Bump GitHub Actions runner OS version to ubuntu-24.04

.github/workflows/automatic-pr-update.yml

@@ -7,7 +7,7 @@ jobs:
   # thats's all. single step is needed - if PR is mergeable according to
   # branch protection rules it will be merged automatically
   mergepal:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     if: github.repository == 'RasaHQ/rasa'
 
     steps:

.github/workflows/ci-docs-tests.yml

@@ -16,7 +16,7 @@ env:
 jobs:
   changes:
     name: Check for file changes
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     outputs:
       docs: ${{ steps.filter.outputs.docs }}
     steps:
@@ -29,7 +29,7 @@ jobs:
 
   test_documentation:
     name: Test Documentation
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: [changes]
     if: needs.changes.outputs.docs == 'true'
 
@@ -100,7 +100,7 @@ jobs:
 
   documentation_lint:
     name: Documentation Linting Checks
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: [changes]
     if: needs.changes.outputs.docs == 'true'
 

.github/workflows/ci-github-actions.yml

@@ -14,7 +14,7 @@ env:
 jobs:
   test:
     name: Run Tests
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     #missing matrix
     strategy:
       fail-fast: false

.github/workflows/continous-integration.yml

@@ -44,7 +44,7 @@ env:
 jobs:
   changes:
     name: Check for file changes
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     outputs:
       # Both of the outputs below are strings but only one exists at any given time
       backend: ${{ steps.changed-files.outputs.backend || steps.run-all.outputs.backend }}
@@ -87,7 +87,7 @@ jobs:
     # Runs on pushes to main exclusively
     name: Wait for docs tests
     if: github.ref_type != 'tag'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: [changes]
 
     steps:
@@ -110,7 +110,7 @@ jobs:
   quality:
     name: Code Quality
     if: github.ref_type != 'tag'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: [changes]
 
     steps:
@@ -210,7 +210,7 @@ jobs:
 
   changelog:
     name: Check for changelog
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
 
     steps:
       - name: Checkout git repository 🕝
@@ -249,7 +249,7 @@ jobs:
           - test-full-model-training
           - test-other-unit-tests
           - test-performance
-        os: [ubuntu-22.04, windows-2019]
+        os: [ubuntu-24.04, windows-2019]
         python-version: [3.8, 3.9, "3.10"]
 
     steps:
@@ -316,7 +316,7 @@ jobs:
         run: poetry config virtualenvs.in-project true
 
       - name: Install Dependencies (Linux) 📦
-        if: needs.changes.outputs.backend == 'true' && matrix.os == 'ubuntu-22.04'
+        if: needs.changes.outputs.backend == 'true' && matrix.os == 'ubuntu-24.04'
         # Poetry intermittently fails to install dependency if it is not PEP 517 compliant
         # This is a workaround for that issue
         run: |
@@ -344,7 +344,7 @@ jobs:
           make prepare-tests-windows-gha
 
       - name: Add github workflow problem matchers
-        if: needs.changes.outputs.backend == 'true' && matrix.python-version == 3.7 && matrix.os == 'ubuntu-22.04'
+        if: needs.changes.outputs.backend == 'true' && matrix.python-version == 3.7 && matrix.os == 'ubuntu-24.04'
         # only annotate based on test runs on ubuntu: otherwise
         # all errors will be duplicated for each python / os combination
         # therefore, we only enable for the one where most tests are run
@@ -363,7 +363,7 @@ jobs:
           Set-ItemProperty 'HKLM:\System\CurrentControlSet\Control\FileSystem' -Name 'LongPathsEnabled' -value 0
 
       - name: Install ddtrace on Linux
-        if: needs.changes.outputs.backend == 'true' && matrix.os == 'ubuntu-22.04'
+        if: needs.changes.outputs.backend == 'true' && matrix.os == 'ubuntu-24.04'
         run: poetry run pip install -U 'ddtrace<2.0.0'
 
       - name: Install ddtrace on Windows
@@ -388,7 +388,7 @@ jobs:
         shell: bash # bash shell is a way to make code run for both Linux and Windows
 
       - name: Store coverage reports
-        if: needs.changes.outputs.backend == 'true' && matrix.os == 'ubuntu-22.04'
+        if: needs.changes.outputs.backend == 'true' && matrix.os == 'ubuntu-24.04'
         uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 #v4.4.3
         with:
           name: ${{ matrix.test }}-coverage
@@ -404,7 +404,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-22.04, windows-2019]
+        os: [ubuntu-24.04, windows-2019]
         python-version: [3.8, 3.9, "3.10"]
 
     steps:
@@ -471,7 +471,7 @@ jobs:
         run: poetry config virtualenvs.in-project true
 
       - name: Install Dependencies (Linux) 📦
-        if: needs.changes.outputs.backend == 'true' && matrix.os == 'ubuntu-22.04'
+        if: needs.changes.outputs.backend == 'true' && matrix.os == 'ubuntu-24.04'
         run: |
           sudo apt-get -y install libpq-dev
           make install-full | tee .output
@@ -495,7 +495,7 @@ jobs:
           make prepare-tests-windows-gha
 
       - name: Add github workflow problem matchers
-        if: needs.changes.outputs.backend == 'true' && matrix.python-version == 3.7 && matrix.os == 'ubuntu-22.04'
+        if: needs.changes.outputs.backend == 'true' && matrix.python-version == 3.7 && matrix.os == 'ubuntu-24.04'
         # only annotate based on test runs on ubuntu: otherwise
         # all errors will be duplicated for each python / os combination
         # therefore, we only enable for the one where most tests are run
@@ -514,7 +514,7 @@ jobs:
           Set-ItemProperty 'HKLM:\System\CurrentControlSet\Control\FileSystem' -Name 'LongPathsEnabled' -value 0
 
       - name: Install ddtrace on Linux
-        if: needs.changes.outputs.backend == 'true' && matrix.os == 'ubuntu-22.04'
+        if: needs.changes.outputs.backend == 'true' && matrix.os == 'ubuntu-24.04'
         run: poetry run pip install -U 'ddtrace<2.0.0'
 
       - name: Install ddtrace on Windows
@@ -539,7 +539,7 @@ jobs:
         shell: bash # bash shell is a way to make code run for both Linux and Windows
 
       - name: Store coverage reports
-        if: needs.changes.outputs.backend == 'true' && matrix.os == 'ubuntu-22.04'
+        if: needs.changes.outputs.backend == 'true' && matrix.os == 'ubuntu-24.04'
         uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 #v4.4.3
         with:
           name: ${{ matrix.test }}-coverage
@@ -549,7 +549,7 @@ jobs:
   prepare_coverage_reports_analyse_with_sonarcloud:
     name: Prepare coverage reports and Analyse coverage with Sonarcloud
     if: github.ref_type != 'tag'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # Always upload results even if tests failed
     needs:
       - test
@@ -591,7 +591,7 @@ jobs:
   integration_test:
     name: Run Non-Sequential Integration Tests
     if: github.ref_type != 'tag'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     timeout-minutes: 60
     needs: [changes]
     env:
@@ -728,7 +728,7 @@ jobs:
   sequential_integration_test:
     name: Run Sequential Integration Tests
     if: github.ref_type != 'tag'
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-24.04
     timeout-minutes: 60
     needs: [changes]
     env:
@@ -831,7 +831,7 @@ jobs:
 
   build_docker_base_images_and_set_env:
     name: Build Docker base images and setup environment
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     outputs:
       base_image_hash: ${{ steps.check_image.outputs.base_image_hash }}
       base_mitie_image_hash: ${{ steps.check_image.outputs.base_mitie_image_hash }}
@@ -1014,7 +1014,7 @@ jobs:
 
   docker:
     name: Build Docker
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: [changes, build_docker_base_images_and_set_env]
     env:
       IMAGE_TAG: ${{ needs.build_docker_base_images_and_set_env.outputs.image_tag }}
@@ -1118,7 +1118,7 @@ jobs:
 
   deploy:
     name: Deploy to PyPI
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
 
     # deploy will only be run when there is a tag available
     if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags') && github.repository == 'RasaHQ/rasa'
@@ -1186,7 +1186,7 @@ jobs:
 
   send_slack_notification_for_release_on_failure:
     name: Notify Slack & Publish Release Notes
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # run this job when the workflow is triggered by a tag push
     if: always() && github.repository == 'RasaHQ/rasa' && github.ref_type == 'tag'
     needs:

.github/workflows/dependabot-batch-updater.yml

@@ -6,7 +6,7 @@ on:
 
 jobs:
   update_dependencies:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     name: Update dependencies
     steps:
       - uses: RasaHQ/dependabot-batch-updater@f049cbb0bbd3754bcb5ab154a79f00cd780fc633 # v1.0

.github/workflows/documentation.yml

@@ -30,7 +30,7 @@ env:
 jobs:
   changes:
     name: Check for file changes
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # don't run this for pull requests of forks
     if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == 'RasaHQ/rasa'
     outputs:
@@ -59,7 +59,7 @@ jobs:
 
   evaluate_release_tag:
     name: Evaluate release tag
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # don't run this for main branches of forks and on documentation branch
     if: github.repository == 'RasaHQ/rasa' && github.ref != 'refs/heads/documentation' && github.event_name != 'pull_request'
     outputs:
@@ -100,7 +100,7 @@ jobs:
 
   prebuild_docs:
     name: Prebuild Docs
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: [evaluate_release_tag]
     # don't run this for main branches of forks, would fail anyways
     if: github.repository == 'RasaHQ/rasa' && needs.evaluate_release_tag.outputs.build_docs == 'true' && github.ref != 'refs/heads/documentation' && github.event_name != 'pull_request'
@@ -189,7 +189,7 @@ jobs:
 
   preview_docs:
     name: Preview Docs
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: [changes]
     # don't run this for pull requests from forks
     if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == 'RasaHQ/rasa'
@@ -285,7 +285,7 @@ jobs:
 
   publish_docs:
     name: Publish Docs
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # don't run this for main branches of forks; only run on documentation branch
     if: github.repository == 'RasaHQ/rasa' && github.ref == 'refs/heads/documentation'
 

.github/workflows/git-backup.yml

@@ -11,7 +11,7 @@ permissions:
 
 jobs:
   backup:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
       - name: Checkout repository
         uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c

.github/workflows/nightly_release.yml

@@ -9,7 +9,7 @@ on:
 jobs:
   run_script_and_tag_nightly_release:
     name: Run release script and tag a new nightly release
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     outputs:
       tag_name: ${{ steps.set_tagname.outputs.tag_name }}
 
@@ -53,7 +53,7 @@ jobs:
 
   deploy:
     name: Deploy to PyPI
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
 
     # deploy will only be run when there is a tag available
     needs: run_script_and_tag_nightly_release  # only run after all other stages succeeded
@@ -113,7 +113,7 @@ jobs:
 
   docker:
     name: Build Docker
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: run_script_and_tag_nightly_release
     env:
       GCLOUD_VERSION: "297.0.1"
@@ -180,7 +180,7 @@ jobs:
 
   send_slack_notification_on_failure:
     name: Notify Slack
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     if: always()
     needs:
       - docker

.github/workflows/rasa-install-cron-check.yml

@@ -14,7 +14,7 @@ jobs:
     strategy:
       matrix:
         os:
-          [ubuntu-22.04, ubuntu-18.04, macos-latest, windows-2019, windows-2022]
+          [ubuntu-24.04, ubuntu-18.04, macos-latest, windows-2019, windows-2022]
         python-version: [3.8, 3.9, '3.10']
       fail-fast: false
 

.github/workflows/security-scans.yml

@@ -11,7 +11,7 @@ concurrency:
 jobs:
   changes:
     name: Check for file changes
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     outputs:
       backend: ${{ steps.filter.outputs.backend }}
       docker: ${{ steps.filter.outputs.docker }}
@@ -26,7 +26,7 @@ jobs:
 
   trivy:
     name: Detecting hardcoded secrets
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
     - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c
       with:
@@ -75,7 +75,7 @@ jobs:
 
   bandit:
     name: Detect python security issues
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: [changes]
 
     steps:
@@ -131,7 +131,7 @@ jobs:
         run: make lint-security
 
   snyk:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c
       - name: Run Snyk Open Source to check for Python vulnerabilities

.github/workflows/semgrep-check.yml

@@ -14,7 +14,7 @@ jobs:
     # User-definable name of this GitHub Actions job:
     name: Semgrep Workflow Security Scan
     # If you are self-hosting, change the following `runs-on` value:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
 
     container:
       # A Docker image with Semgrep installed. Do not change this.

.github/workflows/spellcheck.yml

@@ -7,7 +7,7 @@ on:
 jobs:
   spellcheck:
     name: Typo CI (GitHub Action)
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     timeout-minutes: 4
     if: "!contains(github.event.head_commit.message, '[ci skip]')"
     steps: