Skip to content

v2.0.3+node25.8.1 — GitHub Deployments and PR Test Workflow Overhaul

Choose a tag to compare

View all tags
@Amnoor Amnoor released this 26 Mar 19:38
· 62 commits to main since this release
Immutable release. Only release title and notes can be modified.
v2.0.3+node25.8.1
74572ad
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Runtime Node v2.0.3+node25.8.1

Secure, Distroless, Multi-Arch Node.js Runtime. Built from Scratch.

This is the third patch release on the Node.js 25 maintenance line. The Node.js runtime version remains at 25.8.1 — the image is identical to v2.0.2+node25.8.1. This release adds GitHub Deployment tracking to the release and promotion workflow jobs, removes the GHA cache export from the release build step, and restructures the PR test workflow into distinct build and test jobs backed by a pushed Docker Hub test image.

Pull the Image

# Docker Hub — versioned (recommended for production)
docker pull runtimenode/runtime-node:v2.0.3-node25.8.1

# Docker Hub — latest
docker pull runtimenode/runtime-node:latest

# GitHub Container Registry — versioned (recommended for production)
docker pull ghcr.io/runtimes-node/runtime-node:v2.0.3-node25.8.1

# GitHub Container Registry — latest
docker pull ghcr.io/runtimes-node/runtime-node:latest

Note: Docker registries normalize + to - in tag names. The canonical version tag is v2.0.3+node25.8.1 — the registry tag is v2.0.3-node25.8.1.

What's Included

Component Detail
Base FROM scratch — no OS, no shell
Node.js Version 25.8.1 (from node:25.8.1-alpine3.23)
NODE_ENV production (baked in)
TZ UTC (baked in)
Timezone Database IANA tzdata (/usr/share/zoneinfo)
CA Certificates Included (/etc/ssl/certs/)
DNS Resolution nsswitch.conf included
Runtime Libraries ld-musl, libstdc++, libgcc_s
/tmp Writable, sticky-bit 1777
Shell None
Package Manager None
Vulnerabilities 0 known
Architectures linux/amd64, linux/arm64
Provenance & SBOM Attached to this release

What's New

  • Added deployments: write to .github/workflows/deployment.yml and integrated chrnorm/deployment-action@v2 with chrnorm/deployment-status@v2 so the build-and-publish job creates and tracks a production GitHub Deployment (with Deploying ${{ github.ref_name }} as the description) and the promote-floating job creates and tracks a promotion deployment (with Promoting ${{ github.event.inputs.tag }} → ${{ github.event.inputs.promote_name }}). Both jobs mark the deployment as in_progress at the start and resolve to success or failure at the end.
  • Removed cache-to: type=gha,mode=max from the Build and push (multi-registry, multi-platform) step in .github/workflows/deployment.yml so release runs no longer export a GitHub Actions cache layer.
  • Restructured .github/workflows/pr-tests.yml by replacing the single build-and-test job with separate build-image and test-image jobs. The PR image flow changes from a local-only image (push: false, load: true, runtime-node:pr-N) to a pushed Docker Hub image (push: true, runtimenode/test:pr-N) that the matrix test job pulls per platform. Both jobs now authenticate to Docker Hub, QEMU setup in test-image is restricted to non-linux/amd64 runs, and the node --version, NODE_ENV, and TZ assertions are simplified to direct shell checks against ${{ env.TEST_IMAGE }}.

Maintenance Line

This tag is published on the maintenance/v2+node25 branch. The v2.x.x+node25.x.x line receives minor and patch updates only — no major Node.js version changes will be made on this branch.

Versioning

Tags follow the pattern v<image_semver>+node<node_version>. The latest tag tracks the most recent stable release on main and is updated by this release.

Immutable Tag

This tag is immutable. Once published, v2.0.3+node25.8.1 will never be moved or overwritten on either registry.

Full Changelog

v2.0.2+node25.8.1...v2.0.3+node25.8.1

Assets 3
Loading
0 Join discussion