Release v2.3.1

Changes in v2.3.1

• feat(ci): align release workflow cache with ci-cd pipeline (d3e9d32)

Release v2.3.0

Changes in v2.3.0

• release: Promote develop to main (Multi-arch support + fixes) (066b085)
• fix(release): Add multi-architecture support to release pipeline (8d0e11c)
• Release: Dependabot automation, CI/CD improvements, and dependency updates (#1042) (b8c54e3)
• chore(deps): bump Node.js to 24.11.1 and npm to 11.6.2 in Chrome runners (#1037) (bb5453d)

Release v2.2.1

Changes in v2.2.1

• chore(release): Release v2.2.1 (#1035) (683016b)
• chore(release): Merge container tagging fix and PR workflow improvements (#1034) (cc56459)

Release v2.2.0

Changes in v2.2.0

• chore(release): Promote develop to main for v2.2.0 (#1031) (5ffbaee)
• chore(release): promote develop to main (v2.0.9) (#1029) (70af46b)
• Revert "chore(release): promote develop to main (#1023)" (#1025) (291f7ab)
• chore(release): promote develop to main (#1023) (efa6757)
• chore(release): promote develop to main (#1021) (534e98a)
• release: promote develop to main (#1018) (e3fb4ac)
• release: promote develop to main (#1016) (0568fcc)
• Release v2.2.0: Super Linter, Chrome-Go Runner, Enhanced Testing (#1014) (4598c4b)
• promote dev to main (#1006) (b2d452d)
• Update coffee donation link to lowercase username (36296e1)
• Develop (#999) (c9c4917)
• chore(deps)(deps): bump actions/github-script from 6 to 8 (#997) (d32bcac)
• chore(deps)(deps): bump actions/checkout from 3 to 5 (#996) (6b8170a)
• Release: Promote integrated changes from develop to main (#998) (724c7bb)
• Removes duplicate commit-message block in config (61d69d3)
• docs: update FUNDING.yml and clean up dependabot.yml configuration (a46ae3f)
• chore(deps)(deps): bump docker/build-push-action from 5 to 6 (#995) (af23ec6)
• Comprehensive Integration: All Changes from Develop into Main (#994) (04d82e0)
• docs: correct base OS version in VERSION_OVERVIEW.md test (c80120b)
• ci(docs): create PR via shell/curl to avoid node module dependency in github-script (720cf45)
• docs: automated documentation and wiki sync (#993) (b673014)
• ci(docs): avoid duplicate core/exec declarations in github-script block (0d994e9)
• ci(docs): fix github-script naming collision and ensure core available (20d5de1)
• ci(docs): run auto-sync only on develop pushes and workflow_dispatch (185e4f0)
• ci(docs): update auto-sync to update existing auto-sync PR branch or create new PR when needed (d4968bf)
• ci(docs): create PR for docs/wiki changes when diffs detected (auto-sync) (4bc06db)
• ci(docs): allow workflow to create issues for docs/wiki patches (issues: write) (f11c00c)
• fix: update auto-sync workflow to create an issue with documentation and wiki patch instead of a pull request (c5962b9)
• ci(docs): make auto-sync create PR only when docs/wiki changed and avoid bot direct push (fe1f24d)
• docs: update documentation to reflect changes in base image and deployment instructions (7d02309)
• ci: update auto-sync-docs workflow to use actions/upload-artifact@v4 (#991) (c18191a)

Release v2.1.0

Changes in v2.1.0

• fix: update cache-from references in Docker build steps to use registry format (4ef575c)
• fix: remove tag trigger from CI/CD workflow to streamline push events (f4bb453)
• fix: remove workflow_run trigger from release management workflow (b6ac2e3)
• fix: update release and CI/CD workflows to streamline Docker image caching and tagging (a891e83)
• fix: refactor release workflow to separate standard and chrome artifact builds (5ec6b11)
• fix: enhance SBOM generation and upload steps for standard and Chrome images (13081a3)
• fix: update Chrome image tagging in release workflow to include version suffix (65cf843)
• fix: update release workflow to restrict Docker build platforms to linux/amd64 (2fd277e)
• fix: add build and push steps for runner and chrome images in release workflow (4296f67)
• chore: add manual workflow dispatch inputs for release workflow (c78a0bb)
• fix: release workflow covers all runner images, output references, and artifact retention (42fdac0)
• docs: update base OS and component versions for standard and Chrome runners (Questing 25.10) (0dcac9e)
• fix: optimize APT setup by adding autoremove and clean commands to reduce image size (b85ab3c)
• fix: optimize APT setup by removing cached lists to reduce image size (a30d796)
• fix: restrict maintenance-summary.md output to test-results only (no root output) (fa8986a)
• docs: comprehensive update for questing base image, CVE mitigation, Trivy scan workflow, and audit strategy (7e6f3f3)
• docs: document questing base image, CVE mitigation, Trivy scan workflow, and audit strategy (131bdeb)
• maintenance summary: add set +e and exit 0 for robust job success (no-cicd) (4de14ea)
• fix: robust maintenance summary step (echo-based output) (2803179)
• no-cicd (41173c5)
• Add debug output and test file write to diagnose maintenance summary step failure (96ec2b7)
• Output maintenance summary to docs/maintenance/maintenance-summary.md (a5fb1ef)
• Fix maintenance summary step: set shell to bash for array/arithmetic syntax (66dba5c)
• Suppress root user warning: validate final USER in Dockerfiles is non-root in maintenance workflow (29bf1b6)
• Accept root user warning in maintenance workflow; all jobs and security posture validated (ad97835)
• Clarify final image runs as unprivileged runner user in Dockerfiles; suppress root user warning for CI/CD (44c917e)
• Fix final broken Chrome-Runner link in Home.md for green pipeline (bab512a)
• Remove all [missing doc] links and fix internal links for CI/CD compliance (04f4e91)
• Fix broken internal links in wiki-content markdown files; add .md extension and mark missing docs (75014b4)
• Fix broken internal links in Common-Issues.md; add .md extension and mark missing docs (a47acd2)
• Remove broken links and update references in Docker-Configuration.md (7c23f7b)
• Remove corrupted README file to resolve maintenance workflow errors (de46418)
• Fix broken documentation links and clarify Dockerfile root usage; ensure final USER is runner (e3e1d9d)
• Develop Branch Updates (#986) (202804e)
• fix: resolve shellcheck warnings in test script - quote /Users/grammatonic/Git/Private/github-runner and define TIMESTAMP early (7732f15)
• feat: add sha.js@2.4.12 to global npm packages in Dockerfile.chrome (39d0a9a)
• test: add Trivy security scan to Chrome runner local test script (b79830b)
• Develop (#985) (ecf7749)
• docs: extensive update to VERSION_OVERVIEW.md for Ubuntu 24.04, v2.0.2, Node.js 24.7.0, and architecture enforcement (84be599)
• docs: update Chrome Runner documentation for Ubuntu 24.04 and Node.js 24.7.0, including architecture enforcement and version updates (ecff460)
• docs: update VERSION_OVERVIEW.md for Ubuntu 24.04, v2.0.2, Node.js 24.7.0, and architecture enforcement (b5489f2)
• Update Chrome Runner: Ubuntu 24.04, Node.js 24.7.0, dependency fixes (#984) (7a998a9)
• docs: update README.md and add release notes for v2.0.2 (de6f040)
• docs: add release notes for version 2.0.2 (b7462ad)

v2.0.2 Fixed Chrome runner

Release Notes v2.0.2

Release Date: September 10, 2025

Highlights

• All changes from develop branch merged into main.
• Documentation structure validated (see scripts/check-docs-structure.sh).
• Branch protection and CI/CD pipeline enforced for release integrity.
• Tag v2.0.2 created and pushed to remote.

Upgrade Notes

• Follow standard deployment steps in DEPLOYMENT.md.
• No breaking changes; safe for production rollout.

Changelog

• See CHANGELOG.md for detailed commit history and changes included in this release.

---

This release follows DevOps best practices for automation, measurement, and reliability. For questions or rollback instructions, refer to SECURITY_ADVISORY_WORKFLOW.md and RUNNER_SELF_TEST.md.

GitHub Runner v2.0.0 - Major Security & Automation Release

GitHub Runner v2.0.0 - Major Security & Automation Release

🔒 Security Improvements

• CVE-2020-36632: Fixed critical prototype pollution vulnerability in flat@5.0.2
• CVE-2025-9288: Resolved path traversal issue in ws@8.17.1
• CVE-2024-37890: Applied security patch for ws package
• sha.js@2.4.12: Updated to address potential security concerns

🤖 Automation & Workflow Enhancements

• Enhanced Maintenance Workflow: Added comprehensive automation with 6 jobs
• Automated Version Tracking: Dynamic version detection and documentation updates
• Security Monitoring: Integrated Trivy vulnerability scanning
• Health Checks: Automated infrastructure monitoring
• Cleanup Automation: Scheduled artifact and cache management

📚 Documentation & Organization

• VERSION_OVERVIEW.md: New comprehensive version tracking system
• Enhanced README: Added version tables and security status indicators
• Wiki Synchronization: Updated all wiki content with latest versions
• Improved Structure: Better organized documentation hierarchy

🛠️ Infrastructure Updates

• Docker Images: Updated base images with security patches
• Chrome Runner: Enhanced browser testing capabilities
• Monitoring: Added Prometheus and Grafana configurations
• Cache Management: Improved build and dependency caching

⚠️ Breaking Changes

• Updated minimum security standards
• Enhanced branch protection requirements
• Modified default runner configurations

🔄 Migration Guide

See docs/VERSION_OVERVIEW.md for detailed upgrade instructions and compatibility information.

🙏 Acknowledgments

Special thanks to the security community for vulnerability reports and the development team for comprehensive testing.

GitHub Runner v1.1.0 - Chrome Runner & Infrastructure Improvements

🚀 GitHub Runner v1.1.0 - Major Infrastructure Release

🌟 Major Features

🔧 Chrome Runner Implementation

• Dedicated Chrome Runner for web UI testing (Selenium, Playwright, Cypress)
• Optimized Browser Configuration with headless Chrome support
• Enhanced Performance for UI test automation workflows
• Specialized Container with pre-installed Chrome and browser testing tools
• Resource Optimization with dedicated memory allocation for browser processes

🏗️ Infrastructure Improvements

• Enhanced Docker Containerization with multi-stage builds
• Comprehensive CI/CD Pipeline with security scanning
• Monitoring Stack integration (Prometheus & Grafana)
• Branch Protection System with automated quality gates
• Multi-Environment Deployment support

🛡️ Security & Code Quality

• Comprehensive Security Scanning with multiple tools
• Docker Linting & Validation with Hadolint compliance
• ShellCheck Compliance for all shell scripts
• Automated Code Quality improvements and validation
• Vulnerability Assessment integration

📊 Release Statistics

• 27+ Commits merged from develop branch
• 12+ Files updated with comprehensive improvements
• Enhanced CI/CD Workflows with security scanning
• Production-Ready container orchestration
• Monitoring Capabilities for operational insights

🔧 Technical Enhancements

Docker & Containerization

• Multi-stage Dockerfile optimization
• Enhanced docker-compose configurations
• Improved build scripts with error handling
• Container health checks and monitoring

CI/CD Pipeline

• Automated security scanning workflows
• Docker image vulnerability assessment
• Code quality validation gates
• Multi-platform build support

Documentation & Wiki

• Comprehensive wiki documentation
• Updated README with clear instructions
• Production deployment guides
• Troubleshooting and common issues documentation

🚀 Quick Start

Standard Runner

# Clone and setup
git clone https://github.com/GrammaTonic/github-runner.git
cd github-runner

# Configure environment
cp config/runner.env.template config/runner.env
# Edit config/runner.env with your GitHub token and repository

# Deploy
docker-compose up -d

Chrome Runner (for Web UI Testing)

# Use Chrome runner profile
docker-compose --profile chrome up -d

# Or build Chrome-specific image
docker-compose -f docker/docker-compose.chrome.yml up -d

🎯 Use Cases

Perfect For:

• Web UI Testing with Selenium, Playwright, Cypress
• CI/CD Pipelines requiring browser automation
• Self-Hosted Runners with enhanced capabilities
• Development Teams needing reliable runner infrastructure
• Organizations requiring security-hardened CI/CD

Key Benefits:

• ⚡ Faster UI Tests with dedicated Chrome runner
• 🔒 Enhanced Security with comprehensive scanning
• 📊 Monitoring & Observability built-in
• 🛠️ Easy Deployment with Docker Compose
• 📚 Comprehensive Documentation and guides

🔄 Migration from v1.0.x

1. Update Repository:

   git pull origin main

2. Update Configurations:

   • Review updated docker-compose.yml
   • Check new environment variables in config/
   • Update any custom build scripts

3. Deploy New Version:

   docker-compose down
   docker-compose pull
   docker-compose up -d

🐛 Bug Fixes

• Fixed Docker Compose command syntax in CI workflows
• Resolved shellcheck warnings and improved validation
• Fixed Docker tag format in CI metadata generation
• Improved error handling in deployment scripts
• Enhanced SSL certificate handling for secure builds

📚 Documentation Updates

• Comprehensive wiki with deployment guides
• Updated README with clear setup instructions
• Production deployment best practices
• Troubleshooting and common issues documentation
• Enhanced GitHub Actions workflows documentation

🔗 Useful Links

• 📖 Wiki Documentation
• 🚀 Quick Start Guide
• 🏭 Production Deployment
• 🔧 Docker Configuration
• ❓ Common Issues

🎉 What's Next?

Coming in v1.2.0:

• Enhanced security framework with AppArmor/Seccomp profiles
• Automated dependency vulnerability management
• Advanced monitoring and alerting capabilities
• Multi-repository runner support
• Performance optimization for large-scale deployments

---

⭐ If this release helps your team, please consider starring the repository!

🐛 Found an issue? Please report it in our Issues section.

💬 Questions? Check our Wiki or start a Discussion.

Thank you for using GitHub Runner! 🚀

v1.0.1 - Documentation Improvements

📚 GitHub Actions Self-Hosted Runner v1.0.1

What's Changed

This patch release improves the project documentation and README for better user experience.

📝 Documentation Improvements

• Added Status Badges: GitHub release, Docker image, CI/CD pipeline, and license badges
• Enhanced Installation Options:
  • Git clone instructions
  • GitHub CLI installation
  • Release archive download
• Updated Repository URLs: All placeholder URLs now point to the actual repository
• Improved Readability: Better formatting and organization of installation instructions

🔗 Quick Installation

# Using Git Clone
git clone https://github.com/GrammaTonic/github-runner.git
cd github-runner

# Using GitHub CLI  
gh repo clone GrammaTonic/github-runner
cd github-runner

# Using Release Archive
wget https://github.com/GrammaTonic/github-runner/archive/v1.0.1.tar.gz
tar -xzf v1.0.1.tar.gz
cd github-runner-1.0.1

🔄 Migration from v1.0.0

No breaking changes - this is a documentation-only release. All existing installations continue to work without modifications.

Full Changelog: v1.0.0...v1.0.1

v1.0.0 - Initial Production Release

🚀 GitHub Actions Self-Hosted Runner v1.0.0

Overview

This is the initial production-ready release of the GitHub Actions Self-Hosted Runner project. This release provides a complete, enterprise-grade solution for deploying and managing GitHub Actions runners using Docker containers.

🎯 Key Features

🏗️ Core Infrastructure

• Docker-based Runners: Multi-stage Docker builds with Ubuntu 22.04 base
• Multi-platform Support: AMD64 and ARM64 architectures
• Container Orchestration: Docker Compose with scaling capabilities
• Health Monitoring: Built-in health checks and monitoring endpoints

🔒 Security & Compliance

• Branch Protection System: Enterprise-grade protection rules with emergency bypass
• Security Scanning: Trivy filesystem and container vulnerability scanning
• Secret Detection: TruffleHog integration for secret scanning
• Code Review Requirements: Mandatory reviews with CODEOWNERS enforcement
• Audit Logging: Complete audit trail for all emergency actions

🔄 CI/CD Pipeline

• Automated Testing: Unit, integration, and configuration tests
• Multi-stage Validation: Linting, security scanning, and container scanning
• Automated Deployment: Staging and production environment deployments
• Build Optimization: GitHub Actions cache and multi-platform builds

🛠️ Management Tools

• Deployment Scripts: Automated deployment, scaling, and management
• Emergency Procedures: Branch protection bypass and restoration tools
• Build Automation: Multi-platform image building and registry publishing
• Monitoring Integration: Prometheus and Grafana dashboard configurations

📚 Documentation

• Comprehensive Guides: Setup, deployment, and operational documentation
• Branch Protection Guide: Complete workflow and emergency procedures
• API Documentation: Health check and metrics endpoints
• Troubleshooting: Common issues and resolution procedures

🏃‍♂️ Quick Start

# Clone the repository
git clone https://github.com/GrammaTonic/github-runner.git
cd github-runner

# Configure environment
cp config/runner.env.template config/runner.env
# Edit config/runner.env with your GitHub token and repository

# Start runners
./scripts/deploy.sh start -s 3

# Check status
./scripts/deploy.sh status

🔧 System Requirements

• Docker 20.10+ and Docker Compose v2
• GitHub Personal Access Token with repo permissions
• 4GB+ RAM and 2+ CPU cores recommended
• Linux, macOS, or Windows with WSL2

📋 What's Included

Core Components

• docker/Dockerfile - Multi-stage runner image
• docker/docker-compose.yml - Container orchestration
• docker/entrypoint.sh - Runner lifecycle management

Management Scripts

• scripts/deploy.sh - Deployment and scaling operations
• scripts/build.sh - Image building and publishing
• scripts/emergency-bypass.sh - Emergency branch protection bypass
• scripts/restore-branch-protection.sh - Protection restoration

Configuration

• config/runner.env.template - Environment configuration template
• config/docker.env - Docker-specific configuration
• .github/CODEOWNERS - Code review assignments

CI/CD

• .github/workflows/ci-cd.yml - Main CI/CD pipeline
• .github/workflows/monitoring.yml - Protection monitoring
• Security scanning and automated testing

Documentation

• README.md - Project overview and quick start
• BRANCH_PROTECTION_GUIDE.md - Comprehensive workflow guide
• docs/ - Detailed documentation and guides

🛡️ Security Features

• Zero Direct Pushes: All changes require pull request review
• Multi-Layer Validation: CI/CD + human review for all changes
• Emergency Procedures: Controlled bypass for critical incidents
• Automated Security: Continuous scanning and vulnerability detection
• Compliance Ready: Enterprise-grade controls and documentation

🚀 Deployment Options

• Local Development: Single or multi-runner setup
• Cloud Deployment: AWS, GCP, Azure support
• Kubernetes: Container orchestration ready
• Production: High-availability with monitoring

🔍 Monitoring & Observability

• Health check endpoints
• Prometheus metrics collection
• Grafana dashboard configurations
• Container resource monitoring
• Audit logging and compliance reporting

🆘 Support

• 📖 Documentation
• 🐛 Issue Tracker
• 💬 Discussions

🙏 Acknowledgments

• GitHub Actions team for the excellent runner software
• Docker community for containerization best practices
• Prometheus and Grafana teams for monitoring tools

---

Made with ❤️ for the GitHub Actions community