,6 @@ func TestRunEvent(t *testing.T) {
 		// Uses
 		{workdir, "uses-composite", "push", "", platforms, secrets},
 		{workdir, "uses-composite-with-error", "push", "Job 'failing-composite-action' failed", platforms, secrets},
 		{workdir, "uses-nested-composite", "push", "", platforms, secrets},
 		{workdir, "remote-action-composite-js-pre-with-defaults", "push", "", platforms, secrets},
 		{workdir, "remote-action-composite-action-ref", "push", "", platforms, secrets},
 		{workdir, "uses-workflow", "push", "", platforms, map[string]string{"secret": "keep_it_private"}},
 		{workdir, "uses-workflow", "pull_request", "", platforms, map[string]string{"secret": "keep_it_private"}},
 		{workdir, "uses-docker-url", "push", "", platforms, secrets},
 		{workdir, "act-composite-env-test", "push", "", platforms, secrets},
@@ -260,21 +254,15 @@ func TestRunEvent(t *testing.T) {
 		{workdir, "evalmatrixneeds2", "push", "", platforms, secrets},
 		{workdir, "evalmatrix-merge-map", "push", "", platforms, secrets},
 		{workdir, "evalmatrix-merge-array", "push", "", platforms, secrets},
 		{workdir, "issue-1195", "push", "", platforms, secrets},
 		{workdir, "basic", "push", "", platforms, secrets},
 		{workdir, "fail", "push", "exit with `FAILURE`: 1", platforms, secrets},
 		{workdir, "runs-on", "push", "", platforms, secrets},
 		{workdir, "checkout", "push", "", platforms, secrets},
 		{workdir, "job-container", "push", "", platforms, secrets},
 		{workdir, "job-container-non-root", "push", "", platforms, secrets},
 		{workdir, "job-container-invalid-credentials", "push", "failed to handle credentials: failed to interpolate container.credentials.password", platforms, secrets},
 		{workdir, "container-hostname", "push", "", platforms, secrets},
 		{workdir, "remote-action-docker", "push", "", platforms, secrets},
 		{workdir, "remote-action-js", "push", "", platforms, secrets},
 		{workdir, "remote-action-js-node-user", "push", "", platforms, secrets}, // Test if this works with non root container
 		{workdir, "matrix", "push", "", platforms, secrets},
 		{workdir, "matrix-include-exclude", "push", "", platforms, secrets},
 		{workdir, "matrix-exitcode", "push", "Job 'test' failed", platforms, secrets},
 		{workdir, "commands", "push", "", platforms, secrets},
 		{workdir, "workdir", "push", "", platforms, secrets},
@@ -295,7 +283,6 @@ func TestRunEvent(t *testing.T) {
 		{workdir, "job-status-check", "push", "job 'fail' failed", platforms, secrets},
 		{workdir, "if-expressions", "push", "Job 'mytest' failed", platforms, secrets},
 		{workdir, "actions-environment-and-context-tests", "push", "", platforms, secrets},
 		{workdir, "uses-action-with-pre-and-post-step", "push", "", platforms, secrets},
 		{workdir, "evalenv", "push", "", platforms, secrets},
 		{workdir, "docker-action-custom-path", "push", "", platforms, secrets},
 		{workdir, "GITHUB_ENV-use-in-env-ctx", "push", "", platforms, secrets},
@@ -306,7 +293,6 @@ func TestRunEvent(t *testing.T) {
 		{workdir, "workflow_dispatch-scalar", "workflow_dispatch", "", platforms, secrets},
 		{workdir, "workflow_dispatch-scalar-composite-action", "workflow_dispatch", "", platforms, secrets},
 		{workdir, "job-needs-context-contains-result", "push", "", platforms, secrets},
 		{"../model/testdata", "strategy", "push", "", platforms, secrets}, // TODO: move all testdata into pkg so we can validate it with planner and runner
 		{"../model/testdata", "container-volumes", "push", "", platforms, secrets},
 		{workdir, "path-handling", "push", "", platforms, secrets},
 		{workdir, "do-not-leak-step-env-in-composite", "push", "", platforms, secrets},
@@ -316,7 +302,6 @@ func TestRunEvent(t *testing.T) {
 		// services
 		{workdir, "services", "push", "", platforms, secrets},
 		{workdir, "services-host-network", "push", "", platforms, secrets},
 		{workdir, "services-with-container", "push", "", platforms, secrets},
 		// local remote action overrides
@@ -325,6 +310,11 @@ func TestRunEvent(t *testing.T) {
 	for _, table := range tables {
 		t.Run(table.workflowPath, func(t *testing.T) {
 			if table.workflowPath == "container-volumes" {
 				// host /proc bind mounts are Linux-Docker-only
 				requireLinuxDocker(t)
 			}
 			config := &Config{
 				Secrets: table.secrets,
 			}
@@ -356,9 +346,12 @@ func TestRunEvent(t *testing.T) {
 }
 func TestRunEventHostEnvironment(t *testing.T) {
-	if testing.Short() {
+	// Runs steps directly on the host (the "-self-hosted" platform), so it needs the shells
-		t.Skip("skipping integration test")
+	// and tools the workflows invoke. No network gate: every action these workflows reference
-	}
+	// is a local `./` fixture or the skipped actions/checkout, so the suite runs offline (same
 	// as TestRunEvent). Only the broadly-used interpreters are required up front; the pwsh- and
 	// nix-specific cases gate on their own tool below so a missing pwsh/nix skips just those.
 	requireHostTools(t, "bash", "node")
 	ctx := context.Background()
@@ -374,7 +367,6 @@ func TestRunEventHostEnvironment(t *testing.T) {
 			{workdir, "shells/defaults", "push", "", platforms, secrets},
 			{workdir, "shells/pwsh", "push", "", platforms, secrets},
 			{workdir, "shells/bash", "push", "", platforms, secrets},
 			{workdir, "shells/python", "push", "", platforms, secrets},
 			{workdir, "shells/sh", "push", "", platforms, secrets},
 			// Local action
@@ -383,7 +375,6 @@ func TestRunEventHostEnvironment(t *testing.T) {
 			// Uses
 			{workdir, "uses-composite", "push", "", platforms, secrets},
 			{workdir, "uses-composite-with-error", "push", "Job 'failing-composite-action' failed", platforms, secrets},
 			{workdir, "uses-nested-composite", "push", "", platforms, secrets},
 			{workdir, "act-composite-env-test", "push", "", platforms, secrets},
 			// Eval
@@ -392,14 +383,10 @@ func TestRunEventHostEnvironment(t *testing.T) {
 			{workdir, "evalmatrixneeds2", "push", "", platforms, secrets},
 			{workdir, "evalmatrix-merge-map", "push", "", platforms, secrets},
 			{workdir, "evalmatrix-merge-array", "push", "", platforms, secrets},
 			{workdir, "issue-1195", "push", "", platforms, secrets},
 			{workdir, "fail", "push", "exit with `FAILURE`: 1", platforms, secrets},
 			{workdir, "runs-on", "push", "", platforms, secrets},
 			{workdir, "checkout", "push", "", platforms, secrets},
 			{workdir, "remote-action-js", "push", "", platforms, secrets},
 			{workdir, "matrix", "push", "", platforms, secrets},
 			{workdir, "matrix-include-exclude", "push", "", platforms, secrets},
 			{workdir, "commands", "push", "", platforms, secrets},
 			{workdir, "defaults-run", "push", "", platforms, secrets},
 			{workdir, "composite-fail-with-output", "push", "", platforms, secrets},
@@ -413,7 +400,6 @@ func TestRunEventHostEnvironment(t *testing.T) {
 			{workdir, "steps-context/outcome", "push", "", platforms, secrets},
 			{workdir, "job-status-check", "push", "job 'fail' failed", platforms, secrets},
 			{workdir, "if-expressions", "push", "Job 'mytest' failed", platforms, secrets},
 			{workdir, "uses-action-with-pre-and-post-step", "push", "", platforms, secrets},
 			{workdir, "evalenv", "push", "", platforms, secrets},
 			{workdir, "ensure-post-steps", "push", "Job 'second-post-step-should-fail' failed", platforms, secrets},
 		}...)
@@ -446,24 +432,26 @@ func TestRunEventHostEnvironment(t *testing.T) {
 	for _, table := range tables {
 		t.Run(table.workflowPath, func(t *testing.T) {
 			switch table.workflowPath {
 			case "shells/pwsh":
 				requireHostTools(t, "pwsh")
 			case "nix-prepend-path":
 				requireHostTools(t, "nix")
 			}
 			table.runTest(ctx, t, &Config{})
 		})
 	}
 }
 func TestDryrunEvent(t *testing.T) {
-	if testing.Short() {
+	// Dryrun plans without containers or network (shells and local actions only).
 		t.Skip("skipping integration test")
 	}
 	ctx := common.WithDryrun(context.Background(), true)
 	tables := []TestJobFileInfo{
 		// Shells
 		{workdir, "shells/defaults", "push", "", platforms, secrets},
-		{workdir, "shells/pwsh", "push", "", map[string]string{"ubuntu-latest": "catthehacker/ubuntu:pwsh-latest"}, secrets}, // custom image with pwsh
+		{workdir, "shells/pwsh", "push", "", platforms, secrets},
 		{workdir, "shells/bash", "push", "", platforms, secrets},
 		{workdir, "shells/python", "push", "", map[string]string{"ubuntu-latest": "node:24-bookworm"}, secrets}, // slim doesn't have python
 		{workdir, "shells/sh", "push", "", platforms, secrets},
 		// Local action
@@ -480,10 +468,18 @@ func TestDryrunEvent(t *testing.T) {
 	}
 }
 // TestReusableWorkflowCaller exercises the reusable-workflow caller path against a local
 // reusable workflow (typed inputs, secrets as both a map and `inherit`, and reading the called
 // workflow's outputs via `needs`).
 func TestReusableWorkflowCaller(t *testing.T) {
 	requireDocker(t)
 	table := TestJobFileInfo{workdir, "uses-workflow", "push", "", platforms, map[string]string{"secret": "keep_it_private"}}
 	table.runTest(context.Background(), t, &Config{Secrets: table.secrets})
 }
 func TestDockerActionForcePullForceRebuild(t *testing.T) {
-	if testing.Short() {
+	requireDocker(t)
-		t.Skip("skipping integration test")
+	requireNetwork(t) // force-pulls a docker action image
 	}
 	ctx := context.Background()
@@ -504,22 +500,6 @@ func TestDockerActionForcePullForceRebuild(t *testing.T) {
 	}
 }
 func TestRunDifferentArchitecture(t *testing.T) {
 	if testing.Short() {
 		t.Skip("skipping integration test")
 	}
 	tjfi := TestJobFileInfo{
 		workdir:      workdir,
 		workflowPath: "basic",
 		eventName:    "push",
 		errorMessage: "",
 		platforms:    platforms,
 	}
 	tjfi.runTest(context.Background(), t, &Config{ContainerArchitecture: "linux/arm64"})
 }
 type maskJobLoggerFactory struct {
 	Output bytes.Buffer
 }
@@ -540,9 +520,7 @@ func TestMaskValues(t *testing.T) {
 		assert.False(t, strings.Contains(text, "composite secret")) //nolint:testifylint // pre-existing issue from nektos/act
 	}
-	if testing.Short() {
+	requireDocker(t)
 		t.Skip("skipping integration test")
 	}
 	log.SetLevel(log.DebugLevel)
@@ -563,9 +541,7 @@ func TestMaskValues(t *testing.T) {
 }
 func TestRunEventSecrets(t *testing.T) {
-	if testing.Short() {
+	requireDocker(t)
 		t.Skip("skipping integration test")
 	}
 	workflowPath := "secrets"
 	tjfi := TestJobFileInfo{
@@ -585,9 +561,7 @@ func TestRunEventSecrets(t *testing.T) {
 }
 func TestRunWithService(t *testing.T) {
-	if testing.Short() {
+	requireDocker(t)
 		t.Skip("skipping integration test")
 	}
 	log.SetLevel(log.DebugLevel)
 	ctx := context.Background()
@@ -603,10 +577,11 @@ func TestRunWithService(t *testing.T) {
 	assert.NoError(t, err, workflowPath) //nolint:testifylint // pre-existing issue from nektos/act
 	runnerConfig := &Config{
-		Workdir:         workdir,
+		Workdir:              workdir,
-		EventName:       eventName,
+		EventName:            eventName,
-		Platforms:       platforms,
+		Platforms:            platforms,
-		ReuseContainers: false,
+		ReuseContainers:      false,
 		ContainerMaxLifetime: time.Hour, // otherwise the job container is `sleep 0` and exits at once
 	}
 	runner, err := New(runnerConfig)
 	assert.NoError(t, err, workflowPath) //nolint:testifylint // pre-existing issue from nektos/act
@@ -622,9 +597,7 @@ func TestRunWithService(t *testing.T) {
 }
 func TestRunActionInputs(t *testing.T) {
-	if testing.Short() {
+	requireDocker(t)
 		t.Skip("skipping integration test")
 	}
 	workflowPath := "input-from-cli"
 	tjfi := TestJobFileInfo{
@@ -643,9 +616,7 @@ func TestRunActionInputs(t *testing.T) {
 }
 func TestRunEventPullRequest(t *testing.T) {
-	if testing.Short() {
+	requireDocker(t)
 		t.Skip("skipping integration test")
 	}
 	workflowPath := "pull-request"
@@ -661,9 +632,7 @@ func TestRunEventPullRequest(t *testing.T) {
 }
 func TestRunMatrixWithUserDefinedInclusions(t *testing.T) {
-	if testing.Short() {
+	requireDocker(t)
 		t.Skip("skipping integration test")
 	}
 	workflowPath := "matrix-with-user-inclusions"
 	tjfi := TestJobFileInfo{
--- a/act/runner/step.go
+++ b/act/runner/step.go
@@ -124,7 +124,12 @@ func runStepExecutor(step step, stage stepStage, executor common.Executor) commo
 		envFileCommand := path.Join("workflow", "envs.txt")
 		(*step.getEnv())["GITHUB_ENV"] = path.Join(actPath, envFileCommand)
-		summaryFileCommand := path.Join("workflow", "SUMMARY.md")
+		// Per-step summary file. Composite sub-steps share the outer job step's index
 		// via the Parent chain so all writes from within a composite action accumulate
 		// in the same file and upload under the outer step_index.
 		topRC := rc.topLevelRunContext()
 		stepSummaryIndex := topRC.CurrentStepIndex
 		summaryFileCommand := path.Join("workflow", "step-summary-"+strconv.Itoa(stepSummaryIndex)+".md")
 		(*step.getEnv())["GITHUB_STEP_SUMMARY"] = path.Join(actPath, summaryFileCommand)
 		{
@@ -136,22 +141,23 @@ func runStepExecutor(step step, stage stepStage, executor common.Executor) commo
 			(*step.getEnv())["GITEA_STEP_SUMMARY"] = (*step.getEnv())["GITHUB_STEP_SUMMARY"]
 		}
-		_ = rc.JobContainer.Copy(actPath, &container.FileEntry{
+		// Reset the per-phase file-command files. GITHUB_STEP_SUMMARY is intentionally
-			Name: outputFileCommand,
+		// excluded here and initialized below at most once per step so writes from later
-			Mode: 0o666,
+		// phases and from composite sub-steps accumulate instead of being truncated.
-		}, &container.FileEntry{
+		files := []*container.FileEntry{
-			Name: stateFileCommand,
+			{Name: outputFileCommand, Mode: 0o666},
-			Mode: 0o666,
+			{Name: stateFileCommand, Mode: 0o666},
-		}, &container.FileEntry{
+			{Name: pathFileCommand, Mode: 0o666},
-			Name: pathFileCommand,
+			{Name: envFileCommand, Mode: 0o666},
-			Mode: 0o666,
+		}
-		}, &container.FileEntry{
+		if topRC.summaryFileInitialized == nil {
-			Name: envFileCommand,
+			topRC.summaryFileInitialized = map[int]bool{}
-			Mode: 0o666,
+		}
-		}, &container.FileEntry{
+		if !topRC.summaryFileInitialized[stepSummaryIndex] {
-			Name: summaryFileCommand,
+			files = append(files, &container.FileEntry{Name: summaryFileCommand, Mode: 0o666})
-			Mode: 0o666,
+			topRC.summaryFileInitialized[stepSummaryIndex] = true
-		})(ctx)
+		}
 		_ = rc.JobContainer.Copy(actPath, files...)(ctx)
 		timeoutctx, cancelTimeOut := evaluateStepTimeout(ctx, rc.ExprEval, stepModel)
 		defer cancelTimeOut()
--- a/act/runner/step_action_remote.go
+++ b/act/runner/step_action_remote.go
@@ -291,7 +291,9 @@ type remoteAction struct {
 func (ra *remoteAction) CloneURL(u string) string {
 	if ra.URL == "" {
-		if !strings.HasPrefix(u, "http://") && !strings.HasPrefix(u, "https://") {
+		// keep an absolute local path as-is (used by tests to resolve actions from a local
 		// repo); only bare host names get the https:// scheme prepended
 		if !strings.HasPrefix(u, "http://") && !strings.HasPrefix(u, "https://") && !filepath.IsAbs(u) {
 			u = "https://" + u
 		}
 	} else {
--- a/act/runner/step_docker.go
+++ b/act/runner/step_docker.go
@@ -125,8 +125,6 @@ func (sd *stepDocker) newStepContainer(ctx context.Context, image string, cmd, e
 		Entrypoint:   entrypoint,
 		WorkingDir:   rc.JobContainer.ToContainerPath(rc.Config.Workdir),
 		Image:        image,
 		Username:     rc.Config.Secrets["DOCKER_USERNAME"],
 		Password:     rc.Config.Secrets["DOCKER_PASSWORD"],
 		Name:         createContainerName(rc.jobContainerName(), "STEP-"+step.ID),
 		Env:          envList,
 		Mounts:       mounts,
@@ -138,7 +136,7 @@ func (sd *stepDocker) newStepContainer(ctx context.Context, image string, cmd, e
 		UsernsMode:   rc.Config.UsernsMode,
 		Platform:     rc.Config.ContainerArchitecture,
 		AutoRemove:   rc.Config.AutoRemove,
-		ValidVolumes: rc.Config.ValidVolumes,
+		ValidVolumes: rc.validVolumes(),
 		AllocatePTY:  rc.Config.AllocatePTY,
 	})
 	return stepContainer
--- a/act/runner/step_docker_test.go
+++ b/act/runner/step_docker_test.go
@@ -38,7 +38,12 @@ func TestStepDockerMain(t *testing.T) {
 	sd := &stepDocker{
 		RunContext: &RunContext{
 			StepResults: map[string]*model.StepResult{},
-			Config:      &Config{},
+			Config: &Config{
 				Secrets: map[string]string{
 					"DOCKER_USERNAME": "docker-user",
 					"DOCKER_PASSWORD": "docker-password",
 				},
 			},
 			Run: &model.Run{
 				JobID: "1",
 				Workflow: &model.Workflow{
@@ -106,6 +111,10 @@ func TestStepDockerMain(t *testing.T) {
 	assert.Equal(t, "node:14", input.Image)
 	// DOCKER_USERNAME/DOCKER_PASSWORD secrets should not be used as implicit pull credentials for docker:// action containers.
 	assert.Empty(t, input.Username)
 	assert.Empty(t, input.Password)
 	cm.AssertExpectations(t)
 }
--- a/act/runner/testdata/.github/workflows/local-reusable-workflow.yml
+++ b/act/runner/testdata/.github/workflows/local-reusable-workflow.yml
@@ -0,0 +1,34 @@
 name: local-reusable-workflow
 on:
  workflow_call:
    inputs:
      string_required:
        required: true
        type: string
      bool_required:
        required: true
        type: boolean
      number_required:
        required: true
        type: number
    secrets:
      secret:
        required: true
    outputs:
      output:
        value: ${{ jobs.reusable.outputs.output }}
 jobs:
  reusable:
    runs-on: ubuntu-latest
    outputs:
      output: ${{ steps.gen.outputs.output }}
    steps:
      - name: check inputs and secret arrived
        run: |
          [ "${{ inputs.string_required }}" = "string" ]
          [ "${{ inputs.bool_required }}" = "true" ]
          [ "${{ inputs.number_required }}" = "1" ]
          [ "${{ secrets.secret }}" = "keep_it_private" ]
      - id: gen
        run: echo "output=${{ inputs.string_required }}" >> $GITHUB_OUTPUT
--- a/act/runner/testdata/GITHUB_ENV-use-in-env-ctx/push.yml
+++ b/act/runner/testdata/GITHUB_ENV-use-in-env-ctx/push.yml
@@ -5,10 +5,11 @@ jobs:
    env:
      MYGLOBALENV3: myglobalval3
    steps:
    - uses: actions/checkout@v4
    - run: |
        echo MYGLOBALENV1=myglobalval1 > $GITHUB_ENV
        echo "::set-env name=MYGLOBALENV2::myglobalval2"
-    - uses: nektos/act-test-actions/script@main
+    - uses: ./actions/script
      with:
        main: |
          env
--- a/act/runner/testdata/GITHUB_STATE/push.yml
+++ b/act/runner/testdata/GITHUB_STATE/push.yml
@@ -1,48 +1,31 @@
 on: push
 jobs:
  # State saved in main (via the $GITHUB_STATE file and the ::save-state command) must surface
  # as $STATE_* in the action's post step.
  _:
    runs-on: ubuntu-latest
    steps:
-    - uses: nektos/act-test-actions/script@main
+    - uses: actions/checkout@v4
    - uses: ./actions/script
      with:
        pre: |
          env
          echo mystate0=mystateval > $GITHUB_STATE
          echo "::save-state name=mystate1::mystateval"
        main: |
          env
          echo mystate2=mystateval > $GITHUB_STATE
          echo "::save-state name=mystate3::mystateval"
        post: |
          env
          [ "$STATE_mystate0" = "mystateval" ]
          [ "$STATE_mystate1" = "mystateval" ]
          [ "$STATE_mystate2" = "mystateval" ]
          [ "$STATE_mystate3" = "mystateval" ]
  # State must be isolated per action instance even when two steps use the same action.
  test-id-collision-bug:
    runs-on: ubuntu-latest
    steps:
-    - uses: nektos/act-test-actions/script@main
+    - uses: actions/checkout@v4
    - uses: ./actions/script
      id: script
      with:
-        pre: |
+        main: echo mystate=val1 > $GITHUB_STATE
-          env
+        post: '[ "$STATE_mystate" = "val1" ]'
-          echo mystate0=mystateval > $GITHUB_STATE
+    - uses: ./actions/script
          echo "::save-state name=mystate1::mystateval"
        main: |
          env
          echo mystate2=mystateval > $GITHUB_STATE
          echo "::save-state name=mystate3::mystateval"
        post: |
          env
          [ "$STATE_mystate0" = "mystateval" ]
          [ "$STATE_mystate1" = "mystateval" ]
          [ "$STATE_mystate2" = "mystateval" ]
          [ "$STATE_mystate3" = "mystateval" ]
    - uses: nektos/act-test-actions/script@main
      id: pre-script
      with:
-        main: |
+        main: echo mystate=val2 > $GITHUB_STATE
-          env
+        post: '[ "$STATE_mystate" = "val2" ]'
          echo mystate0=mystateerror > $GITHUB_STATE
          echo "::save-state name=mystate1::mystateerror"
--- a/act/runner/testdata/actions-environment-and-context-tests/docker/Dockerfile
+++ b/act/runner/testdata/actions-environment-and-context-tests/docker/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.23
+FROM alpine:3.24
 COPY entrypoint.sh /entrypoint.sh
--- a/act/runner/testdata/actions-environment-and-context-tests/push.yml
+++ b/act/runner/testdata/actions-environment-and-context-tests/push.yml
@@ -9,7 +9,3 @@ jobs:
      - uses: actions/checkout@v3
      - uses: './actions-environment-and-context-tests/js'
      - uses: './actions-environment-and-context-tests/docker'
      - uses: 'nektos/act-test-actions/js@main'
      - uses: 'nektos/act-test-actions/docker@main'
      - uses: 'nektos/act-test-actions/docker-file@main'
      - uses: 'nektos/act-test-actions/docker-relative-context/action@main'
--- a/act/runner/testdata/actions/script/action.yml
+++ b/act/runner/testdata/actions/script/action.yml
@@ -0,0 +1,15 @@
 name: 'script'
 description: 'Run the shell scripts passed as inputs across the pre/main/post lifecycle'
 inputs:
  main:
    description: 'shell script to run in the main step'
    required: false
    default: ''
  post:
    description: 'shell script to run in the post step'
    required: false
    default: ''
 runs:
  using: 'node24'
  main: 'index.js'
  post: 'post.js'
--- a/act/runner/testdata/actions/script/index.js
+++ b/act/runner/testdata/actions/script/index.js
@@ -0,0 +1,9 @@
 import {execFileSync} from 'node:child_process';
 // Run the `main` input as a bash script; its stdout (workflow commands like
 // ::set-output / ::save-state) and $GITHUB_ENV / $GITHUB_STATE writes are
 // processed by the runner, exactly like the remote script action this replaces.
 const script = process.env.INPUT_MAIN;
 if (script) {
  execFileSync('bash', ['-eo', 'pipefail', '-c', script], {stdio: 'inherit'});
 }
--- a/act/runner/testdata/actions/script/package.json
+++ b/act/runner/testdata/actions/script/package.json
@@ -0,0 +1,5 @@
 {
  "name": "script",
  "private": true,
  "type": "module"
 }
--- a/act/runner/testdata/actions/script/post.js
+++ b/act/runner/testdata/actions/script/post.js
@@ -0,0 +1,6 @@
 import {execFileSync} from 'node:child_process';
 const script = process.env.INPUT_POST;
 if (script) {
  execFileSync('bash', ['-eo', 'pipefail', '-c', script], {stdio: 'inherit'});
 }
--- a/act/runner/testdata/docker-action-custom-path/push.yml
+++ b/act/runner/testdata/docker-action-custom-path/push.yml
@@ -4,7 +4,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
    - run: |
-        FROM ubuntu:latest
+        FROM node:24-bookworm-slim
        ENV PATH="/opt/texlive/texdir/bin/x86_64-linuxmusl:${PATH}"
        ENV ORG_PATH="${PATH}"
        ENTRYPOINT [ "bash", "-c", "echo \"PATH=$PATH\" && echo \"ORG_PATH=$ORG_PATH\" && [[ \"$PATH\" = \"$ORG_PATH\" ]]" ]
--- a/act/runner/testdata/issue-1195/push.yml
+++ b/act/runner/testdata/issue-1195/push.yml
@@ -1,13 +0,0 @@
 on: push
 env:
  variable: "${{ github.repository_owner }}"
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - name: print env.variable
        run: |
          echo ${{ env.variable }}
          exit ${{ (env.variable == 'nektos') && '0' || '1'}}
--- a/act/runner/testdata/issue-597/spelling.yaml
+++ b/act/runner/testdata/issue-597/spelling.yaml
@@ -9,24 +9,13 @@ jobs:
    steps:
      - name: My first false step
        if: "endsWith('Should not', 'o1')"
-        uses: actions/checkout@v2.0.0
+        run: exit 1
        with:
          ref: refs/pull/${{github.event.pull_request.number}}/merge
          fetch-depth: 5
      - name: My first true step
        if: ${{endsWith('Hello world', 'ld')}}
-        uses: actions/hello-world-javascript-action@main
+        run: echo "Renst the Octocat"
        with:
          who-to-greet: "Renst the Octocat"
      - name: My second false step
        if: "endsWith('Should not evaluate', 'o2')"
-        uses: actions/checkout@v2.0.0
+        run: exit 1
        with:
          ref: refs/pull/${{github.event.pull_request.number}}/merge
          fetch-depth: 5
      - name: My third false step
        if: ${{endsWith('Should not evaluate', 'o3')}}
-        uses: actions/checkout@v2.0.0
+        run: exit 1
        with:
          ref: refs/pull/${{github.event.pull_request.number}}/merge
          fetch-depth: 5
--- a/act/runner/testdata/issue-598/spelling.yml
+++ b/act/runner/testdata/issue-598/spelling.yml
@@ -9,23 +9,13 @@ jobs:
    steps:
      - name: My first false step
        if: "endsWith('Hello world', 'o1')"
-        uses: actions/hello-world-javascript-action@main
+        run: exit 1
        with:
          who-to-greet: 'Mona the Octocat'
      - name: My first true step
        if: "!endsWith('Hello world', 'od')"
-        uses: actions/hello-world-javascript-action@main
+        run: echo "Renst the Octocat"
        with:
          who-to-greet: "Renst the Octocat"
      - name: My second false step
        if: "endsWith('Hello world', 'o2')"
-        uses: actions/hello-world-javascript-action@main
+        run: exit 1
        with:
          who-to-greet: 'Act the Octocat'
      - name: My third false step
        if: "endsWith('Hello world', 'o2')"
-        uses: actions/hello-world-javascript-action@main
+        run: exit 1
        with:
          who-to-greet: 'Git the Octocat'
--- a/act/runner/testdata/job-container-non-root/push.yml
+++ b/act/runner/testdata/job-container-non-root/push.yml
@@ -5,6 +5,7 @@ jobs:
  test:
    runs-on: ubuntu-latest
    container:
-      image: catthehacker/ubuntu:runner-latest # image with user 'runner:runner' built on tag 'act-latest'
+      image: node:24-bookworm-slim
      options: --user 1000
    steps:
      - run: echo PASS
--- a/act/runner/testdata/local-action-dockerfile/push.yml
+++ b/act/runner/testdata/local-action-dockerfile/push.yml
@@ -24,4 +24,3 @@ jobs:
        args: ${{format('"{0}"', 'Mona is not the Octocat') }}
        who-to-greet: 'Mona the Octocat'
    - run: '[[ "${{ env.SOMEVAR }}" == "Mona is not the Octocat" ]]'
    - uses: ./localdockerimagetest_
--- a/act/runner/testdata/local-action-via-composite-dockerfile/action.yml
+++ b/act/runner/testdata/local-action-via-composite-dockerfile/action.yml
@@ -30,11 +30,6 @@ runs:
      who-to-greet: ${{inputs.who-to-greet}}
  - run: '[[ "${{ env.SOMEVAR }}" == "Mona is not the Octocat" ]]'
    shell: bash
  - uses: ./localdockerimagetest_
  # Also test a remote docker action here
  - uses: actions/hello-world-docker-action@v2
    with:
      who-to-greet: 'Mona the Octocat'
  # Test if GITHUB_ACTION_PATH is set correctly after all steps
  - run: stat $GITHUB_ACTION_PATH/push.yml
    shell: bash
--- a/act/runner/testdata/local-remote-action-overrides/push.yml
+++ b/act/runner/testdata/local-remote-action-overrides/push.yml
@@ -5,5 +5,5 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: nektos/test-override@a
+      - uses: https://github.com/nektos/test-override@a
      - uses: nektos/test-override@b
--- a/act/runner/testdata/matrix-include-exclude/push.yml
+++ b/act/runner/testdata/matrix-include-exclude/push.yml
@@ -1,31 +0,0 @@
 name: matrix-include-exclude
 on: push
 jobs:
  build:
    name: PHP ${{ matrix.os }} ${{ matrix.node}}
    runs-on: ${{ matrix.os }}
    steps:
      - run: echo ${NODE_VERSION} | grep ${{ matrix.node }}
        env:
          NODE_VERSION: ${{ matrix.node }}
    strategy:
      matrix:
        os: [ubuntu-18.04, macos-latest]
        node: [4, 6, 8, 10]
        exclude:
          - os: macos-latest
            node: 4
        include:
          - os: ubuntu-16.04
            node: 10
  test:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        node: [8.x, 10.x, 12.x, 13.x]
    steps:
      - run: echo ${NODE_VERSION} | grep ${{ matrix.node }}
        env:
          NODE_VERSION: ${{ matrix.node }}
--- a/act/runner/testdata/no-panic-on-invalid-composite-action/push.yml
+++ b/act/runner/testdata/no-panic-on-invalid-composite-action/push.yml
@@ -19,11 +19,3 @@ jobs:
          using: composite
      shell: cp {0} action.yml
    - uses: ./
  remote-invalid-step:
    runs-on: ubuntu-latest
    steps:
    - uses: nektos/act-test-actions/invalid-composite-action/invalid-step@main
  remote-missing-steps:
    runs-on: ubuntu-latest
    steps:
    - uses: nektos/act-test-actions/invalid-composite-action/missing-steps@main
--- a/act/runner/testdata/path-handling/push.yml
+++ b/act/runner/testdata/path-handling/push.yml
@@ -27,7 +27,7 @@ jobs:
            exit 1
          fi
-      - uses: nektos/act-test-actions/composite@main
+      - uses: ./path-handling/
        with:
          input: some input
--- a/act/runner/testdata/remote-action-composite-action-ref/push.yml
+++ b/act/runner/testdata/remote-action-composite-action-ref/push.yml
@@ -1,8 +0,0 @@
 name: remote-action-composite-action-ref
 on: push
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
    - uses: nektos/act-test-actions/composite-assert-action-ref-action@main
--- a/act/runner/testdata/remote-action-composite-js-pre-with-defaults/push.yml
+++ b/act/runner/testdata/remote-action-composite-js-pre-with-defaults/push.yml
@@ -1,23 +0,0 @@
 name: remote-action-composite-js-pre-with-defaults
 on: push
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
    - uses: nektos/act-test-actions/composite-js-pre-with-defaults/js@main
      with:
        in: nix
    - uses: nektos/act-test-actions/composite-js-pre-with-defaults@main
      with:
        in: secretval
    - uses: nektos/act-test-actions/composite-js-pre-with-defaults@main
      with:
        in: secretval
    - uses: nektos/act-test-actions/composite-js-pre-with-defaults/js@main
      with:
        pre: "true"
        in: nix
    - uses: nektos/act-test-actions/composite-js-pre-with-defaults/js@main
      with:
        in: nix
--- a/act/runner/testdata/remote-action-docker/push.yml
+++ b/act/runner/testdata/remote-action-docker/push.yml
@@ -1,10 +0,0 @@
 name: remote-action-docker
 on: push
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/hello-world-docker-action@v1
      with:
        who-to-greet: 'Mona the Octocat'
--- a/act/runner/testdata/remote-action-js-node-user/push.yml
+++ b/act/runner/testdata/remote-action-js-node-user/push.yml
@@ -1,30 +0,0 @@
 name: remote-action-js
 on: push
 jobs:
  test:
    runs-on: ubuntu-latest
    container:
      image: node:24-bookworm-slim
      options: --user node
    steps:
    - name: check permissions of env files
      id: test
      run: |
        echo "USER: $(id -un) expected: node"
        [[ "$(id -un)" = "node" ]]
        echo "TEST=Value" >> $GITHUB_OUTPUT
      shell: bash
    - name: check if file command worked
      if: steps.test.outputs.test != 'Value'
      run: |
        echo "steps.test.outputs.test=${{ steps.test.outputs.test || 'missing value!' }}"
        exit 1
      shell: bash
    - uses: actions/hello-world-javascript-action@v1
      with:
        who-to-greet: 'Mona the Octocat'
    - uses: cloudposse/actions/github/slash-command-dispatch@0.14.0
--- a/act/runner/testdata/remote-action-js/push.yml
+++ b/act/runner/testdata/remote-action-js/push.yml
@@ -1,12 +0,0 @@
 name: remote-action-js
 on: push
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/hello-world-javascript-action@v1
      with:
        who-to-greet: 'Mona the Octocat'
    - uses: cloudposse/actions/github/slash-command-dispatch@0.14.0
--- a/act/runner/testdata/runs-on/push.yml
+++ b/act/runner/testdata/runs-on/push.yml
@@ -1,24 +0,0 @@
 name: runs-on
 on: push
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
    - run: env
    - run: echo ${GITHUB_ACTOR} 
    - run: echo ${GITHUB_ACTOR} | grep nektos/act
  many:
    runs-on: [ubuntu-latest]
    steps:
      - run: env
      - run: echo ${GITHUB_ACTOR}
      - run: echo ${GITHUB_ACTOR} | grep nektos/act
  selfmany:
    runs-on: [self-hosted, ubuntu-latest]
    steps:
      - run: env
      - run: echo ${GITHUB_ACTOR}
      - run: echo ${GITHUB_ACTOR} | grep nektos/act
--- a/act/runner/testdata/services-host-network/push.yml
+++ b/act/runner/testdata/services-host-network/push.yml
@@ -1,14 +0,0 @@
 name: services-host-network
 on: push
 jobs:
  services-host-network:
    runs-on: ubuntu-latest
    services:
      nginx:
        image: "nginx:latest"
        ports:
          - "8080:80"
    steps:
      - run: apt-get -qq update && apt-get -yqq install --no-install-recommends curl net-tools
      - run: netstat -tlpen
      - run: curl -v http://localhost:8080
--- a/act/runner/testdata/services-with-container/push.yml
+++ b/act/runner/testdata/services-with-container/push.yml
@@ -5,12 +5,11 @@ jobs:
    runs-on: ubuntu-latest
    # https://docs.github.com/en/actions/using-containerized-services/about-service-containers#running-jobs-in-a-container
    container:
-      image: "ubuntu:latest"
+      image: "node:24-bookworm-slim"
    services:
      nginx:
-        image: "nginx:latest"
+        image: "nginx:alpine"
        ports:
          - "8080:80"
    steps:
      - run: apt-get -qq update && apt-get -yqq install --no-install-recommends curl
      # reach the service over the shared job network by its alias, no host port needed
      - run: curl -v http://nginx:80
--- a/act/runner/testdata/services/push.yaml
+++ b/act/runner/testdata/services/push.yaml
@@ -6,18 +6,9 @@ jobs:
    runs-on: ubuntu-latest
    services:
      postgres:
-        image: postgres:12
+        image: nginx:alpine
        env:
          POSTGRES_USER: runner
          POSTGRES_PASSWORD: mysecretdbpass
          POSTGRES_DB: mydb
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
-          - 5432:5432
+          - 80
    steps:
      - name: Echo the Postgres service ID / Network / Ports
        run: |
--- a/act/runner/testdata/shells/pwsh/push.yml
+++ b/act/runner/testdata/shells/pwsh/push.yml
@@ -8,13 +8,6 @@ jobs:
      - shell: ${{ env.MY_SHELL }}
        run: |
          $PSVersionTable
  check-container:
    runs-on: ubuntu-latest
    container: catthehacker/ubuntu:pwsh-latest
    steps:
      - shell: ${{ env.MY_SHELL }}
        run: |
          $PSVersionTable
  check-job-default:
    runs-on: ubuntu-latest
    defaults:
--- a/act/runner/testdata/shells/python/push.yml
+++ b/act/runner/testdata/shells/python/push.yml
@@ -1,28 +0,0 @@
 on: push
 env:
  MY_SHELL: python
 jobs:
  check:
    runs-on: ubuntu-latest
    steps:
      - shell: ${{ env.MY_SHELL }}
        run: |
          import platform
          print(platform.python_version())
  check-container:
    runs-on: ubuntu-latest
    container: node:24-bookworm
    steps:
      - shell: ${{ env.MY_SHELL }}
        run: |
          import platform
          print(platform.python_version())
  check-job-default:
    runs-on: ubuntu-latest
    defaults:
      run:
        shell: ${{ env.MY_SHELL }}
    steps:
      - run: |
          import platform
          print(platform.python_version())
--- a/act/runner/testdata/uses-action-with-pre-and-post-step/last-action/action.yml
+++ b/act/runner/testdata/uses-action-with-pre-and-post-step/last-action/action.yml
@@ -1,7 +0,0 @@
 name: "last action check"
 description: "last action check"
 runs:
  using: "node24"
  main: main.js
  post: post.js
--- a/act/runner/testdata/uses-action-with-pre-and-post-step/last-action/main.js
+++ b/act/runner/testdata/uses-action-with-pre-and-post-step/last-action/main.js
--- a/act/runner/testdata/uses-action-with-pre-and-post-step/last-action/post.js
+++ b/act/runner/testdata/uses-action-with-pre-and-post-step/last-action/post.js
@@ -1,17 +0,0 @@
 const pre = process.env['ACTION_OUTPUT_PRE'];
 const main = process.env['ACTION_OUTPUT_MAIN'];
 const post = process.env['ACTION_OUTPUT_POST'];
 console.log({pre, main, post});
 if (pre !== 'pre') {
  throw new Error(`Expected 'pre' but got '${pre}'`);
 }
 if (main !== 'main') {
  throw new Error(`Expected 'main' but got '${main}'`);
 }
 if (post !== 'post') {
  throw new Error(`Expected 'post' but got '${post}'`);
 }
--- a/act/runner/testdata/uses-action-with-pre-and-post-step/push.yml
+++ b/act/runner/testdata/uses-action-with-pre-and-post-step/push.yml
@@ -1,15 +0,0 @@
 name: uses-action-with-pre-and-post-step
 on: push
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: ./uses-action-with-pre-and-post-step/last-action
      - uses: nektos/act-test-actions/js-with-pre-and-post-step@main
        with:
          pre: true
          post: true
      - run: |
          cat $GITHUB_ENV
--- a/act/runner/testdata/uses-github-full-sha/main.yml
+++ b/act/runner/testdata/uses-github-full-sha/main.yml
@@ -1,7 +0,0 @@
 name: uses-github-root
 on: push
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/hello-world-docker-action@b136eb8894c5cb1dd5807da824be97ccdf9b5423
--- a/act/runner/testdata/uses-github-path/push.yml
+++ b/act/runner/testdata/uses-github-path/push.yml
@@ -1,7 +0,0 @@
 name: uses-github-path
 on: push
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
    - uses: sergioramos/yarn-actions/install@v6
--- a/act/runner/testdata/uses-github-short-sha/main.yml
+++ b/act/runner/testdata/uses-github-short-sha/main.yml
@@ -1,7 +0,0 @@
 name: uses-github-root
 on: push
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/hello-world-docker-action@b136eb8
--- a/act/runner/testdata/uses-nested-composite/composite_action2/action.yml
+++ b/act/runner/testdata/uses-nested-composite/composite_action2/action.yml
@@ -1,63 +0,0 @@
 ---
 name: "Test Composite Action"
 description: "Test action uses composite"
 inputs:
  test_input_optional:
    description: Test
 runs:
  using: "composite"
  steps:
  - uses: actions/setup-node@v6
    with:
      node-version: '24'
  - run: |
      console.log(process.version);
      console.log("Hi from node");
      console.log("${{ inputs.test_input_optional }}");
      if("${{ inputs.test_input_optional }}" !== "Test") {
        console.log("Invalid input test_input_optional expected \"Test\" as value");
        process.exit(1);
      }
      if(!process.version.startsWith('v16')) {
        console.log("Expected node v16, but got " + process.version);
        process.exit(1);
      }
    shell: node {0}
  - uses: ./uses-composite/composite_action
    id: composite
    with:
      test_input_required: 'test_input_required_value'
      test_input_optional: 'test_input_optional_value'
      test_input_optional_with_default_overriden: 'test_input_optional_with_default_overriden'
      test_input_required_with_default: 'test_input_optional_value'
      test_input_required_with_default_overriden: 'test_input_required_with_default_overriden'
      secret_input: ${{inputs.test_input_optional}}
    env:
      secret_input: ${{inputs.test_input_optional}}
  - run: |
      echo "steps.composite.outputs.test_output=${{ steps.composite.outputs.test_output }}"
      [[ "${{steps.composite.outputs.test_output == 'test_output_value'}}" = "true" ]] || exit 1
    shell: bash
  - run: |
      echo "steps.composite.outputs.secret_output=${{ steps.composite.outputs.secret_output }}"
      [[ "${{steps.composite.outputs.secret_output == format('{0}/{0}', inputs.test_input_optional)}}" = "true" ]] || exit 1
    shell: bash
  # Now test again with default values
  - name: ./uses-composite/composite_action with defaults
    uses: ./uses-composite/composite_action
    id: composite2
    with:
      test_input_required: 'test_input_required_value'
      test_input_optional_with_default_overriden: 'test_input_optional_with_default_overriden'
      test_input_required_with_default_overriden: 'test_input_required_with_default_overriden'
  - run: |
      echo "steps.composite2.outputs.test_output=${{ steps.composite2.outputs.test_output }}"
      [[ "${{steps.composite2.outputs.test_output == 'test_output_value'}}" = "true" ]] || exit 1
    shell: bash
  - run: |
      echo "steps.composite.outputs.secret_output=$COMPOSITE_ACTION_ENV_OUTPUT"
      [[ "${{env.COMPOSITE_ACTION_ENV_OUTPUT == 'my test value' }}" = "true" ]] || exit 1
    shell: bash
--- a/act/runner/testdata/uses-nested-composite/push.yml
+++ b/act/runner/testdata/uses-nested-composite/push.yml
@@ -1,15 +0,0 @@
 name: uses-docker-url
 on: push
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - uses: ./uses-nested-composite/composite_action2
      with:
        test_input_optional: Test
    - run: |
        echo "steps.composite.outputs.secret_output=$COMPOSITE_ACTION_ENV_OUTPUT"
        [[ "${{env.COMPOSITE_ACTION_ENV_OUTPUT == 'my test value' }}" = "true" ]] || exit 1
      shell: bash
--- a/act/runner/testdata/uses-workflow/local-workflow.yml
+++ b/act/runner/testdata/uses-workflow/local-workflow.yml
@@ -1,42 +0,0 @@
 name: local-reusable-workflows
 on: pull_request
 jobs:
  reusable-workflow:
    uses: ./.github/workflows/local-reusable-workflow.yml
    with:
      string_required: string
      bool_required: ${{ true }}
      number_required: 1
    secrets:
      secret: keep_it_private
  reusable-workflow-with-inherited-secrets:
    uses: ./.github/workflows/local-reusable-workflow.yml
    with:
      string_required: string
      bool_required: ${{ true }}
      number_required: 1
    secrets: inherit
  reusable-workflow-with-on-string-notation:
    uses: ./.github/workflows/local-reusable-workflow-no-inputs-string.yml
  reusable-workflow-with-on-array-notation:
    uses: ./.github/workflows/local-reusable-workflow-no-inputs-array.yml
  output-test:
    runs-on: ubuntu-latest
    needs:
      - reusable-workflow
      - reusable-workflow-with-inherited-secrets
    steps:
      - name: output with secrets map
        run: |
          echo reusable-workflow.output=${{ needs.reusable-workflow.outputs.output }}
          [[ "${{ needs.reusable-workflow.outputs.output == 'string' }}" = "true" ]] || exit 1
      - name: output with inherited secrets
        run: |
          echo reusable-workflow-with-inherited-secrets.output=${{ needs.reusable-workflow-with-inherited-secrets.outputs.output }}
          [[ "${{ needs.reusable-workflow-with-inherited-secrets.outputs.output == 'string' }}" = "true" ]] || exit 1
--- a/act/runner/testdata/uses-workflow/push.yml
+++ b/act/runner/testdata/uses-workflow/push.yml
@@ -1,8 +1,11 @@
 on: push
 # Exercises the reusable-workflow caller path against a local reusable workflow: passing typed
 # inputs and secrets (both an explicit map and `inherit`), and reading the called workflow's
 # outputs back through `needs`.
 jobs:
  reusable-workflow:
-    uses: nektos/act-test-actions/.github/workflows/reusable-workflow.yml@main
+    uses: ./.github/workflows/local-reusable-workflow.yml
    with:
      string_required: string
      bool_required: ${{ true }}
@@ -11,7 +14,7 @@ jobs:
      secret: keep_it_private
  reusable-workflow-with-inherited-secrets:
-    uses: nektos/act-test-actions/.github/workflows/reusable-workflow.yml@main
+    uses: ./.github/workflows/local-reusable-workflow.yml
    with:
      string_required: string
      bool_required: ${{ true }}
@@ -24,12 +27,5 @@ jobs:
      - reusable-workflow
      - reusable-workflow-with-inherited-secrets
    steps:
-      - name: output with secrets map
+      - run: '[[ "${{ needs.reusable-workflow.outputs.output == ''string'' }}" = "true" ]] || exit 1'
-        run: |
+      - run: '[[ "${{ needs.reusable-workflow-with-inherited-secrets.outputs.output == ''string'' }}" = "true" ]] || exit 1'
          echo reusable-workflow.output=${{ needs.reusable-workflow.outputs.output }}
          [[ "${{ needs.reusable-workflow.outputs.output == 'string' }}" = "true" ]] || exit 1
      - name: output with inherited secrets
        run: |
          echo reusable-workflow-with-inherited-secrets.output=${{ needs.reusable-workflow-with-inherited-secrets.outputs.output }}
          [[ "${{ needs.reusable-workflow-with-inherited-secrets.outputs.output == 'string' }}" = "true" ]] || exit 1
--- a/go.mod
+++ b/go.mod
@@ -3,15 +3,15 @@ module gitea.com/gitea/runner
 go 1.26.0
 require (
 	code.gitea.io/actions-proto-go v0.4.1
 	connectrpc.com/connect v1.20.0
 	dario.cat/mergo v1.0.2
 	gitea.dev/actions-proto-go v0.6.0
 	github.com/Masterminds/semver v1.5.0
 	github.com/avast/retry-go/v5 v5.0.0
 	github.com/containerd/errdefs v1.0.0
 	github.com/creack/pty v1.1.24
 	github.com/distribution/reference v0.6.0
-	github.com/docker/cli v29.5.2+incompatible
+	github.com/docker/cli v29.5.3+incompatible
 	github.com/docker/go-connections v0.7.0
 	github.com/go-git/go-billy/v5 v5.9.0
 	github.com/go-git/go-git/v5 v5.19.1
@@ -26,7 +26,7 @@ require (
 	github.com/moby/moby/client v0.4.1
 	github.com/moby/patternmatcher v0.6.1
 	github.com/opencontainers/image-spec v1.1.1
-	github.com/opencontainers/selinux v1.15.0
+	github.com/opencontainers/selinux v1.15.1
 	github.com/pkg/errors v0.9.1
 	github.com/prometheus/client_golang v1.23.2
 	github.com/rhysd/actionlint v1.7.12
@@ -37,7 +37,8 @@ require (
 	github.com/timshannon/bolthold v0.0.0-20240314194003-30aac6950928
 	go.etcd.io/bbolt v1.4.3
 	go.yaml.in/yaml/v4 v4.0.0-rc.3
-	golang.org/x/term v0.43.0
+	golang.org/x/sys v0.46.0
 	golang.org/x/term v0.44.0
 	google.golang.org/protobuf v1.36.11
 	gotest.tools/v3 v3.5.2
 	tags.cncf.io/container-device-interface v1.1.0
@@ -103,10 +104,9 @@ require (
 	go.opentelemetry.io/otel/trace v1.43.0 // indirect
 	go.yaml.in/yaml/v2 v2.4.3 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
-	golang.org/x/crypto v0.50.0 // indirect
+	golang.org/x/crypto v0.52.0 // indirect
-	golang.org/x/net v0.53.0 // indirect
+	golang.org/x/net v0.54.0 // indirect
 	golang.org/x/sync v0.20.0 // indirect
 	golang.org/x/sys v0.44.0 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -1,13 +1,11 @@
 code.gitea.io/actions-proto-go v0.4.1 h1:l0EYhjsgpUe/1VABo2eK7zcoNX2W44WOnb0MSLrKfls=
 code.gitea.io/actions-proto-go v0.4.1/go.mod h1:mn7Wkqz6JbnTOHQpot3yDeHx+O5C9EGhMEE+htvHBas=
 connectrpc.com/connect v1.19.2 h1:McQ83FGdzL+t60peksi0gXC7MQ/iLKgLduAnThbM0mo=
 connectrpc.com/connect v1.19.2/go.mod h1:tN20fjdGlewnSFeZxLKb0xwIZ6ozc3OQs2hTXy4du9w=
 connectrpc.com/connect v1.20.0 h1:6TNDAB+WeNd2uolWNlYczB5E0KNNaVMNUEx8JEUsPmQ=
 connectrpc.com/connect v1.20.0/go.mod h1:A2ygJrukXwWy32vkCAAHNVguZrqZ+jeZ9rGRnGR4dN4=
 cyphar.com/go-pathrs v0.2.3 h1:0pH8gep37wB0BgaXrEaN1OtZhUMeS7VvaejSr6i822o=
 cyphar.com/go-pathrs v0.2.3/go.mod h1:y8f1EMG7r+hCuFf/rXsKqMJrJAUoADZGNh5/vZPKcGc=
 dario.cat/mergo v1.0.2 h1:85+piFYR1tMbRrLcDwR18y4UKJ3aH1Tbzi24VRW1TK8=
 dario.cat/mergo v1.0.2/go.mod h1:E/hbnu0NxMFBjpMIE34DRGLWqDy0g5FuKDhCb31ngxA=
 gitea.dev/actions-proto-go v0.6.0 h1:gjllYQ5vmwlkqOeofTQu5qKTZpmf7kWsafoHvoPCSzY=
 gitea.dev/actions-proto-go v0.6.0/go.mod h1:p4RX+D9oqiEEzzkPMXscw2CmaGuYFPWFc6xIOmDNDqs=
 github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 h1:He8afgbRMd7mFxO99hRNu+6tazq8nFF9lIwo9JFroBk=
 github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8=
 github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww=
@@ -49,8 +47,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
 github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
-github.com/docker/cli v29.5.2+incompatible h1:ubykJ1Y8LmNRGJ2BuMQ0kHOt/RO1YzGNswqWMJgivuQ=
+github.com/docker/cli v29.5.3+incompatible h1:nbEFfz774vBwQ5KRYv7c/AghjReqnGISvrRhzjV0evs=
-github.com/docker/cli v29.5.2+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
+github.com/docker/cli v29.5.3+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/docker-credential-helpers v0.9.6 h1:cT2PbRPSlnMmNTfT2TDMXRyQ1KMWHG7xoTLBcn1ZNv0=
 github.com/docker/docker-credential-helpers v0.9.6/go.mod h1:v1S+hepowrQXITkEfw6o4+BMbGot02wiKpzWhGUZK6c=
 github.com/docker/go-connections v0.7.0 h1:6SsRfJddP22WMrCkj19x9WKjEDTB+ahsdiGYf0mN39c=
@@ -149,10 +147,8 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8
 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
 github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040=
 github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M=
-github.com/opencontainers/selinux v1.14.1 h1:a7XlXV/nN/l5zFP1FWZYoExpClu1QOPMfWUV2CZ8kEQ=
+github.com/opencontainers/selinux v1.15.1 h1:ERxeh5caJvCzNAKdI8WQbJmB1LDTn4BuaAg8wihLBpA=
-github.com/opencontainers/selinux v1.14.1/go.mod h1:LenyElirjUHszfxrjuFqC85HIeXZKumHcKMQtnaDlQQ=
+github.com/opencontainers/selinux v1.15.1/go.mod h1:LenyElirjUHszfxrjuFqC85HIeXZKumHcKMQtnaDlQQ=
 github.com/opencontainers/selinux v1.15.0 h1:4Gs40e/R2FvM8PC1HPaPncLLaDor8Y2WDfk5gjU9o5M=
 github.com/opencontainers/selinux v1.15.0/go.mod h1:LenyElirjUHszfxrjuFqC85HIeXZKumHcKMQtnaDlQQ=
 github.com/pjbgf/sha1cd v0.6.0 h1:3WJ8Wz8gvDz29quX1OcEmkAlUg9diU4GxJHqs0/XiwU=
 github.com/pjbgf/sha1cd v0.6.0/go.mod h1:lhpGlyHLpQZoxMv8HcgXvZEhcGs0PG/vsZnEJ7H0iCM=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
@@ -237,13 +233,13 @@ go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
 go.yaml.in/yaml/v4 v4.0.0-rc.3 h1:3h1fjsh1CTAPjW7q/EMe+C8shx5d8ctzZTrLcs/j8Go=
 go.yaml.in/yaml/v4 v4.0.0-rc.3/go.mod h1:aZqd9kCMsGL7AuUv/m/PvWLdg5sjJsZ4oHDEnfPPfY0=
 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.50.0 h1:zO47/JPrL6vsNkINmLoo/PH1gcxpls50DNogFvB5ZGI=
+golang.org/x/crypto v0.52.0 h1:RMs7fP2rXdep0CftQlK8Uf+kibLm7qkCcradZWYz988=
-golang.org/x/crypto v0.50.0/go.mod h1:3muZ7vA7PBCE6xgPX7nkzzjiUq87kRItoJQM1Yo8S+Q=
+golang.org/x/crypto v0.52.0/go.mod h1:1QgfPxDqh0T2M/elOJtp9RvuR95kVjir0e6/BvEmGbc=
 golang.org/x/exp v0.0.0-20260410095643-746e56fc9e2f h1:W3F4c+6OLc6H2lb//N1q4WpJkhzJCK5J6kUi1NTVXfM=
 golang.org/x/exp v0.0.0-20260410095643-746e56fc9e2f/go.mod h1:J1xhfL/vlindoeF/aINzNzt2Bket5bjo9sdOYzOsU80=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.53.0 h1:d+qAbo5L0orcWAr0a9JweQpjXF19LMXJE8Ey7hwOdUA=
+golang.org/x/net v0.54.0 h1:2zJIZAxAHV/OHCDTCOHAYehQzLfSXuf/5SoL/Dv6w/w=
-golang.org/x/net v0.53.0/go.mod h1:JvMuJH7rrdiCfbeHoo3fCQU24Lf5JJwT9W3sJFulfgs=
+golang.org/x/net v0.54.0/go.mod h1:Sj4oj8jK6XmHpBZU/zWHw3BV3abl4Kvi+Ut7cQcY+cQ=
 golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4=
 golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0=
 golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -254,14 +250,16 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.44.0 h1:ildZl3J4uzeKP07r2F++Op7E9B29JRUy+a27EibtBTQ=
+golang.org/x/sys v0.46.0 h1:noSf2Fq6F8DBgS+LysIkx7rIExoNHJsxOAtPp4rthXw=
-golang.org/x/sys v0.44.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
+golang.org/x/sys v0.46.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.43.0 h1:S4RLU2sB31O/NCl+zFN9Aru9A/Cq2aqKpTZJ6B+DwT4=
 golang.org/x/term v0.43.0/go.mod h1:lrhlHNdQJHO+1qVYiHfFKVuVioJIheAc3fBSMFYEIsk=
 golang.org/x/term v0.44.0 h1:0rLvDRCtNj0gZkyIXhCyOb2OAzEhLVqc4B+hrsBhrmc=
 golang.org/x/term v0.44.0/go.mod h1:7ze4MdzUzLXpSAoFP1H0bOI9aXDqveSvatT5vKcFh2Y=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.36.0 h1:JfKh3XmcRPqZPKevfXVpI1wXPTqbkE5f7JA92a55Yxg=
+golang.org/x/text v0.37.0 h1:Cqjiwd9eSg8e0QAkyCaQTNHFIIzWtidPahFWR83rTrc=
-golang.org/x/text v0.36.0/go.mod h1:NIdBknypM8iqVmPiuco0Dh6P5Jcdk8lJL0CUebqK164=
+golang.org/x/text v0.37.0/go.mod h1:a5sjxXGs9hsn/AJVwuElvCAo9v8QYLzvavO5z2PiM38=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
 google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
--- a/internal/app/cmd/daemon.go
+++ b/internal/app/cmd/daemon.go
@@ -148,6 +148,7 @@ func runDaemon(ctx context.Context, daemArgs *daemonArgs, configFile *string) fu
 			log.Infof("runner: %s, with version: %s, with labels: %v, declare successfully",
 				resp.Msg.Runner.Name, resp.Msg.Runner.Version, resp.Msg.Runner.Labels)
 		}
 		runner.SetCapabilitiesFromDeclare(resp)
 		if cfg.Metrics.Enabled {
 			metrics.Init()
--- a/internal/app/cmd/register.go
+++ b/internal/app/cmd/register.go
@@ -14,14 +14,15 @@ import (
 	"strings"
 	"time"
 	"gitea.com/gitea/runner/internal/app/run"
 	"gitea.com/gitea/runner/internal/pkg/client"
 	"gitea.com/gitea/runner/internal/pkg/config"
 	"gitea.com/gitea/runner/internal/pkg/labels"
 	"gitea.com/gitea/runner/internal/pkg/ver"
 	pingv1 "code.gitea.io/actions-proto-go/ping/v1"
 	runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
 	"connectrpc.com/connect"
 	pingv1 "gitea.dev/actions-proto-go/ping/v1"
 	runnerv1 "gitea.dev/actions-proto-go/runner/v1"
 	"github.com/mattn/go-isatty"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
@@ -365,11 +366,12 @@ func doRegister(ctx context.Context, cfg *config.Config, inputs *registerInputs)
 	}
 	// register new runner.
 	resp, err := cli.Register(ctx, connect.NewRequest(&runnerv1.RegisterRequest{
-		Name:      reg.Name,
+		Name:         reg.Name,
-		Token:     reg.Token,
+		Token:        reg.Token,
-		Version:   ver.Version(),
+		Version:      ver.Version(),
-		Labels:    ls,
+		Labels:       ls,
-		Ephemeral: reg.Ephemeral,
+		Ephemeral:    reg.Ephemeral,
 		Capabilities: run.RunnerCapabilities(),
 	}))
 	if err != nil {
 		log.WithError(err).Error("poller: cannot register new runner")
--- a/internal/app/poll/poller.go
+++ b/internal/app/poll/poller.go
@@ -16,8 +16,8 @@ import (
 	"gitea.com/gitea/runner/internal/pkg/config"
 	"gitea.com/gitea/runner/internal/pkg/metrics"
 	runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
 	"connectrpc.com/connect"
 	runnerv1 "gitea.dev/actions-proto-go/runner/v1"
 	log "github.com/sirupsen/logrus"
 )
--- a/internal/app/poll/poller_test.go
+++ b/internal/app/poll/poller_test.go
@@ -14,8 +14,8 @@ import (
 	"gitea.com/gitea/runner/internal/pkg/client/mocks"
 	"gitea.com/gitea/runner/internal/pkg/config"
 	runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
 	connect_go "connectrpc.com/connect"
 	runnerv1 "gitea.dev/actions-proto-go/runner/v1"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/mock"
 	"github.com/stretchr/testify/require"
--- a/internal/app/run/runner.go
+++ b/internal/app/run/runner.go
@@ -22,6 +22,7 @@ import (
 	"gitea.com/gitea/runner/act/artifactcache"
 	"gitea.com/gitea/runner/act/common"
 	"gitea.com/gitea/runner/act/container"
 	"gitea.com/gitea/runner/act/model"
 	"gitea.com/gitea/runner/act/runner"
 	"gitea.com/gitea/runner/internal/pkg/client"
@@ -31,12 +32,24 @@ import (
 	"gitea.com/gitea/runner/internal/pkg/report"
 	"gitea.com/gitea/runner/internal/pkg/ver"
 	runnerv1 "code.gitea.io/actions-proto-go/runner/v1"
 	"connectrpc.com/connect"
-	"github.com/moby/moby/api/types/container"
+	runnerv1 "gitea.dev/actions-proto-go/runner/v1"
 	docker_container "github.com/moby/moby/api/types/container"
 	log "github.com/sirupsen/logrus"
 )
 // CapabilityCancelling tells the server this runner understands the
 // transitional cancelling state and will run post-step cleanup before
 // finalizing a task as RESULT_CANCELLED.
 const CapabilityCancelling = "cancelling"
 // RunnerCapabilities are the capability flags this runner advertises to the
 // server during registration and declaration. The server uses them to enable
 // transitional features that require runner-side support.
 func RunnerCapabilities() []string {
 	return []string{CapabilityCancelling}
 }
 // Runner runs the pipeline.
 type Runner struct {
 	name string
@@ -47,6 +60,7 @@ type Runner struct {
 	labels       labels.Labels
 	envs         map[string]string
 	cacheHandler *artifactcache.Handler
 	capabilities string
 	runningTasks            sync.Map
 	runningCount            atomic.Int64
@@ -114,15 +128,22 @@ func (r *Runner) OnIdle(ctx context.Context) {
 	if !r.shouldRunIdleCleanup() {
 		return
 	}
-	workdirParent := strings.TrimLeft(r.cfg.Container.WorkdirParent, "/")
+	// Bind-workdir mode: reclaim stale per-task workspace dirs (numeric task IDs).
-	workdirRoot := filepath.FromSlash("/" + workdirParent)
+	if r.cfg.Container.BindWorkdir {
-	r.cleanupStaleTaskDirs(ctx, workdirRoot)
+		workdirParent := strings.TrimLeft(r.cfg.Container.WorkdirParent, "/")
 		workdirRoot := filepath.FromSlash("/" + workdirParent)
 		r.cleanupStaleDirs(ctx, workdirRoot, isTaskIDDir)
 	}
 	// Host mode: reclaim per-job scratch dirs left behind when HostEnvironment
 	// cleanup timed out (e.g. a delete stalled by an AV/EDR filter driver). They
 	// sit under the host workdir parent alongside the shared tool_cache, which
 	// the name match leaves untouched. No-op when no host-mode job ever ran.
 	if hostRoot := filepath.FromSlash(r.cfg.Host.WorkdirParent); hostRoot != "" {
 		r.cleanupStaleDirs(ctx, hostRoot, isHostScratchDir)
 	}
 }
 func (r *Runner) shouldRunIdleCleanup() bool {
 	if !r.cfg.Container.BindWorkdir {
 		return false
 	}
 	if r.cfg.Runner.WorkdirCleanupAge <= 0 || r.cfg.Runner.IdleCleanupInterval <= 0 {
 		return false
 	}
@@ -142,18 +163,52 @@ func (r *Runner) shouldRunIdleCleanup() bool {
 	}
 }
 // cleanupStaleTaskDirs reclaims stale bind-workdir per-task directories under
 // workdirRoot. Retained as a thin wrapper so existing callers and tests keep a
 // stable entry point.
 func (r *Runner) cleanupStaleTaskDirs(ctx context.Context, workdirRoot string) {
-	entries, err := os.ReadDir(workdirRoot)
+	r.cleanupStaleDirs(ctx, workdirRoot, isTaskIDDir)
 }
 // isTaskIDDir reports whether name is a per-task workspace dir (numeric task
 // ID). Any other directory is skipped to avoid deleting operator-managed data
 // under workdir_root.
 func isTaskIDDir(name string) bool {
 	_, err := strconv.ParseUint(name, 10, 64)
 	return err == nil
 }
 // isHostScratchDir reports whether name is a per-job host-mode scratch dir:
 // hex.EncodeToString of 8 random bytes, i.e. exactly 16 lowercase hex chars
 // (see startHostEnvironment in act/runner/run_context.go). The narrow match
 // leaves the sibling shared "tool_cache" dir and any operator data untouched.
 func isHostScratchDir(name string) bool {
 	if len(name) != 16 {
 		return false
 	}
 	for _, c := range name {
 		if (c < '0' || c > '9') && (c < 'a' || c > 'f') {
 			return false
 		}
 	}
 	return true
 }
 // cleanupStaleDirs removes immediate child directories of root that match and
 // whose mtime is older than WorkdirCleanupAge. It is a no-op when root does not
 // exist yet (the runner has never written there).
 func (r *Runner) cleanupStaleDirs(ctx context.Context, root string, match func(name string) bool) {
 	entries, err := os.ReadDir(root)
 	if err != nil {
 		if errors.Is(err, os.ErrNotExist) {
 			return
 		}
-		log.Warnf("failed to list task workspace root %s for stale cleanup: %v", workdirRoot, err)
+		log.Warnf("failed to list directory %s for stale cleanup: %v", root, err)
 		return
 	}
 	// A task may begin between shouldRunIdleCleanup's running-count check and
-	// the loop below. That is safe because new task dirs are created with the
+	// the loop below. That is safe because new dirs are created with the
 	// current mtime and therefore fall on the keep side of cutoff.
 	cutoff := r.now().Add(-r.cfg.Runner.WorkdirCleanupAge)
 	for _, entry := range entries {
@@ -163,28 +218,34 @@ func (r *Runner) cleanupStaleTaskDirs(ctx context.Context, workdirRoot string) {
 		if !entry.IsDir() {
 			continue
 		}
-		// Task workspaces are indexed by numeric task IDs; skip any other
+		if !match(entry.Name()) {
 		// directories to avoid deleting operator-managed data under workdir_root.
 		if _, err := strconv.ParseUint(entry.Name(), 10, 64); err != nil {
 			continue
 		}
 		info, err := entry.Info()
 		if err != nil {
-			log.Warnf("failed to stat task workspace %s: %v", filepath.Join(workdirRoot, entry.Name()), err)
+			log.Warnf("failed to stat %s: %v", filepath.Join(root, entry.Name()), err)
 			continue
 		}
 		if info.ModTime().After(cutoff) {
 			continue
 		}
-		taskDir := filepath.Join(workdirRoot, entry.Name())
+		dir := filepath.Join(root, entry.Name())
-		if err := os.RemoveAll(taskDir); err != nil {
+		if err := os.RemoveAll(dir); err != nil {
-			log.Warnf("failed to clean stale task workspace %s: %v", taskDir, err)
+			log.Warnf("failed to clean stale directory %s: %v", dir, err)
 			continue
 		}
-		log.Infof("cleaned stale task workspace %s", taskDir)
+		log.Infof("cleaned stale directory %s", dir)
 	}
 }
 func (r *Runner) SetCapabilitiesFromDeclare(resp *connect.Response[runnerv1.DeclareResponse]) {
 	if resp == nil {
 		return
 	}
 	// Capability negotiation is done via response headers to avoid a hard proto bump.
 	r.capabilities = strings.TrimSpace(resp.Header().Get("X-Gitea-Actions-Capabilities"))
 }
 func (r *Runner) Run(ctx context.Context, task *runnerv1.Task) error {
 	if _, ok := r.runningTasks.Load(task.Id); ok {
 		return fmt.Errorf("task %d is already running", task.Id)
@@ -219,9 +280,10 @@ func (r *Runner) Run(ctx context.Context, task *runnerv1.Task) error {
 }
 func (r *Runner) cloneEnvs() map[string]string {
-	// +3 reserves space for the per-task keys injected by run():
+	// Reserve space for the per-task keys injected by run():
-	// ACTIONS_ID_TOKEN_REQUEST_URL, ACTIONS_ID_TOKEN_REQUEST_TOKEN, ACTIONS_RUNTIME_TOKEN.
+	// ACTIONS_ID_TOKEN_REQUEST_URL, ACTIONS_ID_TOKEN_REQUEST_TOKEN, ACTIONS_RUNTIME_TOKEN,
-	envs := make(map[string]string, len(r.envs)+3)
+	// GITEA_ACTIONS_CAPABILITIES, GITEA_RUN_ID.
 	envs := make(map[string]string, len(r.envs)+5)
 	maps.Copy(envs, r.envs)
 	return envs
 }
@@ -261,6 +323,13 @@ func (r *Runner) run(ctx context.Context, task *runnerv1.Task, reporter *report.
 	taskContext := task.Context.Fields
 	envs := r.cloneEnvs()
 	if r.capabilities != "" {
 		envs["GITEA_ACTIONS_CAPABILITIES"] = r.capabilities
 	}
 	if v := taskContext["run_id"].GetStringValue(); v != "" {
 		envs["GITEA_RUN_ID"] = v
 	}
 	log.Infof("task %v repo is %v %v %v", task.Id, taskContext["repository"].GetStringValue(),
 		r.getDefaultActionsURL(task),
 		r.client.Address())
@@ -350,22 +419,26 @@ func (r *Runner) run(ctx context.Context, task *runnerv1.Task, reporter *report.
 		AllocatePTY:       r.cfg.Runner.AllocatePTY,
 		ActionOfflineMode: r.cfg.Cache.OfflineMode,
-		ReuseContainers:       false,
+		ReuseContainers:      false,
-		ForcePull:             r.cfg.Container.ForcePull,
+		ForcePull:            r.cfg.Container.ForcePull,
-		ForceRebuild:          r.cfg.Container.ForceRebuild,
+		ForceRebuild:         r.cfg.Container.ForceRebuild,
-		LogOutput:             true,
+		LogOutput:            true,
-		JSONLogger:            false,
+		JSONLogger:           false,
-		Env:                   envs,
+		Env:                  envs,
-		Secrets:               task.Secrets,
+		Secrets:              task.Secrets,
-		GitHubInstance:        strings.TrimSuffix(r.client.Address(), "/"),
+		GitHubInstance:       strings.TrimSuffix(r.client.Address(), "/"),
-		AutoRemove:            true,
+		AutoRemove:           true,
-		NoSkipCheckout:        true,
+		NoSkipCheckout:       true,
-		PresetGitHubContext:   preset,
+		PresetGitHubContext:  preset,
-		EventJSON:             string(eventJSON),
+		EventJSON:            string(eventJSON),
-		ContainerNamePrefix:   fmt.Sprintf("GITEA-ACTIONS-TASK-%d", task.Id),
+		ContainerNamePrefix:  fmt.Sprintf("GITEA-ACTIONS-TASK-%d", task.Id),
-		ContainerMaxLifetime:  maxLifetime,
+		ContainerMaxLifetime: maxLifetime,
-		CleanWorkdir:          true,
+		CleanWorkdir:         true,
-		ContainerNetworkMode:  container.NetworkMode(r.cfg.Container.Network),
+		ContainerNetworkMode: docker_container.NetworkMode(r.cfg.Container.Network),
 		ContainerNetworkCreateOptions: container.NewDockerNetworkCreateExecutorInput{
 			EnableIPv4: r.cfg.Container.NetworkCreateOptions.EnableIPv4,
 			EnableIPv6: r.cfg.Container.NetworkCreateOptions.EnableIPv6,
 		},
 		ContainerOptions:      r.cfg.Container.Options,
 		ContainerDaemonSocket: r.cfg.Container.DockerHost,
 		Privileged:            r.cfg.Container.Privileged,
@@ -487,7 +560,8 @@ func (r *Runner) RunningCount() int64 {
 func (r *Runner) Declare(ctx context.Context, labels []string) (*connect.Response[runnerv1.DeclareResponse], error) {
 	return r.client.Declare(ctx, connect.NewRequest(&runnerv1.DeclareRequest{
-		Version: ver.Version(),
+		Version:      ver.Version(),
-		Labels:  labels,
+		Labels:       labels,
 		Capabilities: RunnerCapabilities(),
 	}))
 }
--- a/Show More
+++ b/Show More
`@@ -1,4 +1,4 @@`
	`FROM alpine:3.23`	`FROM alpine:3.24`

	`COPY entrypoint.sh /entrypoint.sh`	`COPY entrypoint.sh /entrypoint.sh`