diff --git a/.forgejo/workflows/build-ipcei.yml b/.forgejo/workflows/build-ipcei.yml
new file mode 100644
index 00000000..d2a754ba
--- /dev/null
+++ b/.forgejo/workflows/build-ipcei.yml
@@ -0,0 +1,27 @@
+name: ci
+
+on:
+  push:
+    tags:
+      - v*
+
+jobs:
+  goreleaser:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Set up Go
+        uses: actions/setup-go@v6
+        with:
+          go-version: ">=1.25.1"
+      - name: Test code
+        run: make test
+      - name: Run GoReleaser
+        uses: https://github.com/goreleaser/goreleaser-action@v6
+        env:
+          GITEA_TOKEN: ${{ secrets.PACKAGES_TOKEN }}
+        with:
+          args: release --clean
diff --git a/.forgejo/workflows/build-release-integration.yml b/.forgejo/workflows/build-release-integration.yml
index 0a1c216b..4f387998 100644
--- a/.forgejo/workflows/build-release-integration.yml
+++ b/.forgejo/workflows/build-release-integration.yml
@@ -19,7 +19,7 @@ on:
 enable-email-notifications: true
 
 env:
-  FORGEJO_VERSION: 11.0.6 # renovate: datasource=docker depName=code.forgejo.org/forgejo/forgejo
+  FORGEJO_VERSION: 11.0.7 # renovate: datasource=docker depName=code.forgejo.org/forgejo/forgejo
 
 jobs:
   release-simulation:
diff --git a/.forgejo/workflows/docker-build-push-action-in-lxc.yml b/.forgejo/workflows/docker-build-push-action-in-lxc.yml
index ec8469ca..dc1fe14b 100644
--- a/.forgejo/workflows/docker-build-push-action-in-lxc.yml
+++ b/.forgejo/workflows/docker-build-push-action-in-lxc.yml
@@ -21,7 +21,7 @@ on:
 enable-email-notifications: true
 
 env:
-  FORGEJO_VERSION: 11.0.6 # renovate: datasource=docker depName=code.forgejo.org/forgejo/forgejo
+  FORGEJO_VERSION: 11.0.7 # renovate: datasource=docker depName=code.forgejo.org/forgejo/forgejo
   FORGEJO_USER: root
   FORGEJO_PASSWORD: admin1234
 
diff --git a/.forgejo/workflows/example-lxc-systemd.yml b/.forgejo/workflows/example-lxc-systemd.yml
index c8907609..ba3c6a5d 100644
--- a/.forgejo/workflows/example-lxc-systemd.yml
+++ b/.forgejo/workflows/example-lxc-systemd.yml
@@ -14,7 +14,7 @@ env:
   SERIAL: "30"
   LIFETIME: "60"
   SYSTEMD_OPTIONS: "--no-pager --full"
-  USE_VERSION: 11.0.6 # renovate: datasource=docker depName=code.forgejo.org/forgejo/forgejo
+  USE_VERSION: 11.0.7 # renovate: datasource=docker depName=code.forgejo.org/forgejo/forgejo
 
 jobs:
   example-lxc-systemd:
diff --git a/.goreleaser.yaml b/.goreleaser.yaml
new file mode 100644
index 00000000..b7116d9b
--- /dev/null
+++ b/.goreleaser.yaml
@@ -0,0 +1,60 @@
+version: 2
+
+before:
+  hooks:
+    - go mod download
+
+builds:
+  - env:
+      - CGO_ENABLED=0
+    goos:
+      - linux
+      - darwin
+      - windows
+    goarch:
+      - amd64
+      - arm64
+
+archives:
+  - formats: [binary]
+    # this name template makes the OS and Arch compatible with the results of `uname`.
+    name_template: >-
+      {{ .ProjectName }}_
+      {{- title .Os }}_
+      {{- if eq .Arch "amd64" }}x86_64
+      {{- else if eq .Arch "386" }}i386
+      {{- else }}{{ .Arch }}{{ end }}
+      {{- if .Arm }}v{{ .Arm }}{{ end }}
+
+changelog:
+  abbrev: 10
+  filters:
+    exclude:
+      - "^docs:"
+      - "^test:"
+  format: "{{.SHA}}: {{.Message}}"
+  groups:
+    - title: Features
+      regexp: '^.*?feat(\([[:word:]]+\))??!?:.+$'
+      order: 0
+    - title: "Bug fixes"
+      regexp: '^.*?fix(\([[:word:]]+\))??!?:.+$'
+      order: 1
+    - title: "Chores"
+      regexp: '^.*?chore(\([[:word:]]+\))??!?:.+$'
+      order: 2
+    - title: Others
+      order: 999
+  sort: asc
+
+release:
+  gitea:
+    owner: DevFW-CICD
+    name: runner
+
+force_token: gitea
+gitea_urls:
+  api: https://edp.buildth.ing/api/v1
+  download: https://edp.buildth.ing
+  # set to true if you use a self-signed certificate
+  skip_tls_verify: false
diff --git a/Dockerfile b/Dockerfile
index bcfe98f5..2c654211 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,6 @@
 FROM --platform=$BUILDPLATFORM data.forgejo.org/oci/xx AS xx
 
-FROM --platform=$BUILDPLATFORM data.forgejo.org/oci/golang:1.24-alpine3.22 AS build-env
+FROM --platform=$BUILDPLATFORM data.forgejo.org/oci/golang:1.25-alpine3.22 AS build-env
 
 #
 # Transparently cross compile for the target platform
diff --git a/act/artifactcache/handler.go b/act/artifactcache/handler.go
index 29ff61e3..cbc58d8f 100644
--- a/act/artifactcache/handler.go
+++ b/act/artifactcache/handler.go
@@ -9,7 +9,6 @@ import (
 	"net/http"
 	"strconv"
 	"strings"
-	"syscall"
 	"time"
 
 	"github.com/julienschmidt/httprouter"
@@ -25,7 +24,7 @@ const (
 
 var fatal = func(logger logrus.FieldLogger, err error) {
 	logger.Errorf("unrecoverable error in the cache: %v", err)
-	if err := syscall.Kill(syscall.Getpid(), syscall.SIGTERM); err != nil {
+	if err := suicide(); err != nil {
 		logger.Errorf("unrecoverable error in the cache: failed to send the TERM signal to shutdown the daemon %v", err)
 	}
 }
diff --git a/act/artifactcache/utils.go b/act/artifactcache/utils.go
new file mode 100644
index 00000000..37274a4e
--- /dev/null
+++ b/act/artifactcache/utils.go
@@ -0,0 +1,9 @@
+//go:build !windows
+
+package artifactcache
+
+import "syscall"
+
+func suicide() error {
+	return syscall.Kill(syscall.Getpid(), syscall.SIGTERM)
+}
diff --git a/act/artifactcache/utils_windows.go b/act/artifactcache/utils_windows.go
new file mode 100644
index 00000000..90b0f112
--- /dev/null
+++ b/act/artifactcache/utils_windows.go
@@ -0,0 +1,14 @@
+//go:build windows
+
+package artifactcache
+
+import "syscall"
+
+func suicide() error {
+	handle, err := syscall.GetCurrentProcess()
+	if err != nil {
+		return err
+	}
+
+	return syscall.TerminateProcess(handle, uint32(syscall.SIGTERM))
+}
diff --git a/act/runner/lxc-helpers-lib.sh b/act/runner/lxc-helpers-lib.sh
index cd855a89..4d3b959a 100755
--- a/act/runner/lxc-helpers-lib.sh
+++ b/act/runner/lxc-helpers-lib.sh
@@ -74,8 +74,6 @@ function lxc_transaction_begin() {
 
     lxc_transaction_lock
     lxc_container_destroy $draft
-
-    echo $draft
 }
 
 function lxc_transaction_commit() {
@@ -387,11 +385,14 @@ function lxc_running() {
 function lxc_build_template_release() {
     local name="$(lxc_template_release)"
 
+    lxc_transaction_begin $name
+
     if lxc_exists_and_apt_not_old $name; then
+        lxc_transaction_unlock
         return
     fi
 
-    local draft=$(lxc_transaction_begin $name)
+    local draft=$(lxc_transaction_draft_name)
     $LXC_SUDO lxc-create --name $draft --template debian -- --release=$LXC_CONTAINER_RELEASE
     echo 'lxc.apparmor.profile = unconfined' | $LXC_SUDO tee -a $(lxc_config $draft)
     lxc_container_install_lxc_helpers $draft
@@ -406,15 +407,17 @@ function lxc_build_template() {
     local name="$1"
     local newname="$2"
 
-    if lxc_exists_and_apt_not_old $newname; then
-        return
-    fi
-
     if test "$name" = "$(lxc_template_release)"; then
         lxc_build_template_release
     fi
 
-    local draft=$(lxc_transaction_begin $newname)
+    lxc_transaction_begin $name
+    if lxc_exists_and_apt_not_old $newname; then
+        lxc_transaction_unlock
+        return
+    fi
+
+    local draft=$(lxc_transaction_draft_name)
     if ! $LXC_SUDO lxc-copy --name=$name --newname=$draft; then
         echo lxc-copy --name=$name --newname=$draft failed
         return 1
diff --git a/act/runner/run_context.go b/act/runner/run_context.go
index 9e4c2981..dd72ff09 100644
--- a/act/runner/run_context.go
+++ b/act/runner/run_context.go
@@ -193,6 +193,8 @@ var lxcHelpers string
 
 var startTemplate = template.Must(template.New("start").Parse(`#!/bin/bash -e
 
+exec 5<>/tmp/forgejo-runner-lxc.lock ; flock --timeout 21600 5
+
 LXC_CONTAINER_CONFIG="{{.Config}}"
 LXC_CONTAINER_RELEASE="{{.Release}}"
 
diff --git a/act/runner/testdata/actions-environment-and-context-tests/docker/Dockerfile b/act/runner/testdata/actions-environment-and-context-tests/docker/Dockerfile
index bd8fcb22..f50a50da 100644
--- a/act/runner/testdata/actions-environment-and-context-tests/docker/Dockerfile
+++ b/act/runner/testdata/actions-environment-and-context-tests/docker/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3
+FROM code.forgejo.org/oci/alpine:latest
 
 COPY entrypoint.sh /entrypoint.sh
 
diff --git a/act/schema/schema_test.go b/act/schema/schema_test.go
index 9661b930..beb1c185 100644
--- a/act/schema/schema_test.go
+++ b/act/schema/schema_test.go
@@ -242,7 +242,7 @@ jobs:
     name: Build Silo Frontend DEV
     runs-on: ubuntu-latest
     container:
-      image: code.forgejo.org/oci/node:22-bookworm
+      image: code.forgejo.org/oci/${{ env.IMAGE }}
     uses: ./.forgejo/workflows/${{ vars.PATHNAME }}
     with:
       STAGE: dev
diff --git a/act/schema/workflow_schema.json b/act/schema/workflow_schema.json
index 56e7d5d4..99633cac 100644
--- a/act/schema/workflow_schema.json
+++ b/act/schema/workflow_schema.json
@@ -2008,7 +2008,7 @@
     },
     "container": {
       "description": "A container to run any steps in a job that don't already specify a container. If you have steps that use both script and container actions, the container actions will run as sibling containers on the same network with the same volume mounts.\n\nIf you do not set a container, all steps will run directly on the host specified by runs-on unless a step refers to an action configured to run in a container.",
-      "context": ["forge", "forgejo", "github", "inputs", "vars", "needs", "strategy", "matrix"],
+      "context": ["forge", "forgejo", "github", "inputs", "vars", "needs", "strategy", "matrix", "env"],
       "one-of": ["string", "container-mapping"]
     },
     "container-mapping": {
diff --git a/examples/lxc-systemd/forgejo-runner-service.sh b/examples/lxc-systemd/forgejo-runner-service.sh
index e949f3de..370d5fff 100755
--- a/examples/lxc-systemd/forgejo-runner-service.sh
+++ b/examples/lxc-systemd/forgejo-runner-service.sh
@@ -20,7 +20,7 @@ trap "rm -fr $TMPDIR" EXIT
 : ${INPUTS_TOKEN:=}
 : ${INPUTS_FORGEJO:=https://code.forgejo.org}
 : ${INPUTS_LIFETIME:=7d}
-DEFAULT_LXC_HELPERS_VERSION=1.1.1 # renovate: datasource=forgejo-tags depName=forgejo/lxc-helpers
+DEFAULT_LXC_HELPERS_VERSION=1.1.3 # renovate: datasource=forgejo-tags depName=forgejo/lxc-helpers
 : ${INPUTS_LXC_HELPERS_VERSION:=$DEFAULT_LXC_HELPERS_VERSION}
 DEFAULT_RUNNER_VERSION=11.1.2 # renovate: datasource=forgejo-releases depName=forgejo/runner
 : ${INPUTS_RUNNER_VERSION:=$DEFAULT_RUNNER_VERSION}
diff --git a/internal/app/job/job.go b/internal/app/job/job.go
index 6babd498..654bc154 100644
--- a/internal/app/job/job.go
+++ b/internal/app/job/job.go
@@ -36,11 +36,20 @@ func NewJob(cfg *config.Config, client client.Client, runner run.RunnerInterface
 }
 
 func (j *Job) Run(ctx context.Context) error {
-	task, ok := j.fetchTask(ctx)
-	if !ok {
-		return fmt.Errorf("could not fetch task")
+	log.Info("Polling for a job...")
+	for {
+		task, ok := j.fetchTask(ctx)
+		if ok {
+			return j.runTaskWithRecover(ctx, task)
+		}
+		// No task available, continue polling
+		select {
+		case <-ctx.Done():
+			return ctx.Err()
+		default:
+			// Continue to next iteration
+		}
 	}
-	return j.runTaskWithRecover(ctx, task)
 }
 
 func (j *Job) runTaskWithRecover(ctx context.Context, task *runnerv1.Task) error {