fix: replace orchestrator-develop branch references with main

The orchestrator-develop branch no longer exists. Update all fallback clone commands and test fixtures to use main instead. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
ci: set macOS builds to continue-on-error
2026-05-31 22:06:16 -07:00 · 2026-03-09 20:06:13 +00:00 · 2026-03-05 23:33:32 +00:00 · 2026-03-05 13:16:05 +00:00 · 2026-03-05 08:30:51 +00:00 · 2026-03-04 21:53:47 +00:00
179 changed files with 123417 additions and 75138 deletions
--- a/.eslintrc.json
+++ b/.eslintrc.json
@@ -14,7 +14,8 @@
  "env": {
    "node": true,
    "es6": true,
-    "jest/globals": true
+    "jest/globals": true,
+    "es2020": true
  },
  "rules": {
    // Error out for code formatting errors
@@ -77,5 +78,13 @@
    "unicorn/prefer-spread": "off",
    // Temp disable to prevent mixing changes with other PRs
    "i18n-text/no-en": "off"
-  }
+  },
+  "overrides": [
+    {
+      "files": ["jest.setup.js"],
+      "rules": {
+        "import/no-commonjs": "off"
+      }
+    }
+  ]
 }
--- a/.github/workflows/build-tests-mac.yml
+++ b/.github/workflows/build-tests-mac.yml
@@ -12,18 +12,26 @@ jobs:
  buildForAllPlatformsMacOS:
    name: ${{ matrix.targetPlatform }} on ${{ matrix.unityVersion }}
    runs-on: macos-latest
+    continue-on-error: true
    strategy:
      fail-fast: false
      matrix:
        projectPath:
          - test-project
        unityVersion:
-          - 2021.3.32f1
+          - 2021.3.45f1
          - 2022.3.13f1
          - 2023.2.2f1
        targetPlatform:
          - StandaloneOSX # Build a MacOS executable
          - iOS # Build an iOS executable
+        include:
+          # Additionally test enableGpu build for a standalone windows target
+          - unityVersion: 6000.0.36f1
+            targetPlatform: StandaloneOSX
+          - unityVersion: 6000.0.36f1
+            targetPlatform: StandaloneOSX
+            buildProfile: 'Assets/Settings/Build Profiles/Sample macOS Build Profile.asset'

    steps:
      ###########################
@@ -65,6 +73,7 @@ jobs:
          projectPath: ${{ matrix.projectPath }}
          unityVersion: ${{ matrix.unityVersion }}
          targetPlatform: ${{ matrix.targetPlatform }}
+          buildProfile: ${{ matrix.buildProfile }}
          customParameters: -profile SomeProfile -someBoolean -someValue exampleValue
          # We use dirty build because we are replacing the default project settings file above
          allowDirtyBuild: true
@@ -74,6 +83,6 @@ jobs:
      ###########################
      - uses: actions/upload-artifact@v4
        with:
-          name: Build ${{ matrix.targetPlatform }} on MacOS (${{ matrix.unityVersion }})
+          name: Build ${{ matrix.targetPlatform }} on MacOS (${{ matrix.unityVersion }})${{ matrix.buildProfile && '  With Build Profile' || '' }}
          path: build
          retention-days: 14
--- a/.github/workflows/build-tests-windows.yml
+++ b/.github/workflows/build-tests-windows.yml
@@ -26,7 +26,20 @@ jobs:
          - StandaloneWindows64 # Build a Windows 64-bit standalone.
          - WSAPlayer # Build a UWP App
          - tvOS # Build an Apple TV XCode project
-
+        enableGpu:
+          - false
+        include:
+          # Additionally test enableGpu build for a standalone windows target
+          - projectPath: test-project
+            unityVersion: 2023.2.2f1
+            targetPlatform: StandaloneWindows64
+            enableGpu: true
+          - unityVersion: 6000.0.36f1
+            targetPlatform: StandaloneWindows64
+          - unityVersion: 6000.0.36f1
+            targetPlatform: StandaloneWindows64
+            buildProfile: 'Assets/Settings/Build Profiles/Sample Windows Build Profile.asset'
+  
    steps:
      ###########################
      #         Checkout        #
@@ -71,6 +84,8 @@ jobs:
          projectPath: ${{ matrix.projectPath }}
          unityVersion: ${{ matrix.unityVersion }}
          targetPlatform: ${{ matrix.targetPlatform }}
+          buildProfile: ${{ matrix.buildProfile }}
+          enableGpu: ${{ matrix.enableGpu }}
          customParameters: -profile SomeProfile -someBoolean -someValue exampleValue
          allowDirtyBuild: true
      # We use dirty build because we are replacing the default project settings file above
@@ -96,6 +111,7 @@ jobs:
          projectPath: ${{ matrix.projectPath }}
          unityVersion: ${{ matrix.unityVersion }}
          targetPlatform: ${{ matrix.targetPlatform }}
+          enableGpu: ${{ matrix.enableGpu }}
          customParameters: -profile SomeProfile -someBoolean -someValue exampleValue
          allowDirtyBuild: true
      # We use dirty build because we are replacing the default project settings file above
@@ -120,6 +136,7 @@ jobs:
          projectPath: ${{ matrix.projectPath }}
          unityVersion: ${{ matrix.unityVersion }}
          targetPlatform: ${{ matrix.targetPlatform }}
+          enableGpu: ${{ matrix.enableGpu }}
          customParameters: -profile SomeProfile -someBoolean -someValue exampleValue
          allowDirtyBuild: true
      # We use dirty build because we are replacing the default project settings file above
@@ -129,6 +146,6 @@ jobs:
      ###########################
      - uses: actions/upload-artifact@v4
        with:
-          name: Build ${{ matrix.targetPlatform }} on Windows (${{ matrix.unityVersion }})
+          name: Build ${{ matrix.targetPlatform }} on Windows (${{ matrix.unityVersion }})${{ matrix.enableGpu && ' With GPU' || '' }}${{ matrix.buildProfile && '  With Build Profile' || '' }}
          path: build
          retention-days: 14
--- a/.github/workflows/cleanup.yml
+++ b/.github/workflows/cleanup.yml
@@ -1,37 +0,0 @@
-name: Cleanup (cron)
-on:
-  schedule:
-    - cron: '30 10 * * SUN' # every sunday at 10:30
-
-jobs:
-  deleteArtifacts:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Delete old artifacts
-        uses: kolpav/purge-artifacts-action@v1
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          expire-in: 21 days
-  cleanupCloudRunner:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        if: github.event.event_type != 'pull_request_target'
-        with:
-          lfs: true
-      - uses: actions/setup-node@v4
-        with:
-          node-version: '18'
-      - run: yarn
-      - run: yarn run cli --help
-        env:
-          AWS_REGION: eu-west-2
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          AWS_DEFAULT_REGION: eu-west-2
-      - run: yarn run cli -m list-resources
-        env:
-          AWS_REGION: eu-west-2
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          AWS_DEFAULT_REGION: eu-west-2
--- a/.github/workflows/cloud-runner-ci-pipeline.yml
+++ b/.github/workflows/cloud-runner-ci-pipeline.yml
@@ -1,209 +0,0 @@
-name: Cloud Runner CI Pipeline
-
-on:
-  push: { branches: [cloud-runner-develop, cloud-runner-preview, main] }
-  workflow_dispatch:
-
-permissions:
-  checks: write
-  contents: read
-  actions: write
-
-env:
-  GKE_ZONE: 'us-central1'
-  GKE_REGION: 'us-central1'
-  GKE_PROJECT: 'unitykubernetesbuilder'
-  GKE_CLUSTER: 'game-ci-github-pipelines'
-  GCP_LOGGING: true
-  GCP_PROJECT: unitykubernetesbuilder
-  GCP_LOG_FILE: ${{ github.workspace }}/cloud-runner-logs.txt
-  AWS_REGION: eu-west-2
-  AWS_DEFAULT_REGION: eu-west-2
-  AWS_STACK_NAME: game-ci-team-pipelines
-  CLOUD_RUNNER_BRANCH: ${{ github.ref }}
-  DEBUG: true
-  UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }}
-  UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }}
-  UNITY_SERIAL: ${{ secrets.UNITY_SERIAL }}
-  PROJECT_PATH: test-project
-  UNITY_VERSION: 2019.3.15f1
-  USE_IL2CPP: false
-  USE_GKE_GCLOUD_AUTH_PLUGIN: true
-
-jobs:
-  tests:
-    name: Tests
-    if: github.event.event_type != 'pull_request_target'
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        test:
-          - 'cloud-runner-end2end-locking'
-          - 'cloud-runner-end2end-caching'
-          - 'cloud-runner-end2end-retaining'
-          - 'cloud-runner-caching'
-          - 'cloud-runner-environment'
-          - 'cloud-runner-image'
-          - 'cloud-runner-hooks'
-          - 'cloud-runner-local-persistence'
-          - 'cloud-runner-locking-core'
-          - 'cloud-runner-locking-get-locked'
-    steps:
-      - name: Checkout (default)
-        uses: actions/checkout@v4
-        with:
-          lfs: false
-      - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v1
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: eu-west-2
-      - run: yarn
-      - run: yarn run test "${{ matrix.test }}" --detectOpenHandles --forceExit --runInBand
-        timeout-minutes: 60
-        env:
-          UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }}
-          UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }}
-          UNITY_SERIAL: ${{ secrets.UNITY_SERIAL }}
-          PROJECT_PATH: test-project
-          TARGET_PLATFORM: StandaloneWindows64
-          cloudRunnerTests: true
-          versioning: None
-          KUBE_STORAGE_CLASS: local-path
-          PROVIDER_STRATEGY: local-docker
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          GIT_PRIVATE_TOKEN: ${{ secrets.GIT_PRIVATE_TOKEN }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-  k8sTests:
-    name: K8s Tests
-    if: github.event.event_type != 'pull_request_target'
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        test:
-          # - 'cloud-runner-async-workflow'
-          - 'cloud-runner-end2end-locking'
-          - 'cloud-runner-end2end-caching'
-          - 'cloud-runner-end2end-retaining'
-          - 'cloud-runner-kubernetes'
-          - 'cloud-runner-environment'
-          - 'cloud-runner-github-checks'
-    steps:
-      - name: Checkout (default)
-        uses: actions/checkout@v2
-        with:
-          lfs: false
-      - run: yarn
-      - name: actions-k3s
-        uses: debianmaster/actions-k3s@v1.0.5
-        with:
-          version: 'latest'
-      - run: yarn run test "${{ matrix.test }}" --detectOpenHandles --forceExit --runInBand
-        timeout-minutes: 60
-        env:
-          UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }}
-          UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }}
-          UNITY_SERIAL: ${{ secrets.UNITY_SERIAL }}
-          PROJECT_PATH: test-project
-          TARGET_PLATFORM: StandaloneWindows64
-          cloudRunnerTests: true
-          versioning: None
-          KUBE_STORAGE_CLASS: local-path
-          PROVIDER_STRATEGY: k8s
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          GIT_PRIVATE_TOKEN: ${{ secrets.GIT_PRIVATE_TOKEN }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-  awsTests:
-    name: AWS Tests
-    if: github.event.event_type != 'pull_request_target'
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        test:
-          - 'cloud-runner-end2end-locking'
-          - 'cloud-runner-end2end-caching'
-          - 'cloud-runner-end2end-retaining'
-          - 'cloud-runner-environment'
-          - 'cloud-runner-s3-steps'
-    steps:
-      - name: Checkout (default)
-        uses: actions/checkout@v2
-        with:
-          lfs: false
-      - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v1
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: eu-west-2
-      - run: yarn
-      - run: yarn run test "${{ matrix.test }}" --detectOpenHandles --forceExit --runInBand
-        timeout-minutes: 60
-        env:
-          UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }}
-          UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }}
-          UNITY_SERIAL: ${{ secrets.UNITY_SERIAL }}
-          PROJECT_PATH: test-project
-          TARGET_PLATFORM: StandaloneWindows64
-          cloudRunnerTests: true
-          versioning: None
-          KUBE_STORAGE_CLASS: local-path
-          PROVIDER_STRATEGY: aws
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          GIT_PRIVATE_TOKEN: ${{ secrets.GIT_PRIVATE_TOKEN }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-  buildTargetTests:
-    name: Local Build Target Tests
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        providerStrategy:
-          #- aws
-          - local-docker
-          #- k8s
-        targetPlatform:
-          - StandaloneOSX # Build a macOS standalone (Intel 64-bit).
-          - StandaloneWindows64 # Build a Windows 64-bit standalone.
-          - StandaloneLinux64 # Build a Linux 64-bit standalone.
-          - WebGL # WebGL.
-          - iOS # Build an iOS player.
-          # - Android # Build an Android .apk.
-    steps:
-      - name: Checkout (default)
-        uses: actions/checkout@v4
-        with:
-          lfs: false
-      - run: yarn
-      - uses: ./
-        id: unity-build
-        timeout-minutes: 30
-        env:
-          UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }}
-          UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }}
-          UNITY_SERIAL: ${{ secrets.UNITY_SERIAL }}
-
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          GIT_PRIVATE_TOKEN: ${{ secrets.GIT_PRIVATE_TOKEN }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          cloudRunnerTests: true
-          versioning: None
-          targetPlatform: ${{ matrix.targetPlatform }}
-          providerStrategy: ${{ matrix.providerStrategy }}
-      - run: |
-          cp ./cloud-runner-cache/cache/${{ steps.unity-build.outputs.CACHE_KEY }}/build/${{ steps.unity-build.outputs.BUILD_ARTIFACT }} ${{ steps.unity-build.outputs.BUILD_ARTIFACT }}
-      - uses: actions/upload-artifact@v4
-        with:
-          name: ${{ matrix.providerStrategy }} Build (${{ matrix.targetPlatform }})
-          path: ${{ steps.unity-build.outputs.BUILD_ARTIFACT }}
-          retention-days: 14
--- a/.github/workflows/integrity-check.yml
+++ b/.github/workflows/integrity-check.yml
@@ -4,6 +4,11 @@ on:
  push: { branches: [main] }
  pull_request: {}

+permissions:
+  contents: read
+  checks: write
+  statuses: write
+
 env:
  CODECOV_TOKEN: '2f2eb890-30e2-4724-83eb-7633832cf0de'

@@ -22,7 +27,12 @@ jobs:
          node-version: '18'
      - run: yarn
      - run: yarn lint
-      - run: yarn test --coverage
+      - run: yarn test:ci --coverage
      - run: bash <(curl -s https://codecov.io/bash)
      - run: yarn build || { echo "build command should always succeed" ; exit 61; }
-#      - run: yarn build --quiet && git diff --quiet dist || { echo "dist should be auto generated" ; git diff dist ; exit 62; }
+  #      - run: yarn build --quiet && git diff --quiet dist || { echo "dist should be auto generated" ; git diff dist ; exit 62; }
+
+  orchestrator:
+    name: Orchestrator Integrity
+    uses: ./.github/workflows/orchestrator-integrity.yml
+    secrets: inherit
--- a/.github/workflows/orchestrator-async-checks.yml
+++ b/.github/workflows/orchestrator-async-checks.yml
@@ -18,15 +18,16 @@ env:
  GKE_CLUSTER: 'game-ci-github-pipelines'
  GCP_LOGGING: true
  GCP_PROJECT: unitykubernetesbuilder
-  GCP_LOG_FILE: ${{ github.workspace }}/cloud-runner-logs.txt
-  AWS_REGION: eu-west-2
-  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-  AWS_DEFAULT_REGION: eu-west-2
-  AWS_STACK_NAME: game-ci-github-pipelines
-  CLOUD_RUNNER_BRANCH: ${{ github.ref }}
-  CLOUD_RUNNER_DEBUG: true
-  CLOUD_RUNNER_DEBUG_TREE: true
+  GCP_LOG_FILE: ${{ github.workspace }}/orchestrator-logs.txt
+  # Commented out: Using LocalStack tests instead of real AWS
+  # AWS_REGION: eu-west-2
+  # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+  # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+  # AWS_DEFAULT_REGION: eu-west-2
+  # AWS_STACK_NAME: game-ci-github-pipelines
+  ORCHESTRATOR_BRANCH: ${{ github.ref }}
+  ORCHESTRATOR_DEBUG: true
+  ORCHESTRATOR_DEBUG_TREE: true
  DEBUG: true
  UNITY_LICENSE: ${{ secrets.UNITY_LICENSE }}
  PROJECT_PATH: test-project
@@ -46,13 +47,14 @@ jobs:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          GIT_PRIVATE_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          TARGET_PLATFORM: StandaloneWindows64
-          cloudRunnerTests: true
+          orchestratorTests: true
          versioning: None
-          CLOUD_RUNNER_CLUSTER: local-docker
-          AWS_STACK_NAME: game-ci-github-pipelines
+          ORCHESTRATOR_CLUSTER: local-docker
+          # Commented out: Using LocalStack tests instead of real AWS
+          # AWS_STACK_NAME: game-ci-github-pipelines
          CHECKS_UPDATE: ${{ github.event.inputs.checksObject }}
        run: |
-          git clone -b cloud-runner-develop https://github.com/game-ci/unity-builder
+          git clone -b main https://github.com/game-ci/unity-builder
          cd unity-builder
          yarn
          ls
--- a/.github/workflows/orchestrator-integrity.yml
+++ b/.github/workflows/orchestrator-integrity.yml
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,5 @@ lib/
 .vsconfig
 yarn-error.log
 .orig
+$LOG_FILE
+temp/
--- a/action.yml
+++ b/action.yml
@@ -104,11 +104,17 @@ inputs:
  gitPrivateToken:
    required: false
    default: ''
-    description: '[CloudRunner] Github private token to pull from github'
+    description: '[Orchestrator] Github private token to pull from github'
+  gitAuthMode:
+    required: false
+    default: 'header'
+    description:
+      '[Orchestrator] How git authentication is configured. "header" (default) uses http.extraHeader so the token
+      never appears in clone URLs or git config. "url" embeds the token in clone URLs (legacy behavior).'
  githubOwner:
    required: false
    default: ''
-    description: '[CloudRunner] GitHub owner name or organization/team name'
+    description: '[Orchestrator] GitHub owner name or organization/team name'
  runAsHostUser:
    required: false
    default: 'false'
@@ -149,97 +155,101 @@ inputs:
  allowDirtyBuild:
    required: false
    default: ''
-    description: '[CloudRunner] Allows the branch of the build to be dirty, and still generate the build.'
+    description: '[Orchestrator] Allows the branch of the build to be dirty, and still generate the build.'
  postBuildSteps:
    required: false
    default: ''
    description:
-      '[CloudRunner] run a post build job in yaml format with the keys image, secrets (name, value object array),
+      '[Orchestrator] run a post build job in yaml format with the keys image, secrets (name, value object array),
      command string'
  preBuildSteps:
    required: false
    default: ''
    description:
-      '[CloudRunner] Run a pre build job after the repository setup but before the build job (in yaml format with the
+      '[Orchestrator] Run a pre build job after the repository setup but before the build job (in yaml format with the
      keys image, secrets (name, value object array), command line string)'
  containerHookFiles:
    required: false
    default: ''
    description:
-      '[CloudRunner] Specify the names (by file name) of custom steps to run before or after cloud runner jobs, must
+      '[Orchestrator] Specify the names (by file name) of custom steps to run before or after orchestrator jobs, must
      match a yaml step file inside your repo in the folder .game-ci/steps/'
  customHookFiles:
    required: false
    default: ''
    description:
-      '[CloudRunner] Specify the names (by file name) of custom hooks to run before or after cloud runner jobs, must
+      '[Orchestrator] Specify the names (by file name) of custom hooks to run before or after orchestrator jobs, must
      match a yaml step file inside your repo in the folder .game-ci/hooks/'
  customCommandHooks:
    required: false
    default: ''
-    description: '[CloudRunner] Specify custom commands and trigger hooks (injects commands into jobs)'
+    description: '[Orchestrator] Specify custom commands and trigger hooks (injects commands into jobs)'
  customJob:
    required: false
    default: ''
    description:
-      '[CloudRunner] Run a custom job instead of the standard build automation for cloud runner (in yaml format with the
+      '[Orchestrator] Run a custom job instead of the standard build automation for orchestrator (in yaml format with the
      keys image, secrets (name, value object array), command line string)'
  awsStackName:
    default: 'game-ci'
    required: false
-    description: '[CloudRunner] The Cloud Formation stack name that must be setup before using this option.'
+    description: '[Orchestrator] The Cloud Formation stack name that must be setup before using this option.'
  providerStrategy:
    default: 'local'
    required: false
    description:
-      '[CloudRunner] Either local, k8s or aws can be used to run builds on a remote cluster. Additional parameters must
+      '[Orchestrator] Either local, k8s or aws can be used to run builds on a remote cluster. Additional parameters must
      be configured.'
+  resourceTracking:
+    default: 'false'
+    required: false
+    description: '[Orchestrator] Enable resource tracking logs for disk usage and allocation summaries.'
  containerCpu:
    default: ''
    required: false
-    description: '[CloudRunner] Amount of CPU time to assign the remote build container'
+    description: '[Orchestrator] Amount of CPU time to assign the remote build container'
  containerMemory:
    default: ''
    required: false
-    description: '[CloudRunner] Amount of memory to assign the remote build container'
+    description: '[Orchestrator] Amount of memory to assign the remote build container'
  readInputFromOverrideList:
    default: ''
    required: false
-    description: '[CloudRunner] Comma separated list of input value names to read from "input override command"'
+    description: '[Orchestrator] Comma separated list of input value names to read from "input override command"'
  readInputOverrideCommand:
    default: ''
    required: false
    description:
-      '[CloudRunner] Extend game ci by specifying a command to execute to pull input from external source e.g cloud
+      '[Orchestrator] Extend game ci by specifying a command to execute to pull input from external source e.g cloud
      provider secret managers'
  kubeConfig:
    default: ''
    required: false
    description:
-      '[CloudRunner] Supply a base64 encoded kubernetes config to run builds on kubernetes and stream logs until
+      '[Orchestrator] Supply a base64 encoded kubernetes config to run builds on kubernetes and stream logs until
      completion.'
  kubeVolume:
    default: ''
    required: false
-    description: '[CloudRunner] Supply a Persistent Volume Claim name to use for the Unity build.'
+    description: '[Orchestrator] Supply a Persistent Volume Claim name to use for the Unity build.'
  kubeStorageClass:
    default: ''
    required: false
    description:
-      '[CloudRunner] Kubernetes storage class to use for cloud runner jobs, leave empty to install rook cluster.'
+      '[Orchestrator] Kubernetes storage class to use for orchestrator jobs, leave empty to install rook cluster.'
  kubeVolumeSize:
    default: '5Gi'
    required: false
-    description: '[CloudRunner] Amount of disc space to assign the Kubernetes Persistent Volume'
+    description: '[Orchestrator] Amount of disc space to assign the Kubernetes Persistent Volume'
  cacheKey:
    default: ''
    required: false
-    description: '[CloudRunner] Cache key to indicate bucket for cache'
+    description: '[Orchestrator] Cache key to indicate bucket for cache'
  watchToEnd:
    default: 'true'
    required: false
    description:
-      '[CloudRunner] Whether or not to watch the build to the end. Can be used for especially long running jobs e.g
+      '[Orchestrator] Whether or not to watch the build to the end. Can be used for especially long running jobs e.g
      imports or self-hosted ephemeral runners.'
  cacheUnityInstallationOnMac:
    default: 'false'
@@ -265,6 +275,16 @@ inputs:
    default: 'false'
    required: false
    description: 'Skip the activation/deactivation of Unity. This assumes Unity is already activated.'
+  cloneDepth:
+    default: '50'
+    required: false
+    description: '[Orchestrator] Specifies the depth of the git clone for the repository. Use 0 for full clone.'
+  orchestratorRepoName:
+    default: 'game-ci/unity-builder'
+    required: false
+    description:
+      '[Orchestrator] Specifies the repo for the unity builder. Useful if you forked the repo for testing, features, or
+      fixes.'

 outputs:
  volume:
--- a/dist/default-build-script/Assets/Editor/UnityBuilderAction/Builder.cs
+++ b/dist/default-build-script/Assets/Editor/UnityBuilderAction/Builder.cs
@@ -56,14 +56,19 @@ namespace UnityBuilderAction
      // of either `UnityEditor.BuildPlayerOptions` or `UnityEditor.BuildPlayerWithProfileOptions`
      dynamic buildPlayerOptions;

-      if (options["customBuildProfile"] != "") {
+      if (options.TryGetValue("activeBuildProfile", out var buildProfilePath)) {
+        if (string.IsNullOrEmpty(buildProfilePath)) {
+          throw new Exception("`-activeBuildProfile` is set but with an empty value; this shouldn't happen");
+        }

 #if UNITY_6000_0_OR_NEWER
        // Load build profile from Assets folder
-        BuildProfile buildProfile = AssetDatabase.LoadAssetAtPath<BuildProfile>(options["customBuildProfile"]);
+        var buildProfile = AssetDatabase.LoadAssetAtPath<BuildProfile>(buildProfilePath)
+                           ?? throw new Exception("Build profile file not found at path: " + buildProfilePath);

-        // Set it as active
-        BuildProfile.SetActiveBuildProfile(buildProfile);
+        // no need to set active profile, as already set by `-activeBuildProfile` CLI argument
+        // BuildProfile.SetActiveBuildProfile(buildProfile);
+        Debug.Log($"build profile: {buildProfile.name}");

        // Define BuildPlayerWithProfileOptions
        buildPlayerOptions = new BuildPlayerWithProfileOptions {
@@ -71,12 +76,16 @@ namespace UnityBuilderAction
            locationPathName = options["customBuildPath"],
            options = buildOptions,
        };
-#else
+#else // UNITY_6000_0_OR_NEWER
        throw new Exception("Build profiles are not supported by this version of Unity (" + Application.unityVersion +")");
-#endif
+#endif // UNITY_6000_0_OR_NEWER

      } else {

+#if BUILD_PROFILE_LOADED
+        throw new Exception("Build profile's define symbol present; shouldn't happen");
+#endif // BUILD_PROFILE_LOADED
+
        // Gather values from project
        var scenes = EditorBuildSettings.scenes.Where(scene => scene.enabled).Select(s => s.path).ToArray();

--- a/dist/default-build-script/Assets/Editor/UnityBuilderAction/Input/AndroidSettings.cs
+++ b/dist/default-build-script/Assets/Editor/UnityBuilderAction/Input/AndroidSettings.cs
@@ -74,7 +74,20 @@ namespace UnityBuilderAction.Input
      string symbolType;
      if (options.TryGetValue("androidSymbolType", out symbolType) && !string.IsNullOrEmpty(symbolType))
      {
-#if UNITY_2021_1_OR_NEWER
+#if UNITY_6000_0_OR_NEWER
+        switch (symbolType)
+        {
+          case "public":
+            SetDebugSymbols("SymbolTable");
+            break;
+          case "debugging":
+            SetDebugSymbols("Full");
+            break;
+          case "none":
+            SetDebugSymbols("None");
+            break;
+        }
+#elif UNITY_2021_1_OR_NEWER
        switch (symbolType)
        {
          case "public":
@@ -101,5 +114,37 @@ namespace UnityBuilderAction.Input
 #endif
      }
    }
+
+#if UNITY_6000_0_OR_NEWER
+    private static void SetDebugSymbols(string enumValueName)
+    {
+      // UnityEditor.Android.UserBuildSettings and Unity.Android.Types.DebugSymbolLevel are part of the Unity Android module.
+      // Reflection is used here to ensure the code works even if the module is not installed.
+
+      var debugSymbolsType = Type.GetType("UnityEditor.Android.UserBuildSettings+DebugSymbols, UnityEditor.Android.Extensions");
+      if (debugSymbolsType == null)
+      {
+        return;
+      }
+
+      var levelProp = debugSymbolsType.GetProperty("level", BindingFlags.Static | BindingFlags.Public);
+      if (levelProp == null)
+      {
+        return;
+      }
+
+      var enumType = Type.GetType("Unity.Android.Types.DebugSymbolLevel, Unity.Android.Types");
+      if (enumType == null)
+      {
+        return;
+      }
+
+      if (!Enum.TryParse(enumType, enumValueName, false , out var enumValue))
+      {
+        return;
+      }
+      levelProp.SetValue(null, enumValue);
+    }
+#endif
  }
 }
--- a/dist/default-build-script/Assets/Editor/UnityBuilderAction/Input/ArgumentsParser.cs
+++ b/dist/default-build-script/Assets/Editor/UnityBuilderAction/Input/ArgumentsParser.cs
@@ -21,6 +21,19 @@ namespace UnityBuilderAction.Input
        EditorApplication.Exit(110);
      }

+#if UNITY_6000_0_OR_NEWER
+      var buildProfileSupport = true;
+#else
+      var buildProfileSupport = false;
+#endif // UNITY_6000_0_OR_NEWER
+
+      string buildProfile;
+      if (buildProfileSupport && validatedOptions.TryGetValue("activeBuildProfile", out buildProfile)) {
+        if (validatedOptions.ContainsKey("buildTarget")) {
+          Console.WriteLine("Extra argument -buildTarget");
+          EditorApplication.Exit(122);
+        }
+      } else {
      string buildTarget;
      if (!validatedOptions.TryGetValue("buildTarget", out buildTarget)) {
        Console.WriteLine("Missing argument -buildTarget");
@@ -31,6 +44,7 @@ namespace UnityBuilderAction.Input
        Console.WriteLine(buildTarget + " is not a defined " + typeof(BuildTarget).Name);
        EditorApplication.Exit(121);
      }
+      }

      string customBuildPath;
      if (!validatedOptions.TryGetValue("customBuildPath", out customBuildPath)) {
--- a/dist/index.js
+++ b/dist/index.js
--- a/dist/index.js.map
+++ b/dist/index.js.map
--- a/dist/licenses.txt
+++ b/dist/licenses.txt
--- a/dist/platforms/mac/steps/activate.sh
+++ b/dist/platforms/mac/steps/activate.sh
@@ -4,21 +4,69 @@
 echo "Changing to \"$ACTIVATE_LICENSE_PATH\" directory."
 pushd "$ACTIVATE_LICENSE_PATH"

-echo "Requesting activation"
+if [[ -n "$UNITY_SERIAL" && -n "$UNITY_EMAIL" && -n "$UNITY_PASSWORD" ]]; then
+  #
+  # SERIAL LICENSE MODE
+  #
+  # This will activate unity, using the serial activation process.
+  #

-# Activate license
-/Applications/Unity/Hub/Editor/$UNITY_VERSION/Unity.app/Contents/MacOS/Unity \
-  -logFile - \
-  -batchmode \
-  -nographics \
-  -quit \
-  -serial "$UNITY_SERIAL" \
-  -username "$UNITY_EMAIL" \
-  -password "$UNITY_PASSWORD" \
-  -projectPath "$ACTIVATE_LICENSE_PATH"
+  echo "Requesting activation"

-# Store the exit code from the verify command
-UNITY_EXIT_CODE=$?
+  # Activate license
+  /Applications/Unity/Hub/Editor/$UNITY_VERSION/Unity.app/Contents/MacOS/Unity \
+    -logFile - \
+    -batchmode \
+    -nographics \
+    -quit \
+    -serial "$UNITY_SERIAL" \
+    -username "$UNITY_EMAIL" \
+    -password "$UNITY_PASSWORD" \
+    -projectPath "$ACTIVATE_LICENSE_PATH"
+
+  # Store the exit code from the verify command
+  UNITY_EXIT_CODE=$?
+
+elif [[ -n "$UNITY_LICENSING_SERVER" ]]; then
+  #
+  # Custom Unity License Server
+  #
+  echo "Adding licensing server config"
+  mkdir -p "$UNITY_LICENSE_PATH/config/"
+  cp "$ACTION_FOLDER/unity-config/services-config.json" "$UNITY_LICENSE_PATH/config/services-config.json"
+
+  /Applications/Unity/Hub/Editor/$UNITY_VERSION/Unity.app/Contents/Frameworks/UnityLicensingClient.app/Contents/MacOS/Unity.Licensing.Client \
+    --acquire-floating > license.txt
+
+  # Store the exit code from the verify command
+  UNITY_EXIT_CODE=$?
+
+  if [ $UNITY_EXIT_CODE -eq 0 ]; then
+    PARSEDFILE=$(grep -oE '\"[^"]*\"' < license.txt | tr -d '"')
+    export FLOATING_LICENSE
+    FLOATING_LICENSE=$(sed -n 2p <<< "$PARSEDFILE")
+    FLOATING_LICENSE_TIMEOUT=$(sed -n 4p <<< "$PARSEDFILE")
+
+    echo "Acquired floating license: \"$FLOATING_LICENSE\" with timeout $FLOATING_LICENSE_TIMEOUT"
+  fi
+else
+  #
+  # NO LICENSE ACTIVATION STRATEGY MATCHED
+  #
+  # This will exit since no activation strategies could be matched.
+  #
+  echo "License activation strategy could not be determined."
+  echo ""
+  echo "Visit https://game.ci/docs/github/activation for more"
+  echo "details on how to set up one of the possible activation strategies."
+
+  echo "::error ::No valid license activation strategy could be determined. Make sure to provide UNITY_EMAIL, UNITY_PASSWORD, and either a UNITY_SERIAL \
+or UNITY_LICENSE. Otherwise please use UNITY_LICENSING_SERVER. See more info at https://game.ci/docs/github/activation"
+
+  # Immediately exit as no UNITY_EXIT_CODE can be derived.
+  exit 1;
+
+fi

 #
 # Display information about the result
--- a/dist/platforms/mac/steps/build.sh
+++ b/dist/platforms/mac/steps/build.sh
@@ -149,14 +149,13 @@ echo ""
  $( [ "${MANUAL_EXIT}" == "true" ] || echo "-quit" ) \
  -batchmode \
  $( [ "${ENABLE_GPU}" == "true" ] || echo "-nographics" ) \
-  -username "$UNITY_EMAIL" \
-  -password "$UNITY_PASSWORD" \
  -customBuildName "$BUILD_NAME" \
  -projectPath "$UNITY_PROJECT_PATH" \
-  -buildTarget "$BUILD_TARGET" \
+  $( [ -z "$BUILD_PROFILE" ] && echo "-buildTarget $BUILD_TARGET") \
  -customBuildTarget "$BUILD_TARGET" \
  -customBuildPath "$CUSTOM_BUILD_PATH" \
  -customBuildProfile "$BUILD_PROFILE" \
+  ${BUILD_PROFILE:+-activeBuildProfile} ${BUILD_PROFILE:+"$BUILD_PROFILE"} \
  -executeMethod "$BUILD_METHOD" \
  -buildVersion "$VERSION" \
  -androidVersionCode "$ANDROID_VERSION_CODE" \
--- a/dist/platforms/mac/steps/return_license.sh
+++ b/dist/platforms/mac/steps/return_license.sh
@@ -4,15 +4,29 @@
 echo "Changing to \"$ACTIVATE_LICENSE_PATH\" directory."
 pushd "$ACTIVATE_LICENSE_PATH"

-/Applications/Unity/Hub/Editor/$UNITY_VERSION/Unity.app/Contents/MacOS/Unity \
-  -logFile - \
-  -batchmode \
-  -nographics \
-  -quit \
-  -username "$UNITY_EMAIL" \
-  -password "$UNITY_PASSWORD" \
-  -returnlicense \
-  -projectPath "$ACTIVATE_LICENSE_PATH"
+if [[ -n "$UNITY_LICENSING_SERVER" ]]; then
+  #
+  # Return any floating license used.
+  #
+  echo "Returning floating license: \"$FLOATING_LICENSE\""
+  /Applications/Unity/Hub/Editor/$UNITY_VERSION/Unity.app/Contents/Frameworks/UnityLicensingClient.app/Contents/MacOS/Unity.Licensing.Client \
+    --return-floating "$FLOATING_LICENSE"
+elif [[ -n "$UNITY_SERIAL" ]]; then
+  #
+  # SERIAL LICENSE MODE
+  #
+  # This will return the license that is currently in use.
+  #
+  /Applications/Unity/Hub/Editor/$UNITY_VERSION/Unity.app/Contents/MacOS/Unity \
+    -logFile - \
+    -batchmode \
+    -nographics \
+    -quit \
+    -username "$UNITY_EMAIL" \
+    -password "$UNITY_PASSWORD" \
+    -returnlicense \
+    -projectPath "$ACTIVATE_LICENSE_PATH"
+fi

 # Return to previous working directory
 popd
--- a/dist/platforms/ubuntu/steps/activate.sh
+++ b/dist/platforms/ubuntu/steps/activate.sh
@@ -68,14 +68,18 @@ elif [[ -n "$UNITY_LICENSING_SERVER" ]]; then
  echo "Adding licensing server config"

  /opt/unity/Editor/Data/Resources/Licensing/Client/Unity.Licensing.Client --acquire-floating > license.txt #is this accessible in a env variable?
-  PARSEDFILE=$(grep -oP '\".*?\"' < license.txt | tr -d '"')
-  export FLOATING_LICENSE
-  FLOATING_LICENSE=$(sed -n 2p <<< "$PARSEDFILE")
-  FLOATING_LICENSE_TIMEOUT=$(sed -n 4p <<< "$PARSEDFILE")

-  echo "Acquired floating license: \"$FLOATING_LICENSE\" with timeout $FLOATING_LICENSE_TIMEOUT"
  # Store the exit code from the verify command
  UNITY_EXIT_CODE=$?
+
+  if [ $UNITY_EXIT_CODE -eq 0 ]; then
+    PARSEDFILE=$(grep -oP '\".*?\"' < license.txt | tr -d '"')
+    export FLOATING_LICENSE
+    FLOATING_LICENSE=$(sed -n 2p <<< "$PARSEDFILE")
+    FLOATING_LICENSE_TIMEOUT=$(sed -n 4p <<< "$PARSEDFILE")
+
+    echo "Acquired floating license: \"$FLOATING_LICENSE\" with timeout $FLOATING_LICENSE_TIMEOUT"
+  fi
 else
  #
  # NO LICENSE ACTIVATION STRATEGY MATCHED
--- a/dist/platforms/ubuntu/steps/build.sh
+++ b/dist/platforms/ubuntu/steps/build.sh
@@ -125,10 +125,11 @@ unity-editor \
  $( [ "${MANUAL_EXIT}" == "true" ] || echo "-quit" ) \
  -customBuildName "$BUILD_NAME" \
  -projectPath "$UNITY_PROJECT_PATH" \
-  -buildTarget "$BUILD_TARGET" \
+  $( [ -z "$BUILD_PROFILE" ] && echo "-buildTarget $BUILD_TARGET" ) \
  -customBuildTarget "$BUILD_TARGET" \
  -customBuildPath "$CUSTOM_BUILD_PATH" \
  -customBuildProfile "$BUILD_PROFILE" \
+  ${BUILD_PROFILE:+-activeBuildProfile} ${BUILD_PROFILE:+"$BUILD_PROFILE"} \
  -executeMethod "$BUILD_METHOD" \
  -buildVersion "$VERSION" \
  -androidVersionCode "$ANDROID_VERSION_CODE" \
--- a/dist/platforms/windows/build.ps1
+++ b/dist/platforms/windows/build.ps1
@@ -148,18 +148,24 @@ Write-Output "#    Building project     #"
 Write-Output "###########################"
 Write-Output ""

+$unityGraphics = "-nographics"
+
+if ($LLVMPIPE_INSTALLED -eq "true")
+{
+  $unityGraphics = "-force-opengl"
+}
+
 # If $Env:CUSTOM_PARAMETERS contains spaces and is passed directly on the command line to Unity, powershell will wrap it
 # in double quotes.  To avoid this, parse $Env:CUSTOM_PARAMETERS into an array, while respecting any quotations within the string.
 $_, $customParametersArray = Invoke-Expression('Write-Output -- "" ' + $Env:CUSTOM_PARAMETERS)
 $unityArgs = @(
    "-quit",
    "-batchmode",
-    "-nographics",
+    $unityGraphics,
    "-silent-crashes",
    "-customBuildName", "`"$Env:BUILD_NAME`"",
    "-projectPath", "`"$Env:UNITY_PROJECT_PATH`"",
    "-executeMethod", "`"$Env:BUILD_METHOD`"",
-    "-buildTarget", "`"$Env:BUILD_TARGET`"",
    "-customBuildTarget", "`"$Env:BUILD_TARGET`"",
    "-customBuildPath", "`"$Env:CUSTOM_BUILD_PATH`"",
    "-customBuildProfile", "`"$Env:BUILD_PROFILE`"",
@@ -174,6 +180,13 @@ $unityArgs = @(
    "-logfile", "-"
 ) + $customParametersArray

+if (-not $Env:BUILD_PROFILE) {
+    $unityArgs += @("-buildTarget", "`"$Env:BUILD_TARGET`"")
+}
+if ($Env:BUILD_PROFILE) {
+    $unityArgs += @("-activeBuildProfile", "`"$Env:BUILD_PROFILE`"")
+}
+
 # Remove null items as that will fail the Start-Process call
 $unityArgs = $unityArgs | Where-Object { $_ -ne $null }

--- a/dist/platforms/windows/entrypoint.ps1
+++ b/dist/platforms/windows/entrypoint.ps1
@@ -1,5 +1,13 @@
 Get-Process

+# Copy .upmconfig.toml if it exists
+if (Test-Path "C:\githubhome\.upmconfig.toml") {
+  Write-Host "Copying .upmconfig.toml to $Env:USERPROFILE\.upmconfig.toml"
+  Copy-Item -Path "C:\githubhome\.upmconfig.toml" -Destination "$Env:USERPROFILE\.upmconfig.toml" -Force
+} else {
+  Write-Host "No .upmconfig.toml found at C:\githubhome"
+}
+
 # Import any necessary registry keys, ie: location of windows 10 sdk
 # No guarantee that there will be any necessary registry keys, ie: tvOS
 Get-ChildItem -Path c:\regkeys -File | ForEach-Object { reg import $_.fullname }
@@ -10,9 +18,17 @@ regsvr32 C:\ProgramData\Microsoft\VisualStudio\Setup\x64\Microsoft.VisualStudio.
 # Kill the regsvr process
 Get-Process -Name regsvr32 | ForEach-Object { Stop-Process -Id $_.Id -Force }

+# Install Visual C++ 2013 Redistributables
+. "c:\steps\install_vcredist13.ps1"
+
 # Setup Git Credentials
 . "c:\steps\set_gitcredential.ps1"

+if ($env:ENABLE_GPU -eq "true") {
+  # Install LLVMpipe software graphics driver
+  . "c:\steps\install_llvmpipe.ps1"
+}
+
 # Activate Unity
 if ($env:SKIP_ACTIVATION -ne "true") {
  . "c:\steps\activate.ps1"
--- a/dist/platforms/windows/install_llvmpipe.ps1
+++ b/dist/platforms/windows/install_llvmpipe.ps1
@@ -0,0 +1,56 @@
+$Private:repo = "mmozeiko/build-mesa"
+$Private:downloadPath = "$Env:TEMP\mesa.zip"
+$Private:extractPath = "$Env:TEMP\mesa"
+$Private:destinationPath = "$Env:UNITY_PATH\Editor\"
+$Private:version = "25.1.0"
+
+$LLVMPIPE_INSTALLED = "false"
+
+try {
+    # Get the release info from GitHub API (version fixed to decrease probability of breakage)
+    $releaseUrl = "https://api.github.com/repos/$repo/releases/tags/$version"
+    $release = Invoke-RestMethod -Uri $releaseUrl -Headers @{ "User-Agent" = "PowerShell" }
+
+    # Get the download URL for the zip asset
+    $zipUrl = $release.assets | Where-Object { $_.name -like "mesa-llvmpipe-x64*.zip" } | Select-Object -First 1 -ExpandProperty browser_download_url
+
+    if (-not $zipUrl) {
+        throw "No zip file found in the latest release."
+    }
+
+    # Download the zip file
+    Write-Host "Downloading $zipUrl..."
+    Invoke-WebRequest -Uri $zipUrl -OutFile $downloadPath
+
+    # Create extraction directory if it doesn't exist
+    if (-not (Test-Path $extractPath)) {
+        New-Item -ItemType Directory -Path $extractPath | Out-Null
+    }
+
+    # Extract the zip file
+    Write-Host "Extracting $downloadPath to $extractPath..."
+    Expand-Archive -Path $downloadPath -DestinationPath $extractPath -Force
+
+    # Create destination directory if it doesn't exist
+    if (-not (Test-Path $destinationPath)) {
+        New-Item -ItemType Directory -Path $destinationPath | Out-Null
+    }
+
+    # Copy extracted files to destination
+    Write-Host "Copying files to $destinationPath..."
+    Copy-Item -Path "$extractPath\*" -Destination $destinationPath -Recurse -Force
+
+    Write-Host "Successfully downloaded, extracted, and copied Mesa files to $destinationPath"
+
+    $LLVMPIPE_INSTALLED = "true"
+} catch {
+    Write-Error "An error occurred: $_"
+} finally {
+    # Clean up temporary files
+    if (Test-Path $downloadPath) {
+        Remove-Item $downloadPath -Force
+    }
+    if (Test-Path $extractPath) {
+        Remove-Item $extractPath -Recurse -Force
+    }
+}
--- a/dist/platforms/windows/install_vcredist13.ps1
+++ b/dist/platforms/windows/install_vcredist13.ps1
@@ -0,0 +1,11 @@
+# For some reason, Unity is failing in github actions windows runners
+# due to missing Visual C++ 2013 redistributables.
+# This script downloads and installs the required redistributables.
+Write-Output ""
+Write-Output "#########################################################"
+Write-Output "#     Installing Visual C++ Redistributables (2013)     #"
+Write-Output "#########################################################"
+Write-Output ""
+
+
+choco install vcredist2013 -y --no-progress
--- a/jest.ci.config.js
+++ b/jest.ci.config.js
@@ -0,0 +1,11 @@
+const base = require('./jest.config.js');
+
+module.exports = {
+  ...base,
+  forceExit: true,
+  detectOpenHandles: true,
+  testTimeout: 120000,
+  maxWorkers: 1,
+};
+
+
--- a/jest.config.js
+++ b/jest.config.js
@@ -25,6 +25,6 @@ module.exports = {
  // An array of regexp pattern strings, matched against all module paths before considered 'visible' to the module loader
  modulePathIgnorePatterns: ['<rootDir>/lib/', '<rootDir>/dist/'],

-  // A list of paths to modules that run some code to configure or set up the testing framework before each test
-  setupFilesAfterEnv: ['<rootDir>/src/jest.setup.ts'],
+  // Use jest.setup.js to polyfill fetch for all tests
+  setupFiles: ['<rootDir>/jest.setup.js'],
 };
--- a/jest.setup.js
+++ b/jest.setup.js
@@ -0,0 +1,2 @@
+const fetch = require('node-fetch');
+global.fetch = fetch;
--- a/package.json
+++ b/package.json
@@ -12,17 +12,18 @@
    "lint": "prettier --check \"src/**/*.{js,ts}\" && eslint src/**/*.ts",
    "format": "prettier --write \"src/**/*.{js,ts}\"",
    "cli": "yarn ts-node src/index.ts -m cli",
-    "gcp-secrets-tests": "cross-env providerStrategy=aws cloudRunnerTests=true inputPullCommand=\"gcp-secret-manager\" populateOverride=true pullInputList=UNITY_EMAIL,UNITY_SERIAL,UNITY_PASSWORD yarn test -i -t \"cloud runner\"",
-    "gcp-secrets-cli": "cross-env cloudRunnerTests=true USE_IL2CPP=false inputPullCommand=\"gcp-secret-manager\" yarn ts-node src/index.ts -m cli --populateOverride true --pullInputList UNITY_EMAIL,UNITY_SERIAL,UNITY_PASSWORD",
-    "aws-secrets-cli": "cross-env cloudRunnerTests=true inputPullCommand=\"aws-secret-manager\" yarn ts-node src/index.ts -m cli --populateOverride true --pullInputList UNITY_EMAIL,UNITY_SERIAL,UNITY_PASSWORD",
+    "gcp-secrets-tests": "cross-env providerStrategy=aws orchestratorTests=true inputPullCommand=\"gcp-secret-manager\" populateOverride=true pullInputList=UNITY_EMAIL,UNITY_SERIAL,UNITY_PASSWORD yarn test -i -t \"orchestrator\"",
+    "gcp-secrets-cli": "cross-env orchestratorTests=true USE_IL2CPP=false inputPullCommand=\"gcp-secret-manager\" yarn ts-node src/index.ts -m cli --populateOverride true --pullInputList UNITY_EMAIL,UNITY_SERIAL,UNITY_PASSWORD",
+    "aws-secrets-cli": "cross-env orchestratorTests=true inputPullCommand=\"aws-secret-manager\" yarn ts-node src/index.ts -m cli --populateOverride true --pullInputList UNITY_EMAIL,UNITY_SERIAL,UNITY_PASSWORD",
    "cli-aws": "cross-env providerStrategy=aws yarn run test-cli",
    "cli-k8s": "cross-env providerStrategy=k8s yarn run test-cli",
-    "test-cli": "cross-env cloudRunnerTests=true yarn ts-node src/index.ts -m cli --projectPath test-project",
+    "test-cli": "cross-env orchestratorTests=true yarn ts-node src/index.ts -m cli --projectPath test-project",
    "test": "jest",
-    "test-i": "cross-env cloudRunnerTests=true yarn test -i -t \"cloud runner\"",
+    "test:ci": "jest --config=jest.ci.config.js --runInBand",
+    "test-i": "cross-env orchestratorTests=true yarn test -i -t \"orchestrator\"",
    "test-i-*": "yarn run test-i-aws && yarn run test-i-k8s",
-    "test-i-aws": "cross-env cloudRunnerTests=true providerStrategy=aws yarn test -i -t \"cloud runner\"",
-    "test-i-k8s": "cross-env cloudRunnerTests=true providerStrategy=k8s yarn test -i -t \"cloud runner\""
+    "test-i-aws": "cross-env orchestratorTests=true providerStrategy=aws yarn test -i -t \"orchestrator\"",
+    "test-i-k8s": "cross-env orchestratorTests=true providerStrategy=k8s yarn test -i -t \"orchestrator\""
  },
  "engines": {
    "node": ">=18.x"
@@ -32,6 +33,11 @@
    "@actions/core": "^1.11.1",
    "@actions/exec": "^1.1.1",
    "@actions/github": "^6.0.0",
+    "@aws-sdk/client-cloudformation": "^3.777.0",
+    "@aws-sdk/client-cloudwatch-logs": "^3.777.0",
+    "@aws-sdk/client-ecs": "^3.778.0",
+    "@aws-sdk/client-kinesis": "^3.777.0",
+    "@aws-sdk/client-s3": "^3.779.0",
    "@kubernetes/client-node": "^0.16.3",
    "@octokit/core": "^5.1.0",
    "async-wait-until": "^2.0.12",
@@ -44,8 +50,9 @@
    "nanoid": "^3.3.1",
    "reflect-metadata": "^0.1.13",
    "semver": "^7.5.2",
+    "shell-quote": "^1.8.3",
    "ts-md5": "^1.3.1",
-    "unity-changeset": "^2.0.0",
+    "unity-changeset": "^3.1.0",
    "uuid": "^9.0.0",
    "yaml": "^2.2.2"
  },
@@ -69,6 +76,7 @@
    "jest-fail-on-console": "^3.0.2",
    "js-yaml": "^4.1.0",
    "lefthook": "^1.6.1",
+    "node-fetch": "2",
    "prettier": "^2.5.1",
    "ts-jest": "^27.1.3",
    "ts-node": "10.8.1",
--- a/src/index.ts
+++ b/src/index.ts
@@ -1,5 +1,5 @@
 import * as core from '@actions/core';
-import { Action, BuildParameters, Cache, CloudRunner, Docker, ImageTag, Output } from './model';
+import { Action, BuildParameters, Cache, Orchestrator, Docker, ImageTag, Output } from './model';
 import { Cli } from './model/cli/cli';
 import MacBuilder from './model/mac-builder';
 import PlatformSetup from './model/platform-setup';
@@ -33,7 +33,7 @@ async function runMain() {
              ...buildParameters,
            });
    } else {
-      await CloudRunner.run(buildParameters, baseImage.toString());
+      await Orchestrator.run(buildParameters, baseImage.toString());
      exitCode = 0;
    }

--- a/src/integration/orchestrator-github-checks-integration-test.ts
+++ b/src/integration/orchestrator-github-checks-integration-test.ts
@@ -0,0 +1,29 @@
+// Integration test for exercising real GitHub check creation and updates.
+import Orchestrator from '../model/orchestrator/orchestrator';
+import UnityVersioning from '../model/unity-versioning';
+import GitHub from '../model/github';
+import { TIMEOUT_INFINITE, createParameters } from '../test-utils/orchestrator-test-helpers';
+
+const runIntegration = process.env.RUN_GITHUB_INTEGRATION_TESTS === 'true';
+const describeOrSkip = runIntegration ? describe : describe.skip;
+
+describeOrSkip('Orchestrator Github Checks Integration', () => {
+  it(
+    'creates and updates a real GitHub check',
+    async () => {
+      const buildParameter = await createParameters({
+        versioning: 'None',
+        projectPath: 'test-project',
+        unityVersion: UnityVersioning.read('test-project'),
+        asyncOrchestrator: `true`,
+        githubChecks: `true`,
+      });
+      await Orchestrator.setup(buildParameter);
+      const checkId = await GitHub.createGitHubCheck(`integration create`);
+      expect(checkId).not.toEqual('');
+      await GitHub.updateGitHubCheck(`1 ${new Date().toISOString()}`, `integration`);
+      await GitHub.updateGitHubCheck(`2 ${new Date().toISOString()}`, `integration`, `success`, `completed`);
+    },
+    TIMEOUT_INFINITE,
+  );
+});
--- a/src/jest.globals.ts
+++ b/src/jest.globals.ts
@@ -0,0 +1,3 @@
+import { fetch as undiciFetch, Headers, Request, Response } from 'undici';
+
+Object.assign(globalThis, { fetch: undiciFetch, Headers, Request, Response });
--- a/src/model/build-parameters.ts
+++ b/src/model/build-parameters.ts
@@ -1,7 +1,7 @@
 import { customAlphabet } from 'nanoid';
 import AndroidVersioning from './android-versioning';
-import CloudRunnerConstants from './cloud-runner/options/cloud-runner-constants';
-import CloudRunnerBuildGuid from './cloud-runner/options/cloud-runner-guid';
+import OrchestratorConstants from './orchestrator/options/orchestrator-constants';
+import OrchestratorBuildGuid from './orchestrator/options/orchestrator-guid';
 import Input from './input';
 import Platform from './platform';
 import UnityVersioning from './unity-versioning';
@@ -10,8 +10,8 @@ import { GitRepoReader } from './input-readers/git-repo';
 import { GithubCliReader } from './input-readers/github-cli';
 import { Cli } from './cli/cli';
 import GitHub from './github';
-import CloudRunnerOptions from './cloud-runner/options/cloud-runner-options';
-import CloudRunner from './cloud-runner/cloud-runner';
+import OrchestratorOptions from './orchestrator/options/orchestrator-options';
+import Orchestrator from './orchestrator/orchestrator';
 import * as core from '@actions/core';

 class BuildParameters {
@@ -54,11 +54,21 @@ class BuildParameters {
  public sshAgent!: string;
  public sshPublicKeysDirectoryPath!: string;
  public providerStrategy!: string;
+  public gitAuthMode!: string;
  public gitPrivateToken!: string;
  public awsStackName!: string;
+  public awsEndpoint?: string;
+  public awsCloudFormationEndpoint?: string;
+  public awsEcsEndpoint?: string;
+  public awsKinesisEndpoint?: string;
+  public awsCloudWatchLogsEndpoint?: string;
+  public awsS3Endpoint?: string;
+  public storageProvider!: string;
+  public rcloneRemote!: string;
  public kubeConfig!: string;
  public containerMemory!: string;
  public containerCpu!: string;
+  public containerNamespace!: string;
  public kubeVolumeSize!: string;
  public kubeVolume!: string;
  public kubeStorageClass!: string;
@@ -75,11 +85,13 @@ class BuildParameters {
  public runNumber!: string;
  public branch!: string;
  public githubRepo!: string;
+  public orchestratorRepoName!: string;
+  public cloneDepth!: number;
  public gitSha!: string;
  public logId!: string;
  public buildGuid!: string;
-  public cloudRunnerBranch!: string;
-  public cloudRunnerDebug!: boolean | undefined;
+  public orchestratorBranch!: string;
+  public orchestratorDebug!: boolean | undefined;
  public buildPlatform!: string | undefined;
  public isCliMode!: boolean;
  public maxRetainedWorkspaces!: number;
@@ -97,7 +109,7 @@ class BuildParameters {
  public dockerWorkspacePath!: string;

  public static shouldUseRetainedWorkspaceMode(buildParameters: BuildParameters) {
-    return buildParameters.maxRetainedWorkspaces > 0 && CloudRunner.lockedWorkspace !== ``;
+    return buildParameters.maxRetainedWorkspaces > 0 && Orchestrator.lockedWorkspace !== ``;
  }

  static async create(): Promise<BuildParameters> {
@@ -182,41 +194,53 @@ class BuildParameters {
      dockerIsolationMode: Input.dockerIsolationMode,
      containerRegistryRepository: Input.containerRegistryRepository,
      containerRegistryImageVersion: Input.containerRegistryImageVersion,
-      providerStrategy: CloudRunnerOptions.providerStrategy,
-      buildPlatform: CloudRunnerOptions.buildPlatform,
-      kubeConfig: CloudRunnerOptions.kubeConfig,
-      containerMemory: CloudRunnerOptions.containerMemory,
-      containerCpu: CloudRunnerOptions.containerCpu,
-      kubeVolumeSize: CloudRunnerOptions.kubeVolumeSize,
-      kubeVolume: CloudRunnerOptions.kubeVolume,
-      postBuildContainerHooks: CloudRunnerOptions.postBuildContainerHooks,
-      preBuildContainerHooks: CloudRunnerOptions.preBuildContainerHooks,
-      customJob: CloudRunnerOptions.customJob,
+      providerStrategy: OrchestratorOptions.providerStrategy,
+      gitAuthMode: OrchestratorOptions.gitAuthMode,
+      buildPlatform: OrchestratorOptions.buildPlatform,
+      kubeConfig: OrchestratorOptions.kubeConfig,
+      containerMemory: OrchestratorOptions.containerMemory,
+      containerCpu: OrchestratorOptions.containerCpu,
+      containerNamespace: OrchestratorOptions.containerNamespace,
+      kubeVolumeSize: OrchestratorOptions.kubeVolumeSize,
+      kubeVolume: OrchestratorOptions.kubeVolume,
+      postBuildContainerHooks: OrchestratorOptions.postBuildContainerHooks,
+      preBuildContainerHooks: OrchestratorOptions.preBuildContainerHooks,
+      customJob: OrchestratorOptions.customJob,
      runNumber: Input.runNumber,
      branch: Input.branch.replace('/head', '') || (await GitRepoReader.GetBranch()),
-      cloudRunnerBranch: CloudRunnerOptions.cloudRunnerBranch.split('/').reverse()[0],
-      cloudRunnerDebug: CloudRunnerOptions.cloudRunnerDebug,
-      githubRepo: (Input.githubRepo ?? (await GitRepoReader.GetRemote())) || 'game-ci/unity-builder',
+      orchestratorBranch: OrchestratorOptions.orchestratorBranch.split('/').reverse()[0],
+      orchestratorDebug: OrchestratorOptions.orchestratorDebug,
+      githubRepo: (Input.githubRepo ?? (await GitRepoReader.GetRemote())) || OrchestratorOptions.orchestratorRepoName,
+      orchestratorRepoName: OrchestratorOptions.orchestratorRepoName,
+      cloneDepth: Number.parseInt(OrchestratorOptions.cloneDepth),
      isCliMode: Cli.isCliMode,
-      awsStackName: CloudRunnerOptions.awsStackName,
+      awsStackName: OrchestratorOptions.awsStackName,
+      awsEndpoint: OrchestratorOptions.awsEndpoint,
+      awsCloudFormationEndpoint: OrchestratorOptions.awsCloudFormationEndpoint,
+      awsEcsEndpoint: OrchestratorOptions.awsEcsEndpoint,
+      awsKinesisEndpoint: OrchestratorOptions.awsKinesisEndpoint,
+      awsCloudWatchLogsEndpoint: OrchestratorOptions.awsCloudWatchLogsEndpoint,
+      awsS3Endpoint: OrchestratorOptions.awsS3Endpoint,
+      storageProvider: OrchestratorOptions.storageProvider,
+      rcloneRemote: OrchestratorOptions.rcloneRemote,
      gitSha: Input.gitSha,
-      logId: customAlphabet(CloudRunnerConstants.alphabet, 9)(),
-      buildGuid: CloudRunnerBuildGuid.generateGuid(Input.runNumber, Input.targetPlatform),
-      commandHooks: CloudRunnerOptions.commandHooks,
-      inputPullCommand: CloudRunnerOptions.inputPullCommand,
-      pullInputList: CloudRunnerOptions.pullInputList,
-      kubeStorageClass: CloudRunnerOptions.kubeStorageClass,
-      cacheKey: CloudRunnerOptions.cacheKey,
-      maxRetainedWorkspaces: Number.parseInt(CloudRunnerOptions.maxRetainedWorkspaces),
-      useLargePackages: CloudRunnerOptions.useLargePackages,
-      useCompressionStrategy: CloudRunnerOptions.useCompressionStrategy,
-      garbageMaxAge: CloudRunnerOptions.garbageMaxAge,
-      githubChecks: CloudRunnerOptions.githubChecks,
-      asyncWorkflow: CloudRunnerOptions.asyncCloudRunner,
-      githubCheckId: CloudRunnerOptions.githubCheckId,
-      finalHooks: CloudRunnerOptions.finalHooks,
-      skipLfs: CloudRunnerOptions.skipLfs,
-      skipCache: CloudRunnerOptions.skipCache,
+      logId: customAlphabet(OrchestratorConstants.alphabet, 9)(),
+      buildGuid: OrchestratorBuildGuid.generateGuid(Input.runNumber, Input.targetPlatform),
+      commandHooks: OrchestratorOptions.commandHooks,
+      inputPullCommand: OrchestratorOptions.inputPullCommand,
+      pullInputList: OrchestratorOptions.pullInputList,
+      kubeStorageClass: OrchestratorOptions.kubeStorageClass,
+      cacheKey: OrchestratorOptions.cacheKey,
+      maxRetainedWorkspaces: Number.parseInt(OrchestratorOptions.maxRetainedWorkspaces),
+      useLargePackages: OrchestratorOptions.useLargePackages,
+      useCompressionStrategy: OrchestratorOptions.useCompressionStrategy,
+      garbageMaxAge: OrchestratorOptions.garbageMaxAge,
+      githubChecks: OrchestratorOptions.githubChecks,
+      asyncWorkflow: OrchestratorOptions.asyncOrchestrator,
+      githubCheckId: OrchestratorOptions.githubCheckId,
+      finalHooks: OrchestratorOptions.finalHooks,
+      skipLfs: OrchestratorOptions.skipLfs,
+      skipCache: OrchestratorOptions.skipCache,
      cacheUnityInstallationOnMac: Input.cacheUnityInstallationOnMac,
      unityHubVersionOnMac: Input.unityHubVersionOnMac,
      dockerWorkspacePath: Input.dockerWorkspacePath,
--- a/src/model/cli/cli.ts
+++ b/src/model/cli/cli.ts
@@ -1,14 +1,14 @@
 import { Command } from 'commander-ts';
-import { BuildParameters, CloudRunner, ImageTag, Input } from '..';
+import { BuildParameters, Orchestrator, ImageTag, Input } from '..';
 import * as core from '@actions/core';
 import { ActionYamlReader } from '../input-readers/action-yaml';
-import CloudRunnerLogger from '../cloud-runner/services/core/cloud-runner-logger';
-import CloudRunnerQueryOverride from '../cloud-runner/options/cloud-runner-query-override';
+import OrchestratorLogger from '../orchestrator/services/core/orchestrator-logger';
+import OrchestratorQueryOverride from '../orchestrator/options/orchestrator-query-override';
 import { CliFunction, CliFunctionsRepository } from './cli-functions-repository';
-import { Caching } from '../cloud-runner/remote-client/caching';
-import { LfsHashing } from '../cloud-runner/services/utility/lfs-hashing';
-import { RemoteClient } from '../cloud-runner/remote-client';
-import CloudRunnerOptionsReader from '../cloud-runner/options/cloud-runner-options-reader';
+import { Caching } from '../orchestrator/remote-client/caching';
+import { LfsHashing } from '../orchestrator/services/utility/lfs-hashing';
+import { RemoteClient } from '../orchestrator/remote-client';
+import OrchestratorOptionsReader from '../orchestrator/options/orchestrator-options-reader';
 import GitHub from '../github';
 import { OptionValues } from 'commander';
 import { InputKey } from '../input';
@@ -36,7 +36,7 @@ export class Cli {
    const program = new Command();
    program.version('0.0.1');

-    const properties = CloudRunnerOptionsReader.GetProperties();
+    const properties = OrchestratorOptionsReader.GetProperties();
    const actionYamlReader: ActionYamlReader = new ActionYamlReader();
    for (const element of properties) {
      program.option(`--${element} <${element}>`, actionYamlReader.GetActionYamlValue(element));
@@ -62,23 +62,23 @@ export class Cli {
  static async RunCli(): Promise<void> {
    GitHub.githubInputEnabled = false;
    if (Cli.options!['populateOverride'] === `true`) {
-      await CloudRunnerQueryOverride.PopulateQueryOverrideInput();
+      await OrchestratorQueryOverride.PopulateQueryOverrideInput();
    }
    if (Cli.options!['logInput']) {
      Cli.logInput();
    }
    const results = CliFunctionsRepository.GetCliFunctions(Cli.options?.mode);
-    CloudRunnerLogger.log(`Entrypoint: ${results.key}`);
+    OrchestratorLogger.log(`Entrypoint: ${results.key}`);
    Cli.options!.versioning = 'None';

-    CloudRunner.buildParameters = await BuildParameters.create();
-    CloudRunner.buildParameters.buildGuid = process.env.BUILD_GUID || ``;
-    CloudRunnerLogger.log(`Build Params:
-      ${JSON.stringify(CloudRunner.buildParameters, undefined, 4)}
+    Orchestrator.buildParameters = await BuildParameters.create();
+    Orchestrator.buildParameters.buildGuid = process.env.BUILD_GUID || ``;
+    OrchestratorLogger.log(`Build Params:
+      ${JSON.stringify(Orchestrator.buildParameters, undefined, 4)}
    `);
-    CloudRunner.lockedWorkspace = process.env.LOCKED_WORKSPACE || ``;
-    CloudRunnerLogger.log(`Locked Workspace: ${CloudRunner.lockedWorkspace}`);
-    await CloudRunner.setup(CloudRunner.buildParameters);
+    Orchestrator.lockedWorkspace = process.env.LOCKED_WORKSPACE || ``;
+    OrchestratorLogger.log(`Locked Workspace: ${Orchestrator.lockedWorkspace}`);
+    await Orchestrator.setup(Orchestrator.buildParameters);

    return await results.target[results.propertyKey](Cli.options);
  }
@@ -87,7 +87,7 @@ export class Cli {
  private static logInput() {
    core.info(`\n`);
    core.info(`INPUT:`);
-    const properties = CloudRunnerOptionsReader.GetProperties();
+    const properties = OrchestratorOptionsReader.GetProperties();
    for (const element of properties) {
      if (
        element in Input &&
@@ -104,28 +104,28 @@ export class Cli {
    core.info(`\n`);
  }

-  @CliFunction(`cli-build`, `runs a cloud runner build`)
+  @CliFunction(`cli-build`, `runs a orchestrator build`)
  public static async CLIBuild(): Promise<string> {
    const buildParameter = await BuildParameters.create();
    const baseImage = new ImageTag(buildParameter);

-    return (await CloudRunner.run(buildParameter, baseImage.toString())).BuildResults;
+    return (await Orchestrator.run(buildParameter, baseImage.toString())).BuildResults;
  }

-  @CliFunction(`async-workflow`, `runs a cloud runner build`)
+  @CliFunction(`async-workflow`, `runs a orchestrator build`)
  public static async asyncronousWorkflow(): Promise<string> {
    const buildParameter = await BuildParameters.create();
    const baseImage = new ImageTag(buildParameter);
-    await CloudRunner.setup(buildParameter);
+    await Orchestrator.setup(buildParameter);

-    return (await CloudRunner.run(buildParameter, baseImage.toString())).BuildResults;
+    return (await Orchestrator.run(buildParameter, baseImage.toString())).BuildResults;
  }

-  @CliFunction(`checks-update`, `runs a cloud runner build`)
+  @CliFunction(`checks-update`, `runs a orchestrator build`)
  public static async checksUpdate() {
    const buildParameter = await BuildParameters.create();

-    await CloudRunner.setup(buildParameter);
+    await Orchestrator.setup(buildParameter);
    const input = JSON.parse(process.env.CHECKS_UPDATE || ``);
    core.info(`Checks Update ${process.env.CHECKS_UPDATE}`);
    if (input.mode === `create`) {
@@ -139,18 +139,18 @@ export class Cli {
  public static async GarbageCollect(): Promise<string> {
    const buildParameter = await BuildParameters.create();

-    await CloudRunner.setup(buildParameter);
+    await Orchestrator.setup(buildParameter);

-    return await CloudRunner.Provider.garbageCollect(``, false, 0, false, false);
+    return await Orchestrator.Provider.garbageCollect(``, false, 0, false, false);
  }

  @CliFunction(`list-resources`, `lists active resources`)
  public static async ListResources(): Promise<string[]> {
    const buildParameter = await BuildParameters.create();

-    await CloudRunner.setup(buildParameter);
-    const result = await CloudRunner.Provider.listResources();
-    CloudRunnerLogger.log(JSON.stringify(result, undefined, 4));
+    await Orchestrator.setup(buildParameter);
+    const result = await Orchestrator.Provider.listResources();
+    OrchestratorLogger.log(JSON.stringify(result, undefined, 4));

    return result.map((x) => x.Name);
  }
@@ -159,17 +159,17 @@ export class Cli {
  public static async ListWorfklow(): Promise<string[]> {
    const buildParameter = await BuildParameters.create();

-    await CloudRunner.setup(buildParameter);
+    await Orchestrator.setup(buildParameter);

-    return (await CloudRunner.Provider.listWorkflow()).map((x) => x.Name);
+    return (await Orchestrator.Provider.listWorkflow()).map((x) => x.Name);
  }

  @CliFunction(`watch`, `follows logs of a running workflow`)
  public static async Watch(): Promise<string> {
    const buildParameter = await BuildParameters.create();

-    await CloudRunner.setup(buildParameter);
+    await Orchestrator.setup(buildParameter);

-    return await CloudRunner.Provider.watchWorkflow();
+    return await Orchestrator.Provider.watchWorkflow();
  }
 }
--- a/src/model/cloud-runner/cloud-runner.ts
+++ b/src/model/cloud-runner/cloud-runner.ts
@@ -1,187 +0,0 @@
-import AwsBuildPlatform from './providers/aws';
-import { BuildParameters, Input } from '..';
-import Kubernetes from './providers/k8s';
-import CloudRunnerLogger from './services/core/cloud-runner-logger';
-import { CloudRunnerStepParameters } from './options/cloud-runner-step-parameters';
-import { WorkflowCompositionRoot } from './workflows/workflow-composition-root';
-import { CloudRunnerError } from './error/cloud-runner-error';
-import { TaskParameterSerializer } from './services/core/task-parameter-serializer';
-import * as core from '@actions/core';
-import CloudRunnerSecret from './options/cloud-runner-secret';
-import { ProviderInterface } from './providers/provider-interface';
-import CloudRunnerEnvironmentVariable from './options/cloud-runner-environment-variable';
-import TestCloudRunner from './providers/test';
-import LocalCloudRunner from './providers/local';
-import LocalDockerCloudRunner from './providers/docker';
-import GitHub from '../github';
-import SharedWorkspaceLocking from './services/core/shared-workspace-locking';
-import { FollowLogStreamService } from './services/core/follow-log-stream-service';
-import CloudRunnerResult from './services/core/cloud-runner-result';
-
-class CloudRunner {
-  public static Provider: ProviderInterface;
-  public static buildParameters: BuildParameters;
-  private static defaultSecrets: CloudRunnerSecret[];
-  private static cloudRunnerEnvironmentVariables: CloudRunnerEnvironmentVariable[];
-  static lockedWorkspace: string = ``;
-  public static readonly retainedWorkspacePrefix: string = `retained-workspace`;
-  public static get isCloudRunnerEnvironment() {
-    return process.env[`GITHUB_ACTIONS`] !== `true`;
-  }
-  public static get isCloudRunnerAsyncEnvironment() {
-    return process.env[`ASYNC_WORKFLOW`] === `true`;
-  }
-  public static async setup(buildParameters: BuildParameters) {
-    CloudRunnerLogger.setup();
-    CloudRunnerLogger.log(`Setting up cloud runner`);
-    CloudRunner.buildParameters = buildParameters;
-    if (CloudRunner.buildParameters.githubCheckId === ``) {
-      CloudRunner.buildParameters.githubCheckId = await GitHub.createGitHubCheck(CloudRunner.buildParameters.buildGuid);
-    }
-    CloudRunner.setupSelectedBuildPlatform();
-    CloudRunner.defaultSecrets = TaskParameterSerializer.readDefaultSecrets();
-    CloudRunner.cloudRunnerEnvironmentVariables =
-      TaskParameterSerializer.createCloudRunnerEnvironmentVariables(buildParameters);
-    if (GitHub.githubInputEnabled) {
-      const buildParameterPropertyNames = Object.getOwnPropertyNames(buildParameters);
-      for (const element of CloudRunner.cloudRunnerEnvironmentVariables) {
-        // CloudRunnerLogger.log(`Cloud Runner output ${Input.ToEnvVarFormat(element.name)} = ${element.value}`);
-        core.setOutput(Input.ToEnvVarFormat(element.name), element.value);
-      }
-      for (const element of buildParameterPropertyNames) {
-        // CloudRunnerLogger.log(`Cloud Runner output ${Input.ToEnvVarFormat(element)} = ${buildParameters[element]}`);
-        core.setOutput(Input.ToEnvVarFormat(element), buildParameters[element]);
-      }
-      core.setOutput(
-        Input.ToEnvVarFormat(`buildArtifact`),
-        `build-${CloudRunner.buildParameters.buildGuid}.tar${
-          CloudRunner.buildParameters.useCompressionStrategy ? '.lz4' : ''
-        }`,
-      );
-    }
-    FollowLogStreamService.Reset();
-  }
-
-  private static setupSelectedBuildPlatform() {
-    CloudRunnerLogger.log(`Cloud Runner platform selected ${CloudRunner.buildParameters.providerStrategy}`);
-    switch (CloudRunner.buildParameters.providerStrategy) {
-      case 'k8s':
-        CloudRunner.Provider = new Kubernetes(CloudRunner.buildParameters);
-        break;
-      case 'aws':
-        CloudRunner.Provider = new AwsBuildPlatform(CloudRunner.buildParameters);
-        break;
-      case 'test':
-        CloudRunner.Provider = new TestCloudRunner();
-        break;
-      case 'local-docker':
-        CloudRunner.Provider = new LocalDockerCloudRunner();
-        break;
-      case 'local-system':
-        CloudRunner.Provider = new LocalCloudRunner();
-        break;
-    }
-  }
-
-  static async run(buildParameters: BuildParameters, baseImage: string) {
-    if (baseImage.includes(`undefined`)) {
-      throw new Error(`baseImage is undefined`);
-    }
-    await CloudRunner.setup(buildParameters);
-    await CloudRunner.Provider.setupWorkflow(
-      CloudRunner.buildParameters.buildGuid,
-      CloudRunner.buildParameters,
-      CloudRunner.buildParameters.branch,
-      CloudRunner.defaultSecrets,
-    );
-    try {
-      if (buildParameters.maxRetainedWorkspaces > 0) {
-        CloudRunner.lockedWorkspace = SharedWorkspaceLocking.NewWorkspaceName();
-
-        const result = await SharedWorkspaceLocking.GetLockedWorkspace(
-          CloudRunner.lockedWorkspace,
-          CloudRunner.buildParameters.buildGuid,
-          CloudRunner.buildParameters,
-        );
-
-        if (result) {
-          CloudRunnerLogger.logLine(`Using retained workspace ${CloudRunner.lockedWorkspace}`);
-          CloudRunner.cloudRunnerEnvironmentVariables = [
-            ...CloudRunner.cloudRunnerEnvironmentVariables,
-            { name: `LOCKED_WORKSPACE`, value: CloudRunner.lockedWorkspace },
-          ];
-        } else {
-          CloudRunnerLogger.log(`Max retained workspaces reached ${buildParameters.maxRetainedWorkspaces}`);
-          buildParameters.maxRetainedWorkspaces = 0;
-          CloudRunner.lockedWorkspace = ``;
-        }
-      }
-      await CloudRunner.updateStatusWithBuildParameters();
-      const output = await new WorkflowCompositionRoot().run(
-        new CloudRunnerStepParameters(
-          baseImage,
-          CloudRunner.cloudRunnerEnvironmentVariables,
-          CloudRunner.defaultSecrets,
-        ),
-      );
-      await CloudRunner.Provider.cleanupWorkflow(
-        CloudRunner.buildParameters,
-        CloudRunner.buildParameters.branch,
-        CloudRunner.defaultSecrets,
-      );
-      if (!CloudRunner.buildParameters.isCliMode) core.endGroup();
-      if (buildParameters.asyncWorkflow && this.isCloudRunnerEnvironment && this.isCloudRunnerAsyncEnvironment) {
-        await GitHub.updateGitHubCheck(CloudRunner.buildParameters.buildGuid, `success`, `success`, `completed`);
-      }
-
-      if (BuildParameters.shouldUseRetainedWorkspaceMode(buildParameters)) {
-        const workspace = CloudRunner.lockedWorkspace || ``;
-        await SharedWorkspaceLocking.ReleaseWorkspace(
-          workspace,
-          CloudRunner.buildParameters.buildGuid,
-          CloudRunner.buildParameters,
-        );
-        const isLocked = await SharedWorkspaceLocking.IsWorkspaceLocked(workspace, CloudRunner.buildParameters);
-        if (isLocked) {
-          throw new Error(
-            `still locked after releasing ${await SharedWorkspaceLocking.GetAllLocksForWorkspace(
-              workspace,
-              buildParameters,
-            )}`,
-          );
-        }
-        CloudRunner.lockedWorkspace = ``;
-      }
-
-      await GitHub.triggerWorkflowOnComplete(CloudRunner.buildParameters.finalHooks);
-
-      if (buildParameters.constantGarbageCollection) {
-        CloudRunner.Provider.garbageCollect(``, true, buildParameters.garbageMaxAge, true, true);
-      }
-
-      return new CloudRunnerResult(buildParameters, output, true, true, false);
-    } catch (error: any) {
-      CloudRunnerLogger.log(JSON.stringify(error, undefined, 4));
-      await GitHub.updateGitHubCheck(
-        CloudRunner.buildParameters.buildGuid,
-        `Failed - Error ${error?.message || error}`,
-        `failure`,
-        `completed`,
-      );
-      if (!CloudRunner.buildParameters.isCliMode) core.endGroup();
-      await CloudRunnerError.handleException(error, CloudRunner.buildParameters, CloudRunner.defaultSecrets);
-      throw error;
-    }
-  }
-
-  private static async updateStatusWithBuildParameters() {
-    const content = { ...CloudRunner.buildParameters };
-    content.gitPrivateToken = ``;
-    content.unitySerial = ``;
-    content.unityEmail = ``;
-    content.unityPassword = ``;
-    const jsonContent = JSON.stringify(content, undefined, 4);
-    await GitHub.updateGitHubCheck(jsonContent, CloudRunner.buildParameters.buildGuid);
-  }
-}
-export default CloudRunner;
--- a/src/model/cloud-runner/error/cloud-runner-error.ts
+++ b/src/model/cloud-runner/error/cloud-runner-error.ts
@@ -1,15 +0,0 @@
-import CloudRunnerLogger from '../services/core/cloud-runner-logger';
-import * as core from '@actions/core';
-import CloudRunner from '../cloud-runner';
-import CloudRunnerSecret from '../options/cloud-runner-secret';
-import BuildParameters from '../../build-parameters';
-
-export class CloudRunnerError {
-  public static async handleException(error: unknown, buildParameters: BuildParameters, secrets: CloudRunnerSecret[]) {
-    CloudRunnerLogger.error(JSON.stringify(error, undefined, 4));
-    core.setFailed('Cloud Runner failed');
-    if (CloudRunner.Provider !== undefined) {
-      await CloudRunner.Provider.cleanupWorkflow(buildParameters, buildParameters.branch, secrets);
-    }
-  }
-}
--- a/src/model/cloud-runner/options/cloud-runner-constants.ts
+++ b/src/model/cloud-runner/options/cloud-runner-constants.ts
@@ -1,4 +0,0 @@
-class CloudRunnerConstants {
-  static alphabet = '0123456789abcdefghijklmnopqrstuvwxyz';
-}
-export default CloudRunnerConstants;
--- a/src/model/cloud-runner/options/cloud-runner-environment-variable.ts
+++ b/src/model/cloud-runner/options/cloud-runner-environment-variable.ts
@@ -1,5 +0,0 @@
-class CloudRunnerEnvironmentVariable {
-  public name!: string;
-  public value!: string;
-}
-export default CloudRunnerEnvironmentVariable;
--- a/src/model/cloud-runner/options/cloud-runner-folders.ts
+++ b/src/model/cloud-runner/options/cloud-runner-folders.ts
@@ -1,90 +0,0 @@
-import path from 'node:path';
-import CloudRunnerOptions from './cloud-runner-options';
-import CloudRunner from '../cloud-runner';
-import BuildParameters from '../../build-parameters';
-
-export class CloudRunnerFolders {
-  public static readonly repositoryFolder = 'repo';
-
-  public static ToLinuxFolder(folder: string) {
-    return folder.replace(/\\/g, `/`);
-  }
-
-  // Only the following paths that do not start a path.join with another "Full" suffixed property need to start with an absolute /
-
-  public static get uniqueCloudRunnerJobFolderAbsolute(): string {
-    return CloudRunner.buildParameters && BuildParameters.shouldUseRetainedWorkspaceMode(CloudRunner.buildParameters)
-      ? path.join(`/`, CloudRunnerFolders.buildVolumeFolder, CloudRunner.lockedWorkspace)
-      : path.join(`/`, CloudRunnerFolders.buildVolumeFolder, CloudRunner.buildParameters.buildGuid);
-  }
-
-  public static get cacheFolderForAllFull(): string {
-    return path.join('/', CloudRunnerFolders.buildVolumeFolder, CloudRunnerFolders.cacheFolder);
-  }
-
-  public static get cacheFolderForCacheKeyFull(): string {
-    return path.join(
-      '/',
-      CloudRunnerFolders.buildVolumeFolder,
-      CloudRunnerFolders.cacheFolder,
-      CloudRunner.buildParameters.cacheKey,
-    );
-  }
-
-  public static get builderPathAbsolute(): string {
-    return path.join(
-      CloudRunnerOptions.useSharedBuilder
-        ? `/${CloudRunnerFolders.buildVolumeFolder}`
-        : CloudRunnerFolders.uniqueCloudRunnerJobFolderAbsolute,
-      `builder`,
-    );
-  }
-
-  public static get repoPathAbsolute(): string {
-    return path.join(CloudRunnerFolders.uniqueCloudRunnerJobFolderAbsolute, CloudRunnerFolders.repositoryFolder);
-  }
-
-  public static get projectPathAbsolute(): string {
-    return path.join(CloudRunnerFolders.repoPathAbsolute, CloudRunner.buildParameters.projectPath);
-  }
-
-  public static get libraryFolderAbsolute(): string {
-    return path.join(CloudRunnerFolders.projectPathAbsolute, `Library`);
-  }
-
-  public static get projectBuildFolderAbsolute(): string {
-    return path.join(CloudRunnerFolders.repoPathAbsolute, CloudRunner.buildParameters.buildPath);
-  }
-
-  public static get lfsFolderAbsolute(): string {
-    return path.join(CloudRunnerFolders.repoPathAbsolute, `.git`, `lfs`);
-  }
-
-  public static get purgeRemoteCaching(): boolean {
-    return process.env.PURGE_REMOTE_BUILDER_CACHE !== undefined;
-  }
-
-  public static get lfsCacheFolderFull() {
-    return path.join(CloudRunnerFolders.cacheFolderForCacheKeyFull, `lfs`);
-  }
-
-  public static get libraryCacheFolderFull() {
-    return path.join(CloudRunnerFolders.cacheFolderForCacheKeyFull, `Library`);
-  }
-
-  public static get unityBuilderRepoUrl(): string {
-    return `https://${CloudRunner.buildParameters.gitPrivateToken}@github.com/game-ci/unity-builder.git`;
-  }
-
-  public static get targetBuildRepoUrl(): string {
-    return `https://${CloudRunner.buildParameters.gitPrivateToken}@github.com/${CloudRunner.buildParameters.githubRepo}.git`;
-  }
-
-  public static get buildVolumeFolder() {
-    return 'data';
-  }
-
-  public static get cacheFolder() {
-    return 'cache';
-  }
-}
--- a/src/model/cloud-runner/options/cloud-runner-options-reader.ts
+++ b/src/model/cloud-runner/options/cloud-runner-options-reader.ts
@@ -1,10 +0,0 @@
-import Input from '../../input';
-import CloudRunnerOptions from './cloud-runner-options';
-
-class CloudRunnerOptionsReader {
-  static GetProperties() {
-    return [...Object.getOwnPropertyNames(Input), ...Object.getOwnPropertyNames(CloudRunnerOptions)];
-  }
-}
-
-export default CloudRunnerOptionsReader;
--- a/src/model/cloud-runner/options/cloud-runner-options.ts
+++ b/src/model/cloud-runner/options/cloud-runner-options.ts
@@ -1,283 +0,0 @@
-import { Cli } from '../../cli/cli';
-import CloudRunnerQueryOverride from './cloud-runner-query-override';
-import GitHub from '../../github';
-import * as core from '@actions/core';
-
-class CloudRunnerOptions {
-  // ### ### ###
-  // Input Handling
-  // ### ### ###
-  public static getInput(query: string): string | undefined {
-    if (GitHub.githubInputEnabled) {
-      const coreInput = core.getInput(query);
-      if (coreInput && coreInput !== '') {
-        return coreInput;
-      }
-    }
-    const alternativeQuery = CloudRunnerOptions.ToEnvVarFormat(query);
-
-    // Query input sources
-    if (Cli.query(query, alternativeQuery)) {
-      return Cli.query(query, alternativeQuery);
-    }
-
-    if (CloudRunnerQueryOverride.query(query, alternativeQuery)) {
-      return CloudRunnerQueryOverride.query(query, alternativeQuery);
-    }
-
-    if (process.env[query] !== undefined) {
-      return process.env[query];
-    }
-
-    if (alternativeQuery !== query && process.env[alternativeQuery] !== undefined) {
-      return process.env[alternativeQuery];
-    }
-  }
-
-  public static ToEnvVarFormat(input: string): string {
-    if (input.toUpperCase() === input) {
-      return input;
-    }
-
-    return input
-      .replace(/([A-Z])/g, ' $1')
-      .trim()
-      .toUpperCase()
-      .replace(/ /g, '_');
-  }
-
-  // ### ### ###
-  // Provider parameters
-  // ### ### ###
-
-  static get region(): string {
-    return CloudRunnerOptions.getInput('region') || 'eu-west-2';
-  }
-
-  // ### ### ###
-  // GitHub  parameters
-  // ### ### ###
-  static get githubChecks(): boolean {
-    const value = CloudRunnerOptions.getInput('githubChecks');
-
-    return value === `true` || false;
-  }
-  static get githubCheckId(): string {
-    return CloudRunnerOptions.getInput('githubCheckId') || ``;
-  }
-
-  static get githubOwner(): string {
-    return CloudRunnerOptions.getInput('githubOwner') || CloudRunnerOptions.githubRepo?.split(`/`)[0] || '';
-  }
-
-  static get githubRepoName(): string {
-    return CloudRunnerOptions.getInput('githubRepoName') || CloudRunnerOptions.githubRepo?.split(`/`)[1] || '';
-  }
-
-  static get finalHooks(): string[] {
-    return CloudRunnerOptions.getInput('finalHooks')?.split(',') || [];
-  }
-
-  // ### ### ###
-  // Git syncronization parameters
-  // ### ### ###
-
-  static get githubRepo(): string | undefined {
-    return CloudRunnerOptions.getInput('GITHUB_REPOSITORY') || CloudRunnerOptions.getInput('GITHUB_REPO') || undefined;
-  }
-  static get branch(): string {
-    if (CloudRunnerOptions.getInput(`GITHUB_REF`)) {
-      return (
-        CloudRunnerOptions.getInput(`GITHUB_REF`)?.replace('refs/', '').replace(`head/`, '').replace(`heads/`, '') || ``
-      );
-    } else if (CloudRunnerOptions.getInput('branch')) {
-      return CloudRunnerOptions.getInput('branch') || ``;
-    } else {
-      return '';
-    }
-  }
-
-  // ### ### ###
-  // Cloud Runner parameters
-  // ### ### ###
-
-  static get buildPlatform(): string {
-    const input = CloudRunnerOptions.getInput('buildPlatform');
-    if (input && input !== '') {
-      return input;
-    }
-    if (CloudRunnerOptions.providerStrategy !== 'local') {
-      return 'linux';
-    }
-
-    return process.platform;
-  }
-
-  static get cloudRunnerBranch(): string {
-    return CloudRunnerOptions.getInput('cloudRunnerBranch') || 'main';
-  }
-
-  static get providerStrategy(): string {
-    const provider =
-      CloudRunnerOptions.getInput('cloudRunnerCluster') || CloudRunnerOptions.getInput('providerStrategy');
-    if (Cli.isCliMode) {
-      return provider || 'aws';
-    }
-
-    return provider || 'local';
-  }
-
-  static get containerCpu(): string {
-    return CloudRunnerOptions.getInput('containerCpu') || `1024`;
-  }
-
-  static get containerMemory(): string {
-    return CloudRunnerOptions.getInput('containerMemory') || `3072`;
-  }
-
-  static get customJob(): string {
-    return CloudRunnerOptions.getInput('customJob') || '';
-  }
-
-  // ### ### ###
-  // Custom commands from files parameters
-  // ### ### ###
-
-  static get containerHookFiles(): string[] {
-    return CloudRunnerOptions.getInput('containerHookFiles')?.split(`,`) || [];
-  }
-
-  static get commandHookFiles(): string[] {
-    return CloudRunnerOptions.getInput('commandHookFiles')?.split(`,`) || [];
-  }
-
-  // ### ### ###
-  // Custom commands from yaml parameters
-  // ### ### ###
-
-  static get commandHooks(): string {
-    return CloudRunnerOptions.getInput('commandHooks') || '';
-  }
-
-  static get postBuildContainerHooks(): string {
-    return CloudRunnerOptions.getInput('postBuildContainerHooks') || '';
-  }
-
-  static get preBuildContainerHooks(): string {
-    return CloudRunnerOptions.getInput('preBuildContainerHooks') || '';
-  }
-
-  // ### ### ###
-  // Input override handling
-  // ### ### ###
-
-  static get pullInputList(): string[] {
-    return CloudRunnerOptions.getInput('pullInputList')?.split(`,`) || [];
-  }
-
-  static get inputPullCommand(): string {
-    const value = CloudRunnerOptions.getInput('inputPullCommand');
-
-    if (value === 'gcp-secret-manager') {
-      return 'gcloud secrets versions access 1 --secret="{0}"';
-    } else if (value === 'aws-secret-manager') {
-      return 'aws secretsmanager get-secret-value --secret-id {0}';
-    }
-
-    return value || '';
-  }
-
-  // ### ### ###
-  // Aws
-  // ### ### ###
-
-  static get awsStackName() {
-    return CloudRunnerOptions.getInput('awsStackName') || 'game-ci';
-  }
-
-  // ### ### ###
-  // K8s
-  // ### ### ###
-
-  static get kubeConfig(): string {
-    return CloudRunnerOptions.getInput('kubeConfig') || '';
-  }
-
-  static get kubeVolume(): string {
-    return CloudRunnerOptions.getInput('kubeVolume') || '';
-  }
-
-  static get kubeVolumeSize(): string {
-    return CloudRunnerOptions.getInput('kubeVolumeSize') || '25Gi';
-  }
-
-  static get kubeStorageClass(): string {
-    return CloudRunnerOptions.getInput('kubeStorageClass') || '';
-  }
-
-  // ### ### ###
-  // Caching
-  // ### ### ###
-
-  static get cacheKey(): string {
-    return CloudRunnerOptions.getInput('cacheKey') || CloudRunnerOptions.branch;
-  }
-
-  // ### ### ###
-  // Utility Parameters
-  // ### ### ###
-
-  static get cloudRunnerDebug(): boolean {
-    return (
-      CloudRunnerOptions.getInput(`cloudRunnerTests`) === `true` ||
-      CloudRunnerOptions.getInput(`cloudRunnerDebug`) === `true` ||
-      CloudRunnerOptions.getInput(`cloudRunnerDebugTree`) === `true` ||
-      CloudRunnerOptions.getInput(`cloudRunnerDebugEnv`) === `true` ||
-      false
-    );
-  }
-  static get skipLfs(): boolean {
-    return CloudRunnerOptions.getInput(`skipLfs`) === `true`;
-  }
-  static get skipCache(): boolean {
-    return CloudRunnerOptions.getInput(`skipCache`) === `true`;
-  }
-
-  public static get asyncCloudRunner(): boolean {
-    return CloudRunnerOptions.getInput('asyncCloudRunner') === 'true';
-  }
-
-  public static get useLargePackages(): boolean {
-    return CloudRunnerOptions.getInput(`useLargePackages`) === `true`;
-  }
-
-  public static get useSharedBuilder(): boolean {
-    return CloudRunnerOptions.getInput(`useSharedBuilder`) === `true`;
-  }
-
-  public static get useCompressionStrategy(): boolean {
-    return CloudRunnerOptions.getInput(`useCompressionStrategy`) === `true`;
-  }
-
-  public static get useCleanupCron(): boolean {
-    return (CloudRunnerOptions.getInput(`useCleanupCron`) || 'true') === 'true';
-  }
-
-  // ### ### ###
-  // Retained Workspace
-  // ### ### ###
-
-  public static get maxRetainedWorkspaces(): string {
-    return CloudRunnerOptions.getInput(`maxRetainedWorkspaces`) || `0`;
-  }
-
-  // ### ### ###
-  // Garbage Collection
-  // ### ### ###
-
-  static get garbageMaxAge(): number {
-    return Number(CloudRunnerOptions.getInput(`garbageMaxAge`)) || 24;
-  }
-}
-
-export default CloudRunnerOptions;
--- a/src/model/cloud-runner/options/cloud-runner-query-override.ts
+++ b/src/model/cloud-runner/options/cloud-runner-query-override.ts
@@ -1,67 +0,0 @@
-import Input from '../../input';
-import { GenericInputReader } from '../../input-readers/generic-input-reader';
-import CloudRunnerOptions from './cloud-runner-options';
-
-const formatFunction = (value: string, arguments_: any[]) => {
-  for (const element of arguments_) {
-    value = value.replace(`{${element.key}}`, element.value);
-  }
-
-  return value;
-};
-
-class CloudRunnerQueryOverride {
-  static queryOverrides: { [key: string]: string } | undefined;
-
-  // TODO accept premade secret sources or custom secret source definition yamls
-
-  public static query(key: string, alternativeKey: string) {
-    if (CloudRunnerQueryOverride.queryOverrides && CloudRunnerQueryOverride.queryOverrides[key] !== undefined) {
-      return CloudRunnerQueryOverride.queryOverrides[key];
-    }
-    if (
-      CloudRunnerQueryOverride.queryOverrides &&
-      alternativeKey &&
-      CloudRunnerQueryOverride.queryOverrides[alternativeKey] !== undefined
-    ) {
-      return CloudRunnerQueryOverride.queryOverrides[alternativeKey];
-    }
-
-    return;
-  }
-
-  private static shouldUseOverride(query: string) {
-    if (CloudRunnerOptions.inputPullCommand !== '') {
-      if (CloudRunnerOptions.pullInputList.length > 0) {
-        const doesInclude =
-          CloudRunnerOptions.pullInputList.includes(query) ||
-          CloudRunnerOptions.pullInputList.includes(Input.ToEnvVarFormat(query));
-
-        return doesInclude ? true : false;
-      } else {
-        return true;
-      }
-    }
-  }
-
-  private static async queryOverride(query: string) {
-    if (!this.shouldUseOverride(query)) {
-      throw new Error(`Should not be trying to run override query on ${query}`);
-    }
-
-    return await GenericInputReader.Run(
-      formatFunction(CloudRunnerOptions.inputPullCommand, [{ key: 0, value: query }]),
-    );
-  }
-
-  public static async PopulateQueryOverrideInput() {
-    const queries = CloudRunnerOptions.pullInputList;
-    CloudRunnerQueryOverride.queryOverrides = {};
-    for (const element of queries) {
-      if (CloudRunnerQueryOverride.shouldUseOverride(element)) {
-        CloudRunnerQueryOverride.queryOverrides[element] = await CloudRunnerQueryOverride.queryOverride(element);
-      }
-    }
-  }
-}
-export default CloudRunnerQueryOverride;
--- a/src/model/cloud-runner/options/cloud-runner-statics.ts
+++ b/src/model/cloud-runner/options/cloud-runner-statics.ts
@@ -1,3 +0,0 @@
-export class CloudRunnerStatics {
-  public static readonly logPrefix = `Cloud-Runner`;
-}
--- a/src/model/cloud-runner/options/cloud-runner-step-parameters.ts
+++ b/src/model/cloud-runner/options/cloud-runner-step-parameters.ts
@@ -1,13 +0,0 @@
-import CloudRunnerEnvironmentVariable from './cloud-runner-environment-variable';
-import CloudRunnerSecret from './cloud-runner-secret';
-
-export class CloudRunnerStepParameters {
-  public image: string;
-  public environment: CloudRunnerEnvironmentVariable[];
-  public secrets: CloudRunnerSecret[];
-  constructor(image: string, environmentVariables: CloudRunnerEnvironmentVariable[], secrets: CloudRunnerSecret[]) {
-    this.image = image;
-    this.environment = environmentVariables;
-    this.secrets = secrets;
-  }
-}
--- a/src/model/cloud-runner/providers/aws/aws-base-stack.ts
+++ b/src/model/cloud-runner/providers/aws/aws-base-stack.ts
@@ -1,105 +0,0 @@
-import CloudRunnerLogger from '../../services/core/cloud-runner-logger';
-import * as core from '@actions/core';
-import * as SDK from 'aws-sdk';
-import { BaseStackFormation } from './cloud-formations/base-stack-formation';
-import crypto from 'node:crypto';
-
-export class AWSBaseStack {
-  constructor(baseStackName: string) {
-    this.baseStackName = baseStackName;
-  }
-  private baseStackName: string;
-
-  async setupBaseStack(CF: SDK.CloudFormation) {
-    const baseStackName = this.baseStackName;
-
-    const baseStack = BaseStackFormation.formation;
-
-    // Cloud Formation Input
-    const describeStackInput: SDK.CloudFormation.DescribeStacksInput = {
-      StackName: baseStackName,
-    };
-    const parametersWithoutHash: SDK.CloudFormation.Parameter[] = [
-      { ParameterKey: 'EnvironmentName', ParameterValue: baseStackName },
-    ];
-    const parametersHash = crypto
-      .createHash('md5')
-      .update(baseStack + JSON.stringify(parametersWithoutHash))
-      .digest('hex');
-    const parameters: SDK.CloudFormation.Parameter[] = [
-      ...parametersWithoutHash,
-      ...[{ ParameterKey: 'Version', ParameterValue: parametersHash }],
-    ];
-    const updateInput: SDK.CloudFormation.UpdateStackInput = {
-      StackName: baseStackName,
-      TemplateBody: baseStack,
-      Parameters: parameters,
-      Capabilities: ['CAPABILITY_IAM'],
-    };
-    const createStackInput: SDK.CloudFormation.CreateStackInput = {
-      StackName: baseStackName,
-      TemplateBody: baseStack,
-      Parameters: parameters,
-      Capabilities: ['CAPABILITY_IAM'],
-    };
-
-    const stacks = await CF.listStacks({
-      StackStatusFilter: ['UPDATE_COMPLETE', 'CREATE_COMPLETE', 'ROLLBACK_COMPLETE'],
-    }).promise();
-    const stackNames = stacks.StackSummaries?.map((x) => x.StackName) || [];
-    const stackExists: Boolean = stackNames.includes(baseStackName) || false;
-    const describeStack = async () => {
-      return await CF.describeStacks(describeStackInput).promise();
-    };
-    try {
-      if (!stackExists) {
-        CloudRunnerLogger.log(`${baseStackName} stack does not exist (${JSON.stringify(stackNames)})`);
-        await CF.createStack(createStackInput).promise();
-        CloudRunnerLogger.log(`created stack (version: ${parametersHash})`);
-      }
-      const CFState = await describeStack();
-      let stack = CFState.Stacks?.[0];
-      if (!stack) {
-        throw new Error(`Base stack doesn't exist, even after creation, stackExists check: ${stackExists}`);
-      }
-      const stackVersion = stack.Parameters?.find((x) => x.ParameterKey === 'Version')?.ParameterValue;
-
-      if (stack.StackStatus === 'CREATE_IN_PROGRESS') {
-        await CF.waitFor('stackCreateComplete', describeStackInput).promise();
-      }
-
-      if (stackExists) {
-        CloudRunnerLogger.log(`Base stack exists (version: ${stackVersion}, local version: ${parametersHash})`);
-        if (parametersHash !== stackVersion) {
-          CloudRunnerLogger.log(`Attempting update of base stack`);
-          try {
-            await CF.updateStack(updateInput).promise();
-          } catch (error: any) {
-            if (error['message'].includes('No updates are to be performed')) {
-              CloudRunnerLogger.log(`No updates are to be performed`);
-            } else {
-              CloudRunnerLogger.log(`Update Failed (Stack name: ${baseStackName})`);
-              CloudRunnerLogger.log(error['message']);
-            }
-            CloudRunnerLogger.log(`Continuing...`);
-          }
-        } else {
-          CloudRunnerLogger.log(`No update required`);
-        }
-        stack = (await describeStack()).Stacks?.[0];
-        if (!stack) {
-          throw new Error(
-            `Base stack doesn't exist, even after updating and creation, stackExists check: ${stackExists}`,
-          );
-        }
-        if (stack.StackStatus === 'UPDATE_IN_PROGRESS') {
-          await CF.waitFor('stackUpdateComplete', describeStackInput).promise();
-        }
-      }
-      CloudRunnerLogger.log('base stack is now ready');
-    } catch (error) {
-      core.error(JSON.stringify(await describeStack(), undefined, 4));
-      throw error;
-    }
-  }
-}
--- a/src/model/cloud-runner/providers/aws/aws-error.ts
+++ b/src/model/cloud-runner/providers/aws/aws-error.ts
@@ -1,16 +0,0 @@
-import CloudRunnerLogger from '../../services/core/cloud-runner-logger';
-import * as SDK from 'aws-sdk';
-import * as core from '@actions/core';
-import CloudRunner from '../../cloud-runner';
-
-export class AWSError {
-  static async handleStackCreationFailure(error: any, CF: SDK.CloudFormation, taskDefStackName: string) {
-    CloudRunnerLogger.log('aws error: ');
-    core.error(JSON.stringify(error, undefined, 4));
-    if (CloudRunner.buildParameters.cloudRunnerDebug) {
-      CloudRunnerLogger.log('Getting events and resources for task stack');
-      const events = (await CF.describeStackEvents({ StackName: taskDefStackName }).promise()).StackEvents;
-      CloudRunnerLogger.log(JSON.stringify(events, undefined, 4));
-    }
-  }
-}
--- a/src/model/cloud-runner/providers/aws/aws-task-runner.ts
+++ b/src/model/cloud-runner/providers/aws/aws-task-runner.ts
@@ -1,250 +0,0 @@
-import * as AWS from 'aws-sdk';
-import CloudRunnerEnvironmentVariable from '../../options/cloud-runner-environment-variable';
-import * as core from '@actions/core';
-import CloudRunnerAWSTaskDef from './cloud-runner-aws-task-def';
-import * as zlib from 'node:zlib';
-import CloudRunnerLogger from '../../services/core/cloud-runner-logger';
-import { Input } from '../../..';
-import CloudRunner from '../../cloud-runner';
-import { CommandHookService } from '../../services/hooks/command-hook-service';
-import { FollowLogStreamService } from '../../services/core/follow-log-stream-service';
-import CloudRunnerOptions from '../../options/cloud-runner-options';
-import GitHub from '../../../github';
-
-class AWSTaskRunner {
-  public static ECS: AWS.ECS;
-  public static Kinesis: AWS.Kinesis;
-  private static readonly encodedUnderscore = `$252F`;
-  static async runTask(
-    taskDef: CloudRunnerAWSTaskDef,
-    environment: CloudRunnerEnvironmentVariable[],
-    commands: string,
-  ): Promise<{ output: string; shouldCleanup: boolean }> {
-    const cluster = taskDef.baseResources?.find((x) => x.LogicalResourceId === 'ECSCluster')?.PhysicalResourceId || '';
-    const taskDefinition =
-      taskDef.taskDefResources?.find((x) => x.LogicalResourceId === 'TaskDefinition')?.PhysicalResourceId || '';
-    const SubnetOne =
-      taskDef.baseResources?.find((x) => x.LogicalResourceId === 'PublicSubnetOne')?.PhysicalResourceId || '';
-    const SubnetTwo =
-      taskDef.baseResources?.find((x) => x.LogicalResourceId === 'PublicSubnetTwo')?.PhysicalResourceId || '';
-    const ContainerSecurityGroup =
-      taskDef.baseResources?.find((x) => x.LogicalResourceId === 'ContainerSecurityGroup')?.PhysicalResourceId || '';
-    const streamName =
-      taskDef.taskDefResources?.find((x) => x.LogicalResourceId === 'KinesisStream')?.PhysicalResourceId || '';
-
-    const runParameters = {
-      cluster,
-      taskDefinition,
-      platformVersion: '1.4.0',
-      overrides: {
-        containerOverrides: [
-          {
-            name: taskDef.taskDefStackName,
-            environment,
-            command: ['-c', CommandHookService.ApplyHooksToCommands(commands, CloudRunner.buildParameters)],
-          },
-        ],
-      },
-      launchType: 'FARGATE',
-      networkConfiguration: {
-        awsvpcConfiguration: {
-          subnets: [SubnetOne, SubnetTwo],
-          assignPublicIp: 'ENABLED',
-          securityGroups: [ContainerSecurityGroup],
-        },
-      },
-    };
-
-    if (JSON.stringify(runParameters.overrides.containerOverrides).length > 8192) {
-      CloudRunnerLogger.log(JSON.stringify(runParameters.overrides.containerOverrides, undefined, 4));
-      throw new Error(`Container Overrides length must be at most 8192`);
-    }
-
-    const task = await AWSTaskRunner.ECS.runTask(runParameters).promise();
-    const taskArn = task.tasks?.[0].taskArn || '';
-    CloudRunnerLogger.log('Cloud runner job is starting');
-    await AWSTaskRunner.waitUntilTaskRunning(taskArn, cluster);
-    CloudRunnerLogger.log(
-      `Cloud runner job status is running ${(await AWSTaskRunner.describeTasks(cluster, taskArn))?.lastStatus} Async:${
-        CloudRunnerOptions.asyncCloudRunner
-      }`,
-    );
-    if (CloudRunnerOptions.asyncCloudRunner) {
-      const shouldCleanup: boolean = false;
-      const output: string = '';
-      CloudRunnerLogger.log(`Watch Cloud Runner To End: false`);
-
-      return { output, shouldCleanup };
-    }
-
-    CloudRunnerLogger.log(`Streaming...`);
-    const { output, shouldCleanup } = await this.streamLogsUntilTaskStops(cluster, taskArn, streamName);
-    let exitCode;
-    let containerState;
-    let taskData;
-    while (exitCode === undefined) {
-      await new Promise((resolve) => resolve(10000));
-      taskData = await AWSTaskRunner.describeTasks(cluster, taskArn);
-      containerState = taskData.containers?.[0];
-      exitCode = containerState?.exitCode;
-    }
-    CloudRunnerLogger.log(`Container State: ${JSON.stringify(containerState, undefined, 4)}`);
-    if (exitCode === undefined) {
-      CloudRunnerLogger.logWarning(`Undefined exitcode for container`);
-    }
-    const wasSuccessful = exitCode === 0;
-    if (wasSuccessful) {
-      CloudRunnerLogger.log(`Cloud runner job has finished successfully`);
-
-      return { output, shouldCleanup };
-    }
-
-    if (taskData?.stoppedReason === 'Essential container in task exited' && exitCode === 1) {
-      throw new Error('Container exited with code 1');
-    }
-
-    throw new Error(`Task failed`);
-  }
-
-  private static async waitUntilTaskRunning(taskArn: string, cluster: string) {
-    try {
-      await AWSTaskRunner.ECS.waitFor('tasksRunning', { tasks: [taskArn], cluster }).promise();
-    } catch (error_) {
-      const error = error_ as Error;
-      await new Promise((resolve) => setTimeout(resolve, 3000));
-      CloudRunnerLogger.log(
-        `Cloud runner job has ended ${
-          (await AWSTaskRunner.describeTasks(cluster, taskArn)).containers?.[0].lastStatus
-        }`,
-      );
-
-      core.setFailed(error);
-      core.error(error);
-    }
-  }
-
-  static async describeTasks(clusterName: string, taskArn: string) {
-    const tasks = await AWSTaskRunner.ECS.describeTasks({
-      cluster: clusterName,
-      tasks: [taskArn],
-    }).promise();
-    if (tasks.tasks?.[0]) {
-      return tasks.tasks?.[0];
-    } else {
-      throw new Error('No task found');
-    }
-  }
-
-  static async streamLogsUntilTaskStops(clusterName: string, taskArn: string, kinesisStreamName: string) {
-    await new Promise((resolve) => setTimeout(resolve, 3000));
-    CloudRunnerLogger.log(`Streaming...`);
-    const stream = await AWSTaskRunner.getLogStream(kinesisStreamName);
-    let iterator = await AWSTaskRunner.getLogIterator(stream);
-
-    const logBaseUrl = `https://${Input.region}.console.aws.amazon.com/cloudwatch/home?region=${Input.region}#logsV2:log-groups/log-group/${CloudRunner.buildParameters.awsStackName}${AWSTaskRunner.encodedUnderscore}${CloudRunner.buildParameters.awsStackName}-${CloudRunner.buildParameters.buildGuid}`;
-    CloudRunnerLogger.log(`You view the log stream on AWS Cloud Watch: ${logBaseUrl}`);
-    await GitHub.updateGitHubCheck(`You view the log stream on AWS Cloud Watch:  ${logBaseUrl}`, ``);
-    let shouldReadLogs = true;
-    let shouldCleanup = true;
-    let timestamp: number = 0;
-    let output = '';
-    while (shouldReadLogs) {
-      await new Promise((resolve) => setTimeout(resolve, 1500));
-      const taskData = await AWSTaskRunner.describeTasks(clusterName, taskArn);
-      ({ timestamp, shouldReadLogs } = AWSTaskRunner.checkStreamingShouldContinue(taskData, timestamp, shouldReadLogs));
-      ({ iterator, shouldReadLogs, output, shouldCleanup } = await AWSTaskRunner.handleLogStreamIteration(
-        iterator,
-        shouldReadLogs,
-        output,
-        shouldCleanup,
-      ));
-    }
-
-    return { output, shouldCleanup };
-  }
-
-  private static async handleLogStreamIteration(
-    iterator: string,
-    shouldReadLogs: boolean,
-    output: string,
-    shouldCleanup: boolean,
-  ) {
-    const records = await AWSTaskRunner.Kinesis.getRecords({
-      ShardIterator: iterator,
-    }).promise();
-    iterator = records.NextShardIterator || '';
-    ({ shouldReadLogs, output, shouldCleanup } = AWSTaskRunner.logRecords(
-      records,
-      iterator,
-      shouldReadLogs,
-      output,
-      shouldCleanup,
-    ));
-
-    return { iterator, shouldReadLogs, output, shouldCleanup };
-  }
-
-  private static checkStreamingShouldContinue(taskData: AWS.ECS.Task, timestamp: number, shouldReadLogs: boolean) {
-    if (taskData?.lastStatus === 'UNKNOWN') {
-      CloudRunnerLogger.log('## Cloud runner job unknwon');
-    }
-    if (taskData?.lastStatus !== 'RUNNING') {
-      if (timestamp === 0) {
-        CloudRunnerLogger.log('## Cloud runner job stopped, streaming end of logs');
-        timestamp = Date.now();
-      }
-      if (timestamp !== 0 && Date.now() - timestamp > 30000) {
-        CloudRunnerLogger.log('## Cloud runner status is not RUNNING for 30 seconds, last query for logs');
-        shouldReadLogs = false;
-      }
-      CloudRunnerLogger.log(`## Status of job: ${taskData.lastStatus}`);
-    }
-
-    return { timestamp, shouldReadLogs };
-  }
-
-  private static logRecords(
-    records: AWS.Kinesis.GetRecordsOutput,
-    iterator: string,
-    shouldReadLogs: boolean,
-    output: string,
-    shouldCleanup: boolean,
-  ) {
-    if (records.Records.length > 0 && iterator) {
-      for (const record of records.Records) {
-        const json = JSON.parse(zlib.gunzipSync(Buffer.from(record.Data as string, 'base64')).toString('utf8'));
-        if (json.messageType === 'DATA_MESSAGE') {
-          for (const logEvent of json.logEvents) {
-            ({ shouldReadLogs, shouldCleanup, output } = FollowLogStreamService.handleIteration(
-              logEvent.message,
-              shouldReadLogs,
-              shouldCleanup,
-              output,
-            ));
-          }
-        }
-      }
-    }
-
-    return { shouldReadLogs, output, shouldCleanup };
-  }
-
-  private static async getLogStream(kinesisStreamName: string) {
-    return await AWSTaskRunner.Kinesis.describeStream({
-      StreamName: kinesisStreamName,
-    }).promise();
-  }
-
-  private static async getLogIterator(stream: AWS.Kinesis.DescribeStreamOutput) {
-    return (
-      (
-        await AWSTaskRunner.Kinesis.getShardIterator({
-          ShardIteratorType: 'TRIM_HORIZON',
-          StreamName: stream.StreamDescription.StreamName,
-          ShardId: stream.StreamDescription.Shards[0].ShardId,
-        }).promise()
-      ).ShardIterator || ''
-    );
-  }
-}
-export default AWSTaskRunner;
--- a/src/model/cloud-runner/providers/aws/cloud-runner-aws-task-def.ts
+++ b/src/model/cloud-runner/providers/aws/cloud-runner-aws-task-def.ts
@@ -1,9 +0,0 @@
-import * as AWS from 'aws-sdk';
-
-class CloudRunnerAWSTaskDef {
-  public taskDefStackName!: string;
-  public taskDefCloudFormation!: string;
-  public taskDefResources: AWS.CloudFormation.StackResources | undefined;
-  public baseResources: AWS.CloudFormation.StackResources | undefined;
-}
-export default CloudRunnerAWSTaskDef;
--- a/src/model/cloud-runner/providers/aws/services/task-service.ts
+++ b/src/model/cloud-runner/providers/aws/services/task-service.ts
@@ -1,170 +0,0 @@
-import AWS from 'aws-sdk';
-import Input from '../../../../input';
-import CloudRunnerLogger from '../../../services/core/cloud-runner-logger';
-import { BaseStackFormation } from '../cloud-formations/base-stack-formation';
-import AwsTaskRunner from '../aws-task-runner';
-import { ListObjectsRequest } from 'aws-sdk/clients/s3';
-import CloudRunner from '../../../cloud-runner';
-import { StackSummaries } from 'aws-sdk/clients/cloudformation';
-import { LogGroups } from 'aws-sdk/clients/cloudwatchlogs';
-
-export class TaskService {
-  static async watch() {
-    // eslint-disable-next-line no-unused-vars
-    const { output, shouldCleanup } = await AwsTaskRunner.streamLogsUntilTaskStops(
-      process.env.cluster || ``,
-      process.env.taskArn || ``,
-      process.env.streamName || ``,
-    );
-
-    return output;
-  }
-  public static async getCloudFormationJobStacks() {
-    const result: StackSummaries = [];
-    CloudRunnerLogger.log(``);
-    CloudRunnerLogger.log(`List Cloud Formation Stacks`);
-    process.env.AWS_REGION = Input.region;
-    const CF = new AWS.CloudFormation();
-    const stacks =
-      (await CF.listStacks().promise()).StackSummaries?.filter(
-        (_x) =>
-          _x.StackStatus !== 'DELETE_COMPLETE' && _x.TemplateDescription !== BaseStackFormation.baseStackDecription,
-      ) || [];
-    CloudRunnerLogger.log(``);
-    CloudRunnerLogger.log(`Cloud Formation Stacks ${stacks.length}`);
-    for (const element of stacks) {
-      const ageDate: Date = new Date(Date.now() - element.CreationTime.getTime());
-
-      CloudRunnerLogger.log(
-        `Task Stack ${element.StackName} - Age D${Math.floor(
-          ageDate.getHours() / 24,
-        )} H${ageDate.getHours()} M${ageDate.getMinutes()}`,
-      );
-      result.push(element);
-    }
-    const baseStacks =
-      (await CF.listStacks().promise()).StackSummaries?.filter(
-        (_x) =>
-          _x.StackStatus !== 'DELETE_COMPLETE' && _x.TemplateDescription === BaseStackFormation.baseStackDecription,
-      ) || [];
-    CloudRunnerLogger.log(``);
-    CloudRunnerLogger.log(`Base Stacks ${baseStacks.length}`);
-    for (const element of baseStacks) {
-      const ageDate: Date = new Date(Date.now() - element.CreationTime.getTime());
-
-      CloudRunnerLogger.log(
-        `Task Stack ${element.StackName} - Age D${Math.floor(
-          ageDate.getHours() / 24,
-        )} H${ageDate.getHours()} M${ageDate.getMinutes()}`,
-      );
-      result.push(element);
-    }
-    CloudRunnerLogger.log(``);
-
-    return result;
-  }
-  public static async getTasks() {
-    const result: { taskElement: AWS.ECS.Task; element: string }[] = [];
-    CloudRunnerLogger.log(``);
-    CloudRunnerLogger.log(`List Tasks`);
-    process.env.AWS_REGION = Input.region;
-    const ecs = new AWS.ECS();
-    const clusters = (await ecs.listClusters().promise()).clusterArns || [];
-    CloudRunnerLogger.log(`Task Clusters ${clusters.length}`);
-    for (const element of clusters) {
-      const input: AWS.ECS.ListTasksRequest = {
-        cluster: element,
-      };
-
-      const list = (await ecs.listTasks(input).promise()).taskArns || [];
-      if (list.length > 0) {
-        const describeInput: AWS.ECS.DescribeTasksRequest = { tasks: list, cluster: element };
-        const describeList = (await ecs.describeTasks(describeInput).promise()).tasks || [];
-        if (describeList.length === 0) {
-          CloudRunnerLogger.log(`No Tasks`);
-          continue;
-        }
-        CloudRunnerLogger.log(`Tasks ${describeList.length}`);
-        for (const taskElement of describeList) {
-          if (taskElement === undefined) {
-            continue;
-          }
-          taskElement.overrides = {};
-          taskElement.attachments = [];
-          if (taskElement.createdAt === undefined) {
-            CloudRunnerLogger.log(`Skipping ${taskElement.taskDefinitionArn} no createdAt date`);
-            continue;
-          }
-          result.push({ taskElement, element });
-        }
-      }
-    }
-    CloudRunnerLogger.log(``);
-
-    return result;
-  }
-  public static async awsDescribeJob(job: string) {
-    process.env.AWS_REGION = Input.region;
-    const CF = new AWS.CloudFormation();
-    const stack = (await CF.listStacks().promise()).StackSummaries?.find((_x) => _x.StackName === job) || undefined;
-    const stackInfo = (await CF.describeStackResources({ StackName: job }).promise()) || undefined;
-    const stackInfo2 = (await CF.describeStacks({ StackName: job }).promise()) || undefined;
-    if (stack === undefined) {
-      throw new Error('stack not defined');
-    }
-    const ageDate: Date = new Date(Date.now() - stack.CreationTime.getTime());
-    const message = `
-    Task Stack ${stack.StackName}
-    Age D${Math.floor(ageDate.getHours() / 24)} H${ageDate.getHours()} M${ageDate.getMinutes()}
-    ${JSON.stringify(stack, undefined, 4)}
-    ${JSON.stringify(stackInfo, undefined, 4)}
-    ${JSON.stringify(stackInfo2, undefined, 4)}
-    `;
-    CloudRunnerLogger.log(message);
-
-    return message;
-  }
-  public static async getLogGroups() {
-    const result: LogGroups = [];
-    process.env.AWS_REGION = Input.region;
-    const ecs = new AWS.CloudWatchLogs();
-    let logStreamInput: AWS.CloudWatchLogs.DescribeLogGroupsRequest = {
-      /* logGroupNamePrefix: 'game-ci' */
-    };
-    let logGroupsDescribe = await ecs.describeLogGroups(logStreamInput).promise();
-    const logGroups = logGroupsDescribe.logGroups || [];
-    while (logGroupsDescribe.nextToken) {
-      logStreamInput = { /* logGroupNamePrefix: 'game-ci',*/ nextToken: logGroupsDescribe.nextToken };
-      logGroupsDescribe = await ecs.describeLogGroups(logStreamInput).promise();
-      logGroups.push(...(logGroupsDescribe?.logGroups || []));
-    }
-
-    CloudRunnerLogger.log(`Log Groups ${logGroups.length}`);
-    for (const element of logGroups) {
-      if (element.creationTime === undefined) {
-        CloudRunnerLogger.log(`Skipping ${element.logGroupName} no createdAt date`);
-        continue;
-      }
-      const ageDate: Date = new Date(Date.now() - element.creationTime);
-
-      CloudRunnerLogger.log(
-        `Task Stack ${element.logGroupName} - Age D${Math.floor(
-          ageDate.getHours() / 24,
-        )} H${ageDate.getHours()} M${ageDate.getMinutes()}`,
-      );
-      result.push(element);
-    }
-
-    return result;
-  }
-  public static async getLocks() {
-    process.env.AWS_REGION = Input.region;
-    const s3 = new AWS.S3();
-    const listRequest: ListObjectsRequest = {
-      Bucket: CloudRunner.buildParameters.awsStackName,
-    };
-    const results = await s3.listObjects(listRequest).promise();
-
-    return results.Contents || [];
-  }
-}
--- a/src/model/cloud-runner/providers/k8s/kubernetes-job-spec-factory.ts
+++ b/src/model/cloud-runner/providers/k8s/kubernetes-job-spec-factory.ts
@@ -1,127 +0,0 @@
-import { V1EnvVar, V1EnvVarSource, V1SecretKeySelector } from '@kubernetes/client-node';
-import BuildParameters from '../../../build-parameters';
-import { CommandHookService } from '../../services/hooks/command-hook-service';
-import CloudRunnerEnvironmentVariable from '../../options/cloud-runner-environment-variable';
-import CloudRunnerSecret from '../../options/cloud-runner-secret';
-import CloudRunner from '../../cloud-runner';
-
-class KubernetesJobSpecFactory {
-  static getJobSpec(
-    command: string,
-    image: string,
-    mountdir: string,
-    workingDirectory: string,
-    environment: CloudRunnerEnvironmentVariable[],
-    secrets: CloudRunnerSecret[],
-    buildGuid: string,
-    buildParameters: BuildParameters,
-    secretName: string,
-    pvcName: string,
-    jobName: string,
-    k8s: any,
-    containerName: string,
-    ip: string = '',
-  ) {
-    const job = new k8s.V1Job();
-    job.apiVersion = 'batch/v1';
-    job.kind = 'Job';
-    job.metadata = {
-      name: jobName,
-      labels: {
-        app: 'unity-builder',
-        buildGuid,
-      },
-    };
-    job.spec = {
-      ttlSecondsAfterFinished: 9999,
-      backoffLimit: 0,
-      template: {
-        spec: {
-          volumes: [
-            {
-              name: 'build-mount',
-              persistentVolumeClaim: {
-                claimName: pvcName,
-              },
-            },
-          ],
-          containers: [
-            {
-              ttlSecondsAfterFinished: 9999,
-              name: containerName,
-              image,
-              command: ['/bin/sh'],
-              args: [
-                '-c',
-                `${CommandHookService.ApplyHooksToCommands(`${command}\nsleep 2m`, CloudRunner.buildParameters)}`,
-              ],
-
-              workingDir: `${workingDirectory}`,
-              resources: {
-                requests: {
-                  memory: `${Number.parseInt(buildParameters.containerMemory) / 1024}G` || '750M',
-                  cpu: Number.parseInt(buildParameters.containerCpu) / 1024 || '1',
-                },
-              },
-              env: [
-                ...environment.map((x) => {
-                  const environmentVariable = new V1EnvVar();
-                  environmentVariable.name = x.name;
-                  environmentVariable.value = x.value;
-
-                  return environmentVariable;
-                }),
-                ...secrets.map((x) => {
-                  const secret = new V1EnvVarSource();
-                  secret.secretKeyRef = new V1SecretKeySelector();
-                  secret.secretKeyRef.key = x.ParameterKey;
-                  secret.secretKeyRef.name = secretName;
-                  const environmentVariable = new V1EnvVar();
-                  environmentVariable.name = x.EnvironmentVariable;
-                  environmentVariable.valueFrom = secret;
-
-                  return environmentVariable;
-                }),
-                { name: 'LOG_SERVICE_IP', value: ip },
-              ],
-              volumeMounts: [
-                {
-                  name: 'build-mount',
-                  mountPath: `${mountdir}`,
-                },
-              ],
-              lifecycle: {
-                preStop: {
-                  exec: {
-                    command: [
-                      `wait 60s;
-                      cd /data/builder/action/steps;
-                      chmod +x /return_license.sh;
-                      /return_license.sh;`,
-                    ],
-                  },
-                },
-              },
-            },
-          ],
-          restartPolicy: 'Never',
-        },
-      },
-    };
-
-    if (process.env['CLOUD_RUNNER_MINIKUBE']) {
-      job.spec.template.spec.volumes[0] = {
-        name: 'build-mount',
-        hostPath: {
-          path: `/data`,
-          type: `Directory`,
-        },
-      };
-    }
-
-    job.spec.template.spec.containers[0].resources.requests[`ephemeral-storage`] = '10Gi';
-
-    return job;
-  }
-}
-export default KubernetesJobSpecFactory;
--- a/src/model/cloud-runner/providers/k8s/kubernetes-pods.ts
+++ b/src/model/cloud-runner/providers/k8s/kubernetes-pods.ts
@@ -1,23 +0,0 @@
-import CloudRunnerLogger from '../../services/core/cloud-runner-logger';
-import { CoreV1Api } from '@kubernetes/client-node';
-class KubernetesPods {
-  public static async IsPodRunning(podName: string, namespace: string, kubeClient: CoreV1Api) {
-    const pods = (await kubeClient.listNamespacedPod(namespace)).body.items.filter((x) => podName === x.metadata?.name);
-    const running = pods.length > 0 && (pods[0].status?.phase === `Running` || pods[0].status?.phase === `Pending`);
-    const phase = pods[0]?.status?.phase || 'undefined status';
-    CloudRunnerLogger.log(`Getting pod status: ${phase}`);
-    if (phase === `Failed`) {
-      throw new Error(`K8s pod failed`);
-    }
-
-    return running;
-  }
-  public static async GetPodStatus(podName: string, namespace: string, kubeClient: CoreV1Api) {
-    const pods = (await kubeClient.listNamespacedPod(namespace)).body.items.find((x) => podName === x.metadata?.name);
-    const phase = pods?.status?.phase || 'undefined status';
-
-    return phase;
-  }
-}
-
-export default KubernetesPods;
--- a/src/model/cloud-runner/providers/k8s/kubernetes-storage.ts
+++ b/src/model/cloud-runner/providers/k8s/kubernetes-storage.ts
@@ -1,116 +0,0 @@
-import { waitUntil } from 'async-wait-until';
-import * as core from '@actions/core';
-import * as k8s from '@kubernetes/client-node';
-import BuildParameters from '../../../build-parameters';
-import CloudRunnerLogger from '../../services/core/cloud-runner-logger';
-import { IncomingMessage } from 'node:http';
-import GitHub from '../../../github';
-
-class KubernetesStorage {
-  public static async createPersistentVolumeClaim(
-    buildParameters: BuildParameters,
-    pvcName: string,
-    kubeClient: k8s.CoreV1Api,
-    namespace: string,
-  ) {
-    if (buildParameters.kubeVolume !== ``) {
-      CloudRunnerLogger.log(`Kube Volume was input was set ${buildParameters.kubeVolume} overriding ${pvcName}`);
-      pvcName = buildParameters.kubeVolume;
-
-      return;
-    }
-    const allPvc = (await kubeClient.listNamespacedPersistentVolumeClaim(namespace)).body.items;
-    const pvcList = allPvc.map((x) => x.metadata?.name);
-    CloudRunnerLogger.log(`Current PVCs in namespace ${namespace}`);
-    CloudRunnerLogger.log(JSON.stringify(pvcList, undefined, 4));
-    if (pvcList.includes(pvcName)) {
-      CloudRunnerLogger.log(`pvc ${pvcName} already exists`);
-      if (GitHub.githubInputEnabled) {
-        core.setOutput('volume', pvcName);
-      }
-
-      return;
-    }
-    CloudRunnerLogger.log(`Creating PVC ${pvcName} (does not exist)`);
-    const result = await KubernetesStorage.createPVC(pvcName, buildParameters, kubeClient, namespace);
-    await KubernetesStorage.handleResult(result, kubeClient, namespace, pvcName);
-  }
-
-  public static async getPVCPhase(kubeClient: k8s.CoreV1Api, name: string, namespace: string) {
-    try {
-      return (await kubeClient.readNamespacedPersistentVolumeClaim(name, namespace)).body.status?.phase;
-    } catch (error) {
-      core.error('Failed to get PVC phase');
-      core.error(JSON.stringify(error, undefined, 4));
-      throw error;
-    }
-  }
-
-  public static async watchUntilPVCNotPending(kubeClient: k8s.CoreV1Api, name: string, namespace: string) {
-    try {
-      CloudRunnerLogger.log(`watch Until PVC Not Pending ${name} ${namespace}`);
-      CloudRunnerLogger.log(`${await this.getPVCPhase(kubeClient, name, namespace)}`);
-      await waitUntil(
-        async () => {
-          return (await this.getPVCPhase(kubeClient, name, namespace)) === 'Pending';
-        },
-        {
-          timeout: 750000,
-          intervalBetweenAttempts: 15000,
-        },
-      );
-    } catch (error: any) {
-      core.error('Failed to watch PVC');
-      core.error(error.toString());
-      core.error(
-        `PVC Body: ${JSON.stringify(
-          (await kubeClient.readNamespacedPersistentVolumeClaim(name, namespace)).body,
-          undefined,
-          4,
-        )}`,
-      );
-      throw error;
-    }
-  }
-
-  private static async createPVC(
-    pvcName: string,
-    buildParameters: BuildParameters,
-    kubeClient: k8s.CoreV1Api,
-    namespace: string,
-  ) {
-    const pvc = new k8s.V1PersistentVolumeClaim();
-    pvc.apiVersion = 'v1';
-    pvc.kind = 'PersistentVolumeClaim';
-    pvc.metadata = {
-      name: pvcName,
-    };
-    pvc.spec = {
-      accessModes: ['ReadWriteOnce'],
-      storageClassName: buildParameters.kubeStorageClass === '' ? 'standard' : buildParameters.kubeStorageClass,
-      resources: {
-        requests: {
-          storage: buildParameters.kubeVolumeSize,
-        },
-      },
-    };
-    const result = await kubeClient.createNamespacedPersistentVolumeClaim(namespace, pvc);
-
-    return result;
-  }
-
-  private static async handleResult(
-    result: { response: IncomingMessage; body: k8s.V1PersistentVolumeClaim },
-    kubeClient: k8s.CoreV1Api,
-    namespace: string,
-    pvcName: string,
-  ) {
-    const name = result.body.metadata?.name || '';
-    CloudRunnerLogger.log(`PVC ${name} created`);
-    await this.watchUntilPVCNotPending(kubeClient, name, namespace);
-    CloudRunnerLogger.log(`PVC ${name} is ready and not pending`);
-    core.setOutput('volume', pvcName);
-  }
-}
-
-export default KubernetesStorage;
--- a/src/model/cloud-runner/providers/k8s/kubernetes-task-runner.ts
+++ b/src/model/cloud-runner/providers/k8s/kubernetes-task-runner.ts
@@ -1,119 +0,0 @@
-import { CoreV1Api, KubeConfig } from '@kubernetes/client-node';
-import CloudRunnerLogger from '../../services/core/cloud-runner-logger';
-import { waitUntil } from 'async-wait-until';
-import { CloudRunnerSystem } from '../../services/core/cloud-runner-system';
-import CloudRunner from '../../cloud-runner';
-import KubernetesPods from './kubernetes-pods';
-import { FollowLogStreamService } from '../../services/core/follow-log-stream-service';
-
-class KubernetesTaskRunner {
-  static readonly maxRetry: number = 3;
-  static lastReceivedMessage: string = ``;
-
-  static async runTask(
-    kubeConfig: KubeConfig,
-    kubeClient: CoreV1Api,
-    jobName: string,
-    podName: string,
-    containerName: string,
-    namespace: string,
-  ) {
-    let output = '';
-    let shouldReadLogs = true;
-    let shouldCleanup = true;
-    let retriesAfterFinish = 0;
-    // eslint-disable-next-line no-constant-condition
-    while (true) {
-      await new Promise((resolve) => setTimeout(resolve, 3000));
-      CloudRunnerLogger.log(
-        `Streaming logs from pod: ${podName} container: ${containerName} namespace: ${namespace} ${CloudRunner.buildParameters.kubeVolumeSize}/${CloudRunner.buildParameters.containerCpu}/${CloudRunner.buildParameters.containerMemory}`,
-      );
-      let extraFlags = ``;
-      extraFlags += (await KubernetesPods.IsPodRunning(podName, namespace, kubeClient))
-        ? ` -f -c ${containerName}`
-        : ` --previous`;
-
-      const callback = (outputChunk: string) => {
-        output += outputChunk;
-
-        // split output chunk and handle per line
-        for (const chunk of outputChunk.split(`\n`)) {
-          ({ shouldReadLogs, shouldCleanup, output } = FollowLogStreamService.handleIteration(
-            chunk,
-            shouldReadLogs,
-            shouldCleanup,
-            output,
-          ));
-        }
-      };
-      try {
-        await CloudRunnerSystem.Run(`kubectl logs ${podName}${extraFlags}`, false, true, callback);
-      } catch (error: any) {
-        await new Promise((resolve) => setTimeout(resolve, 3000));
-        const continueStreaming = await KubernetesPods.IsPodRunning(podName, namespace, kubeClient);
-        CloudRunnerLogger.log(`K8s logging error ${error} ${continueStreaming}`);
-        if (continueStreaming) {
-          continue;
-        }
-        if (retriesAfterFinish < KubernetesTaskRunner.maxRetry) {
-          retriesAfterFinish++;
-
-          continue;
-        }
-        throw error;
-      }
-      if (FollowLogStreamService.DidReceiveEndOfTransmission) {
-        CloudRunnerLogger.log('end of log stream');
-        break;
-      }
-    }
-
-    return output;
-  }
-
-  static async watchUntilPodRunning(kubeClient: CoreV1Api, podName: string, namespace: string) {
-    let waitComplete: boolean = false;
-    let message = ``;
-    CloudRunnerLogger.log(`Watching ${podName} ${namespace}`);
-    await waitUntil(
-      async () => {
-        const status = await kubeClient.readNamespacedPodStatus(podName, namespace);
-        const phase = status?.body.status?.phase;
-        waitComplete = phase !== 'Pending';
-        message = `Phase:${status.body.status?.phase} \n Reason:${
-          status.body.status?.conditions?.[0].reason || ''
-        } \n Message:${status.body.status?.conditions?.[0].message || ''}`;
-
-        // CloudRunnerLogger.log(
-        //   JSON.stringify(
-        //     (await kubeClient.listNamespacedEvent(namespace)).body.items
-        //       .map((x) => {
-        //         return {
-        //           message: x.message || ``,
-        //           name: x.metadata.name || ``,
-        //           reason: x.reason || ``,
-        //         };
-        //       })
-        //       .filter((x) => x.name.includes(podName)),
-        //     undefined,
-        //     4,
-        //   ),
-        // );
-        if (waitComplete || phase !== 'Pending') return true;
-
-        return false;
-      },
-      {
-        timeout: 2000000,
-        intervalBetweenAttempts: 15000,
-      },
-    );
-    if (!waitComplete) {
-      CloudRunnerLogger.log(message);
-    }
-
-    return waitComplete;
-  }
-}
-
-export default KubernetesTaskRunner;
--- a/src/model/cloud-runner/remote-client/caching.ts
+++ b/src/model/cloud-runner/remote-client/caching.ts
@@ -1,181 +0,0 @@
-import { assert } from 'node:console';
-import fs from 'node:fs';
-import path from 'node:path';
-import CloudRunner from '../cloud-runner';
-import CloudRunnerLogger from '../services/core/cloud-runner-logger';
-import { CloudRunnerFolders } from '../options/cloud-runner-folders';
-import { CloudRunnerSystem } from '../services/core/cloud-runner-system';
-import { LfsHashing } from '../services/utility/lfs-hashing';
-import { RemoteClientLogger } from './remote-client-logger';
-import { Cli } from '../../cli/cli';
-import { CliFunction } from '../../cli/cli-functions-repository';
-// eslint-disable-next-line github/no-then
-const fileExists = async (fpath: fs.PathLike) => !!(await fs.promises.stat(fpath).catch(() => false));
-
-export class Caching {
-  @CliFunction(`cache-push`, `push to cache`)
-  static async cachePush() {
-    try {
-      const buildParameter = JSON.parse(process.env.BUILD_PARAMETERS || '{}');
-      CloudRunner.buildParameters = buildParameter;
-      await Caching.PushToCache(
-        Cli.options!['cachePushTo'],
-        Cli.options!['cachePushFrom'],
-        Cli.options!['artifactName'] || '',
-      );
-    } catch (error: any) {
-      CloudRunnerLogger.log(`${error}`);
-    }
-  }
-
-  @CliFunction(`cache-pull`, `pull from cache`)
-  static async cachePull() {
-    try {
-      const buildParameter = JSON.parse(process.env.BUILD_PARAMETERS || '{}');
-      CloudRunner.buildParameters = buildParameter;
-      await Caching.PullFromCache(
-        Cli.options!['cachePushFrom'],
-        Cli.options!['cachePushTo'],
-        Cli.options!['artifactName'] || '',
-      );
-    } catch (error: any) {
-      CloudRunnerLogger.log(`${error}`);
-    }
-  }
-
-  public static async PushToCache(cacheFolder: string, sourceFolder: string, cacheArtifactName: string) {
-    CloudRunnerLogger.log(`Pushing to cache ${sourceFolder}`);
-    cacheArtifactName = cacheArtifactName.replace(' ', '');
-    const startPath = process.cwd();
-    let compressionSuffix = '';
-    if (CloudRunner.buildParameters.useCompressionStrategy === true) {
-      compressionSuffix = `.lz4`;
-    }
-    CloudRunnerLogger.log(`Compression: ${CloudRunner.buildParameters.useCompressionStrategy} ${compressionSuffix}`);
-    try {
-      if (!(await fileExists(cacheFolder))) {
-        await CloudRunnerSystem.Run(`mkdir -p ${cacheFolder}`);
-      }
-      process.chdir(path.resolve(sourceFolder, '..'));
-
-      if (CloudRunner.buildParameters.cloudRunnerDebug === true) {
-        CloudRunnerLogger.log(
-          `Hashed cache folder ${await LfsHashing.hashAllFiles(sourceFolder)} ${sourceFolder} ${path.basename(
-            sourceFolder,
-          )}`,
-        );
-      }
-      const contents = await fs.promises.readdir(path.basename(sourceFolder));
-      CloudRunnerLogger.log(
-        `There is ${contents.length} files/dir in the source folder ${path.basename(sourceFolder)}`,
-      );
-
-      if (contents.length === 0) {
-        CloudRunnerLogger.log(
-          `Did not push source folder to cache because it was empty ${path.basename(sourceFolder)}`,
-        );
-        process.chdir(`${startPath}`);
-
-        return;
-      }
-
-      await CloudRunnerSystem.Run(
-        `tar -cf ${cacheArtifactName}.tar${compressionSuffix} "${path.basename(sourceFolder)}"`,
-      );
-      await CloudRunnerSystem.Run(`du ${cacheArtifactName}.tar${compressionSuffix}`);
-      assert(await fileExists(`${cacheArtifactName}.tar${compressionSuffix}`), 'cache archive exists');
-      assert(await fileExists(path.basename(sourceFolder)), 'source folder exists');
-      await CloudRunnerSystem.Run(`mv ${cacheArtifactName}.tar${compressionSuffix} ${cacheFolder}`);
-      RemoteClientLogger.log(`moved cache entry ${cacheArtifactName} to ${cacheFolder}`);
-      assert(
-        await fileExists(`${path.join(cacheFolder, cacheArtifactName)}.tar${compressionSuffix}`),
-        'cache archive exists inside cache folder',
-      );
-    } catch (error) {
-      process.chdir(`${startPath}`);
-      throw error;
-    }
-    process.chdir(`${startPath}`);
-  }
-  public static async PullFromCache(cacheFolder: string, destinationFolder: string, cacheArtifactName: string = ``) {
-    CloudRunnerLogger.log(`Pulling from cache ${destinationFolder} ${CloudRunner.buildParameters.skipCache}`);
-    if (`${CloudRunner.buildParameters.skipCache}` === `true`) {
-      CloudRunnerLogger.log(`Skipping cache debugSkipCache is true`);
-
-      return;
-    }
-    cacheArtifactName = cacheArtifactName.replace(' ', '');
-    let compressionSuffix = '';
-    if (CloudRunner.buildParameters.useCompressionStrategy === true) {
-      compressionSuffix = `.lz4`;
-    }
-    const startPath = process.cwd();
-    RemoteClientLogger.log(`Caching for (lz4 ${compressionSuffix}) ${path.basename(destinationFolder)}`);
-    try {
-      if (!(await fileExists(cacheFolder))) {
-        await fs.promises.mkdir(cacheFolder);
-      }
-
-      if (!(await fileExists(destinationFolder))) {
-        await fs.promises.mkdir(destinationFolder);
-      }
-
-      const latestInBranch = await (
-        await CloudRunnerSystem.Run(`ls -t "${cacheFolder}" | grep .tar${compressionSuffix}$ | head -1`)
-      )
-        .replace(/\n/g, ``)
-        .replace(`.tar${compressionSuffix}`, '');
-
-      process.chdir(cacheFolder);
-
-      const cacheSelection =
-        cacheArtifactName !== `` && (await fileExists(`${cacheArtifactName}.tar${compressionSuffix}`))
-          ? cacheArtifactName
-          : latestInBranch;
-      await CloudRunnerLogger.log(`cache key ${cacheArtifactName} selection ${cacheSelection}`);
-
-      if (await fileExists(`${cacheSelection}.tar${compressionSuffix}`)) {
-        const resultsFolder = `results${CloudRunner.buildParameters.buildGuid}`;
-        await CloudRunnerSystem.Run(`mkdir -p ${resultsFolder}`);
-        RemoteClientLogger.log(`cache item exists ${cacheFolder}/${cacheSelection}.tar${compressionSuffix}`);
-        const fullResultsFolder = path.join(cacheFolder, resultsFolder);
-        await CloudRunnerSystem.Run(`tar -xf ${cacheSelection}.tar${compressionSuffix} -C ${fullResultsFolder}`);
-        RemoteClientLogger.log(`cache item extracted to ${fullResultsFolder}`);
-        assert(await fileExists(fullResultsFolder), `cache extraction results folder exists`);
-        const destinationParentFolder = path.resolve(destinationFolder, '..');
-
-        if (await fileExists(destinationFolder)) {
-          await fs.promises.rmdir(destinationFolder, { recursive: true });
-        }
-        await CloudRunnerSystem.Run(
-          `mv "${path.join(fullResultsFolder, path.basename(destinationFolder))}" "${destinationParentFolder}"`,
-        );
-        const contents = await fs.promises.readdir(
-          path.join(destinationParentFolder, path.basename(destinationFolder)),
-        );
-        CloudRunnerLogger.log(
-          `There is ${contents.length} files/dir in the cache pulled contents for ${path.basename(destinationFolder)}`,
-        );
-      } else {
-        RemoteClientLogger.logWarning(`cache item ${cacheArtifactName} doesn't exist ${destinationFolder}`);
-        if (cacheSelection !== ``) {
-          RemoteClientLogger.logWarning(
-            `cache item ${cacheArtifactName}.tar${compressionSuffix} doesn't exist ${destinationFolder}`,
-          );
-          throw new Error(`Failed to get cache item, but cache hit was found: ${cacheSelection}`);
-        }
-      }
-    } catch (error) {
-      process.chdir(startPath);
-      throw error;
-    }
-    process.chdir(startPath);
-  }
-
-  public static async handleCachePurging() {
-    if (process.env.PURGE_REMOTE_BUILDER_CACHE !== undefined) {
-      RemoteClientLogger.log(`purging ${CloudRunnerFolders.purgeRemoteCaching}`);
-      fs.promises.rmdir(CloudRunnerFolders.cacheFolder, { recursive: true });
-    }
-  }
-}
--- a/src/model/cloud-runner/remote-client/index.ts
+++ b/src/model/cloud-runner/remote-client/index.ts
@@ -1,251 +0,0 @@
-import fs from 'node:fs';
-import CloudRunner from '../cloud-runner';
-import { CloudRunnerFolders } from '../options/cloud-runner-folders';
-import { Caching } from './caching';
-import { LfsHashing } from '../services/utility/lfs-hashing';
-import { RemoteClientLogger } from './remote-client-logger';
-import path from 'node:path';
-import { assert } from 'node:console';
-import CloudRunnerLogger from '../services/core/cloud-runner-logger';
-import { CliFunction } from '../../cli/cli-functions-repository';
-import { CloudRunnerSystem } from '../services/core/cloud-runner-system';
-import YAML from 'yaml';
-import GitHub from '../../github';
-import BuildParameters from '../../build-parameters';
-import { Cli } from '../../cli/cli';
-import CloudRunnerOptions from '../options/cloud-runner-options';
-
-export class RemoteClient {
-  @CliFunction(`remote-cli-pre-build`, `sets up a repository, usually before a game-ci build`)
-  static async setupRemoteClient() {
-    CloudRunnerLogger.log(`bootstrap game ci cloud runner...`);
-    if (!(await RemoteClient.handleRetainedWorkspace())) {
-      await RemoteClient.bootstrapRepository();
-    }
-    await RemoteClient.replaceLargePackageReferencesWithSharedReferences();
-    await RemoteClient.runCustomHookFiles(`before-build`);
-  }
-
-  @CliFunction('remote-cli-log-stream', `log stream from standard input`)
-  public static async remoteClientLogStream() {
-    const logFile = Cli.options!['logFile'];
-    process.stdin.resume();
-    process.stdin.setEncoding('utf8');
-
-    let lingeringLine = '';
-
-    process.stdin.on('data', (chunk) => {
-      const lines = chunk.toString().split('\n');
-
-      lines[0] = lingeringLine + lines[0];
-      lingeringLine = lines.pop() || '';
-
-      for (const element of lines) {
-        if (CloudRunnerOptions.providerStrategy !== 'k8s') {
-          CloudRunnerLogger.log(element);
-        } else {
-          fs.appendFileSync(logFile, element);
-          CloudRunnerLogger.log(element);
-        }
-      }
-    });
-
-    process.stdin.on('end', () => {
-      if (CloudRunnerOptions.providerStrategy !== 'k8s') {
-        CloudRunnerLogger.log(lingeringLine);
-      } else {
-        fs.appendFileSync(logFile, lingeringLine);
-        CloudRunnerLogger.log(lingeringLine);
-      }
-    });
-  }
-
-  @CliFunction(`remote-cli-post-build`, `runs a cloud runner build`)
-  public static async remoteClientPostBuild(): Promise<string> {
-    RemoteClientLogger.log(`Running POST build tasks`);
-
-    await Caching.PushToCache(
-      CloudRunnerFolders.ToLinuxFolder(`${CloudRunnerFolders.cacheFolderForCacheKeyFull}/Library`),
-      CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.libraryFolderAbsolute),
-      `lib-${CloudRunner.buildParameters.buildGuid}`,
-    );
-
-    await Caching.PushToCache(
-      CloudRunnerFolders.ToLinuxFolder(`${CloudRunnerFolders.cacheFolderForCacheKeyFull}/build`),
-      CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.projectBuildFolderAbsolute),
-      `build-${CloudRunner.buildParameters.buildGuid}`,
-    );
-
-    if (!BuildParameters.shouldUseRetainedWorkspaceMode(CloudRunner.buildParameters)) {
-      await CloudRunnerSystem.Run(
-        `rm -r ${CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.uniqueCloudRunnerJobFolderAbsolute)}`,
-      );
-    }
-
-    await RemoteClient.runCustomHookFiles(`after-build`);
-
-    // WIP - need to give the pod permissions to create config map
-    await RemoteClientLogger.handleLogManagementPostJob();
-
-    return new Promise((result) => result(``));
-  }
-  static async runCustomHookFiles(hookLifecycle: string) {
-    RemoteClientLogger.log(`RunCustomHookFiles: ${hookLifecycle}`);
-    const gameCiCustomHooksPath = path.join(CloudRunnerFolders.repoPathAbsolute, `game-ci`, `hooks`);
-    try {
-      const files = fs.readdirSync(gameCiCustomHooksPath);
-      for (const file of files) {
-        const fileContents = fs.readFileSync(path.join(gameCiCustomHooksPath, file), `utf8`);
-        const fileContentsObject = YAML.parse(fileContents.toString());
-        if (fileContentsObject.hook === hookLifecycle) {
-          RemoteClientLogger.log(`Active Hook File ${file} \n \n file contents: \n ${fileContents}`);
-          await CloudRunnerSystem.Run(fileContentsObject.commands);
-        }
-      }
-    } catch (error) {
-      RemoteClientLogger.log(JSON.stringify(error, undefined, 4));
-    }
-  }
-  public static async bootstrapRepository() {
-    await CloudRunnerSystem.Run(
-      `mkdir -p ${CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.uniqueCloudRunnerJobFolderAbsolute)}`,
-    );
-    await CloudRunnerSystem.Run(
-      `mkdir -p ${CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.cacheFolderForCacheKeyFull)}`,
-    );
-    await RemoteClient.cloneRepoWithoutLFSFiles();
-    await RemoteClient.sizeOfFolder(
-      'repo before lfs cache pull',
-      CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.repoPathAbsolute),
-    );
-    const lfsHashes = await LfsHashing.createLFSHashFiles();
-    if (fs.existsSync(CloudRunnerFolders.libraryFolderAbsolute)) {
-      RemoteClientLogger.logWarning(`!Warning!: The Unity library was included in the git repository`);
-    }
-    await Caching.PullFromCache(
-      CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.lfsCacheFolderFull),
-      CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.lfsFolderAbsolute),
-      `${lfsHashes.lfsGuidSum}`,
-    );
-    await RemoteClient.sizeOfFolder('repo after lfs cache pull', CloudRunnerFolders.repoPathAbsolute);
-    await RemoteClient.pullLatestLFS();
-    await RemoteClient.sizeOfFolder('repo before lfs git pull', CloudRunnerFolders.repoPathAbsolute);
-    await Caching.PushToCache(
-      CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.lfsCacheFolderFull),
-      CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.lfsFolderAbsolute),
-      `${lfsHashes.lfsGuidSum}`,
-    );
-    await Caching.PullFromCache(
-      CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.libraryCacheFolderFull),
-      CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.libraryFolderAbsolute),
-    );
-    await RemoteClient.sizeOfFolder('repo after library cache pull', CloudRunnerFolders.repoPathAbsolute);
-    await Caching.handleCachePurging();
-  }
-
-  private static async sizeOfFolder(message: string, folder: string) {
-    if (CloudRunner.buildParameters.cloudRunnerDebug) {
-      CloudRunnerLogger.log(`Size of ${message}`);
-      await CloudRunnerSystem.Run(`du -sh ${folder}`);
-    }
-  }
-
-  private static async cloneRepoWithoutLFSFiles() {
-    process.chdir(`${CloudRunnerFolders.uniqueCloudRunnerJobFolderAbsolute}`);
-    if (
-      fs.existsSync(CloudRunnerFolders.repoPathAbsolute) &&
-      !fs.existsSync(path.join(CloudRunnerFolders.repoPathAbsolute, `.git`))
-    ) {
-      await CloudRunnerSystem.Run(`rm -r ${CloudRunnerFolders.repoPathAbsolute}`);
-      CloudRunnerLogger.log(`${CloudRunnerFolders.repoPathAbsolute} repo exists, but no git folder, cleaning up`);
-    }
-
-    if (
-      BuildParameters.shouldUseRetainedWorkspaceMode(CloudRunner.buildParameters) &&
-      fs.existsSync(path.join(CloudRunnerFolders.repoPathAbsolute, `.git`))
-    ) {
-      process.chdir(CloudRunnerFolders.repoPathAbsolute);
-      RemoteClientLogger.log(
-        `${
-          CloudRunnerFolders.repoPathAbsolute
-        } repo exists - skipping clone - retained workspace mode ${BuildParameters.shouldUseRetainedWorkspaceMode(
-          CloudRunner.buildParameters,
-        )}`,
-      );
-      await CloudRunnerSystem.Run(`git fetch && git reset --hard ${CloudRunner.buildParameters.gitSha}`);
-
-      return;
-    }
-
-    RemoteClientLogger.log(`Initializing source repository for cloning with caching of LFS files`);
-    await CloudRunnerSystem.Run(`git config --global advice.detachedHead false`);
-    RemoteClientLogger.log(`Cloning the repository being built:`);
-    await CloudRunnerSystem.Run(`git config --global filter.lfs.smudge "git-lfs smudge --skip -- %f"`);
-    await CloudRunnerSystem.Run(`git config --global filter.lfs.process "git-lfs filter-process --skip"`);
-    try {
-      await CloudRunnerSystem.Run(
-        `git clone ${CloudRunnerFolders.targetBuildRepoUrl} ${path.basename(CloudRunnerFolders.repoPathAbsolute)}`,
-      );
-    } catch (error: any) {
-      throw error;
-    }
-    process.chdir(CloudRunnerFolders.repoPathAbsolute);
-    await CloudRunnerSystem.Run(`git lfs install`);
-    assert(fs.existsSync(`.git`), 'git folder exists');
-    RemoteClientLogger.log(`${CloudRunner.buildParameters.branch}`);
-    if (CloudRunner.buildParameters.gitSha !== undefined) {
-      await CloudRunnerSystem.Run(`git checkout ${CloudRunner.buildParameters.gitSha}`);
-    } else {
-      await CloudRunnerSystem.Run(`git checkout ${CloudRunner.buildParameters.branch}`);
-      RemoteClientLogger.log(`buildParameter Git Sha is empty`);
-    }
-
-    assert(fs.existsSync(path.join(`.git`, `lfs`)), 'LFS folder should not exist before caching');
-    RemoteClientLogger.log(`Checked out ${CloudRunner.buildParameters.branch}`);
-  }
-
-  static async replaceLargePackageReferencesWithSharedReferences() {
-    CloudRunnerLogger.log(`Use Shared Pkgs ${CloudRunner.buildParameters.useLargePackages}`);
-    GitHub.updateGitHubCheck(`Use Shared Pkgs ${CloudRunner.buildParameters.useLargePackages}`, ``);
-    if (CloudRunner.buildParameters.useLargePackages) {
-      const filePath = path.join(CloudRunnerFolders.projectPathAbsolute, `Packages/manifest.json`);
-      let manifest = fs.readFileSync(filePath, 'utf8');
-      manifest = manifest.replace(/LargeContent/g, '../../../LargeContent');
-      fs.writeFileSync(filePath, manifest);
-      CloudRunnerLogger.log(`Package Manifest \n ${manifest}`);
-      GitHub.updateGitHubCheck(`Package Manifest \n ${manifest}`, ``);
-    }
-  }
-
-  private static async pullLatestLFS() {
-    process.chdir(CloudRunnerFolders.repoPathAbsolute);
-    await CloudRunnerSystem.Run(`git config --global filter.lfs.smudge "git-lfs smudge -- %f"`);
-    await CloudRunnerSystem.Run(`git config --global filter.lfs.process "git-lfs filter-process"`);
-    if (!CloudRunner.buildParameters.skipLfs) {
-      await CloudRunnerSystem.Run(`git lfs pull`);
-      RemoteClientLogger.log(`pulled latest LFS files`);
-      assert(fs.existsSync(CloudRunnerFolders.lfsFolderAbsolute));
-    }
-  }
-  static async handleRetainedWorkspace() {
-    RemoteClientLogger.log(
-      `Retained Workspace: ${BuildParameters.shouldUseRetainedWorkspaceMode(CloudRunner.buildParameters)}`,
-    );
-    if (
-      BuildParameters.shouldUseRetainedWorkspaceMode(CloudRunner.buildParameters) &&
-      fs.existsSync(CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.uniqueCloudRunnerJobFolderAbsolute)) &&
-      fs.existsSync(CloudRunnerFolders.ToLinuxFolder(path.join(CloudRunnerFolders.repoPathAbsolute, `.git`)))
-    ) {
-      CloudRunnerLogger.log(`Retained Workspace Already Exists!`);
-      process.chdir(CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.repoPathAbsolute));
-      await CloudRunnerSystem.Run(`git fetch`);
-      await CloudRunnerSystem.Run(`git lfs pull`);
-      await CloudRunnerSystem.Run(`git reset --hard "${CloudRunner.buildParameters.gitSha}"`);
-      await CloudRunnerSystem.Run(`git checkout ${CloudRunner.buildParameters.gitSha}`);
-
-      return true;
-    }
-
-    return false;
-  }
-}
--- a/src/model/cloud-runner/remote-client/remote-client-logger.ts
+++ b/src/model/cloud-runner/remote-client/remote-client-logger.ts
@@ -1,82 +0,0 @@
-import CloudRunnerLogger from '../services/core/cloud-runner-logger';
-import fs from 'node:fs';
-import path from 'node:path';
-import CloudRunner from '../cloud-runner';
-import CloudRunnerOptions from '../options/cloud-runner-options';
-
-export class RemoteClientLogger {
-  private static get LogFilePath() {
-    return path.join(`/home`, `job-log.txt`);
-  }
-
-  public static log(message: string) {
-    const finalMessage = `[Client] ${message}`;
-    this.appendToFile(finalMessage);
-    CloudRunnerLogger.log(finalMessage);
-  }
-
-  public static logCliError(message: string) {
-    CloudRunnerLogger.log(`[Client][Error] ${message}`);
-  }
-
-  public static logCliDiagnostic(message: string) {
-    CloudRunnerLogger.log(`[Client][Diagnostic] ${message}`);
-  }
-
-  public static logWarning(message: string) {
-    CloudRunnerLogger.logWarning(message);
-  }
-
-  public static appendToFile(message: string) {
-    if (CloudRunner.isCloudRunnerEnvironment) {
-      fs.appendFileSync(RemoteClientLogger.LogFilePath, `${message}\n`);
-    }
-  }
-
-  public static async handleLogManagementPostJob() {
-    if (CloudRunnerOptions.providerStrategy !== 'k8s') {
-      return;
-    }
-    CloudRunnerLogger.log(`Collected Logs`);
-
-    // check for log file not existing
-    if (!fs.existsSync(RemoteClientLogger.LogFilePath)) {
-      CloudRunnerLogger.log(`Log file does not exist`);
-
-      // check if CloudRunner.isCloudRunnerEnvironment is true, log
-      if (!CloudRunner.isCloudRunnerEnvironment) {
-        CloudRunnerLogger.log(`Cloud Runner is not running in a cloud environment, not collecting logs`);
-      }
-
-      return;
-    }
-    CloudRunnerLogger.log(`Log file exist`);
-    await new Promise((resolve) => setTimeout(resolve, 1));
-
-    // let hashedLogs = fs.readFileSync(RemoteClientLogger.LogFilePath).toString();
-    //
-    // hashedLogs = md5(hashedLogs);
-    //
-    // for (let index = 0; index < 3; index++) {
-    //   CloudRunnerLogger.log(`LOGHASH: ${hashedLogs}`);
-    //   const logs = fs.readFileSync(RemoteClientLogger.LogFilePath).toString();
-    //   CloudRunnerLogger.log(`LOGS: ${Buffer.from(logs).toString('base64')}`);
-    //   CloudRunnerLogger.log(
-    //     `Game CI's "Cloud Runner System" will cancel the log when it has successfully received the log data to verify all logs have been received.`,
-    //   );
-    //
-    //   // wait for 15 seconds to allow the log to be sent
-    //   await new Promise((resolve) => setTimeout(resolve, 15000));
-    // }
-  }
-  public static HandleLog(message: string): boolean {
-    if (RemoteClientLogger.value !== '') {
-      RemoteClientLogger.value += `\n`;
-    }
-
-    RemoteClientLogger.value += message;
-
-    return false;
-  }
-  static value: string = '';
-}
--- a/src/model/cloud-runner/services/hooks/container-hook-service.ts
+++ b/src/model/cloud-runner/services/hooks/container-hook-service.ts
@@ -1,265 +0,0 @@
-import YAML from 'yaml';
-import CloudRunner from '../../cloud-runner';
-import { CustomWorkflow } from '../../workflows/custom-workflow';
-import { RemoteClientLogger } from '../../remote-client/remote-client-logger';
-import path from 'node:path';
-import fs from 'node:fs';
-import Input from '../../../input';
-import CloudRunnerOptions from '../../options/cloud-runner-options';
-import { ContainerHook as ContainerHook } from './container-hook';
-import { CloudRunnerStepParameters } from '../../options/cloud-runner-step-parameters';
-
-export class ContainerHookService {
-  static GetContainerHooksFromFiles(hookLifecycle: string): ContainerHook[] {
-    const results: ContainerHook[] = [];
-    try {
-      const gameCiCustomStepsPath = path.join(process.cwd(), `game-ci`, `container-hooks`);
-      const files = fs.readdirSync(gameCiCustomStepsPath);
-      for (const file of files) {
-        if (!CloudRunnerOptions.containerHookFiles.includes(file.replace(`.yaml`, ``))) {
-          // RemoteClientLogger.log(`Skipping CustomStepFile: ${file}`);
-          continue;
-        }
-        const fileContents = fs.readFileSync(path.join(gameCiCustomStepsPath, file), `utf8`);
-        const fileContentsObject = ContainerHookService.ParseContainerHooks(fileContents)[0];
-        if (fileContentsObject.hook === hookLifecycle) {
-          results.push(fileContentsObject);
-        }
-      }
-    } catch (error) {
-      RemoteClientLogger.log(`Failed Getting: ${hookLifecycle} \n ${JSON.stringify(error, undefined, 4)}`);
-    }
-
-    // RemoteClientLogger.log(`Active Steps From Files: \n ${JSON.stringify(results, undefined, 4)}`);
-
-    const builtInContainerHooks: ContainerHook[] = ContainerHookService.ParseContainerHooks(
-      `- name: aws-s3-upload-build
-  image: amazon/aws-cli
-  hook: after
-  commands: |
-    aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID --profile default
-    aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY --profile default
-    aws configure set region $AWS_DEFAULT_REGION --profile default
-    aws s3 cp /data/cache/$CACHE_KEY/build/build-${CloudRunner.buildParameters.buildGuid}.tar${
-        CloudRunner.buildParameters.useCompressionStrategy ? '.lz4' : ''
-      } s3://${CloudRunner.buildParameters.awsStackName}/cloud-runner-cache/$CACHE_KEY/build/build-$BUILD_GUID.tar${
-        CloudRunner.buildParameters.useCompressionStrategy ? '.lz4' : ''
-      }
-    rm /data/cache/$CACHE_KEY/build/build-${CloudRunner.buildParameters.buildGuid}.tar${
-        CloudRunner.buildParameters.useCompressionStrategy ? '.lz4' : ''
-      }
-  secrets:
-  - name: awsAccessKeyId
-    value: ${process.env.AWS_ACCESS_KEY_ID || ``}
-  - name: awsSecretAccessKey
-    value: ${process.env.AWS_SECRET_ACCESS_KEY || ``}
-  - name: awsDefaultRegion
-    value: ${process.env.AWS_REGION || ``}
- name: aws-s3-pull-build
-  image: amazon/aws-cli
-  commands: |
-    aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID --profile default
-    aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY --profile default
-    aws configure set region $AWS_DEFAULT_REGION --profile default
-    aws s3 ls ${CloudRunner.buildParameters.awsStackName}/cloud-runner-cache/ || true
-    aws s3 ls ${CloudRunner.buildParameters.awsStackName}/cloud-runner-cache/$CACHE_KEY/build || true
-    mkdir -p /data/cache/$CACHE_KEY/build/
-    aws s3 cp s3://${
-      CloudRunner.buildParameters.awsStackName
-    }/cloud-runner-cache/$CACHE_KEY/build/build-$BUILD_GUID_TARGET.tar${
-        CloudRunner.buildParameters.useCompressionStrategy ? '.lz4' : ''
-      } /data/cache/$CACHE_KEY/build/build-$BUILD_GUID_TARGET.tar${
-        CloudRunner.buildParameters.useCompressionStrategy ? '.lz4' : ''
-      }
-  secrets:
-    - name: AWS_ACCESS_KEY_ID
-    - name: AWS_SECRET_ACCESS_KEY
-    - name: AWS_DEFAULT_REGION
-    - name: BUILD_GUID_TARGET
- name: steam-deploy-client
-  image: steamcmd/steamcmd
-  commands: |
-    apt-get update
-    apt-get install -y curl tar coreutils git tree > /dev/null
-    curl -s https://gist.githubusercontent.com/frostebite/1d56f5505b36b403b64193b7a6e54cdc/raw/fa6639ed4ef750c4268ea319d63aa80f52712ffb/deploy-client-steam.sh | bash
-  secrets:
-    - name: STEAM_USERNAME
-    - name: STEAM_PASSWORD
-    - name: STEAM_APPID
-    - name: STEAM_SSFN_FILE_NAME
-    - name: STEAM_SSFN_FILE_CONTENTS
-    - name: STEAM_CONFIG_VDF_1
-    - name: STEAM_CONFIG_VDF_2
-    - name: STEAM_CONFIG_VDF_3
-    - name: STEAM_CONFIG_VDF_4
-    - name: BUILD_GUID_TARGET
-    - name: RELEASE_BRANCH
- name: steam-deploy-project
-  image: steamcmd/steamcmd
-  commands: |
-    apt-get update
-    apt-get install -y curl tar coreutils git tree > /dev/null
-    curl -s https://gist.githubusercontent.com/frostebite/969da6a41002a0e901174124b643709f/raw/02403e53fb292026cba81ddcf4ff35fc1eba111d/steam-deploy-project.sh | bash
-  secrets:
-    - name: STEAM_USERNAME
-    - name: STEAM_PASSWORD
-    - name: STEAM_APPID
-    - name: STEAM_SSFN_FILE_NAME
-    - name: STEAM_SSFN_FILE_CONTENTS
-    - name: STEAM_CONFIG_VDF_1
-    - name: STEAM_CONFIG_VDF_2
-    - name: STEAM_CONFIG_VDF_3
-    - name: STEAM_CONFIG_VDF_4
-    - name: BUILD_GUID_2
-    - name: RELEASE_BRANCH
- name: aws-s3-upload-cache
-  image: amazon/aws-cli
-  hook: after
-  commands: |
-    aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID --profile default
-    aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY --profile default
-    aws configure set region $AWS_DEFAULT_REGION --profile default
-    aws s3 cp --recursive /data/cache/$CACHE_KEY/lfs s3://${
-      CloudRunner.buildParameters.awsStackName
-    }/cloud-runner-cache/$CACHE_KEY/lfs
-    rm -r /data/cache/$CACHE_KEY/lfs
-    aws s3 cp --recursive /data/cache/$CACHE_KEY/Library s3://${
-      CloudRunner.buildParameters.awsStackName
-    }/cloud-runner-cache/$CACHE_KEY/Library
-    rm -r /data/cache/$CACHE_KEY/Library
-  secrets:
-  - name: AWS_ACCESS_KEY_ID
-    value: ${process.env.AWS_ACCESS_KEY_ID || ``}
-  - name: AWS_SECRET_ACCESS_KEY
-    value: ${process.env.AWS_SECRET_ACCESS_KEY || ``}
-  - name: AWS_DEFAULT_REGION
-    value: ${process.env.AWS_REGION || ``}
- name: aws-s3-pull-cache
-  image: amazon/aws-cli
-  hook: before
-  commands: |
-    aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID --profile default
-    aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY --profile default
-    aws configure set region $AWS_DEFAULT_REGION --profile default
-    mkdir -p /data/cache/$CACHE_KEY/Library/
-    mkdir -p /data/cache/$CACHE_KEY/lfs/
-    aws s3 ls ${CloudRunner.buildParameters.awsStackName}/cloud-runner-cache/ || true
-    aws s3 ls ${CloudRunner.buildParameters.awsStackName}/cloud-runner-cache/$CACHE_KEY/ || true
-    BUCKET1="${CloudRunner.buildParameters.awsStackName}/cloud-runner-cache/$CACHE_KEY/Library/"
-    aws s3 ls $BUCKET1 || true
-    OBJECT1="$(aws s3 ls $BUCKET1 | sort | tail -n 1 | awk '{print $4}' || '')"
-    aws s3 cp s3://$BUCKET1$OBJECT1 /data/cache/$CACHE_KEY/Library/ || true
-    BUCKET2="${CloudRunner.buildParameters.awsStackName}/cloud-runner-cache/$CACHE_KEY/lfs/"
-    aws s3 ls $BUCKET2 || true
-    OBJECT2="$(aws s3 ls $BUCKET2 | sort | tail -n 1 | awk '{print $4}' || '')"
-    aws s3 cp s3://$BUCKET2$OBJECT2 /data/cache/$CACHE_KEY/lfs/ || true
-  secrets:
-  - name: AWS_ACCESS_KEY_ID
-    value: ${process.env.AWS_ACCESS_KEY_ID || ``}
-  - name: AWS_SECRET_ACCESS_KEY
-    value: ${process.env.AWS_SECRET_ACCESS_KEY || ``}
-  - name: AWS_DEFAULT_REGION
-    value: ${process.env.AWS_REGION || ``}
- name: debug-cache
-  image: ubuntu
-  hook: after
-  commands: |
-    apt-get update > /dev/null
-    ${CloudRunnerOptions.cloudRunnerDebug ? `apt-get install -y tree > /dev/null` : `#`}
-    ${CloudRunnerOptions.cloudRunnerDebug ? `tree -L 3 /data/cache` : `#`}
-  secrets:
-  - name: awsAccessKeyId
-    value: ${process.env.AWS_ACCESS_KEY_ID || ``}
-  - name: awsSecretAccessKey
-    value: ${process.env.AWS_SECRET_ACCESS_KEY || ``}
-  - name: awsDefaultRegion
-    value: ${process.env.AWS_REGION || ``}`,
-    ).filter((x) => CloudRunnerOptions.containerHookFiles.includes(x.name) && x.hook === hookLifecycle);
-    if (builtInContainerHooks.length > 0) {
-      results.push(...builtInContainerHooks);
-    }
-
-    return results;
-  }
-
-  private static ConvertYamlSecrets(object: ContainerHook) {
-    if (object.secrets === undefined) {
-      object.secrets = [];
-
-      return;
-    }
-    object.secrets = object.secrets.map((x: { [key: string]: any }) => {
-      return {
-        ParameterKey: x.name,
-        EnvironmentVariable: Input.ToEnvVarFormat(x.name),
-        ParameterValue: x.value,
-      };
-    });
-  }
-
-  public static ParseContainerHooks(steps: string): ContainerHook[] {
-    if (steps === '') {
-      return [];
-    }
-    const isArray = steps.replace(/\s/g, ``)[0] === `-`;
-    const object: ContainerHook[] = isArray ? YAML.parse(steps) : [YAML.parse(steps)];
-    for (const step of object) {
-      ContainerHookService.ConvertYamlSecrets(step);
-      if (step.secrets === undefined) {
-        step.secrets = [];
-      } else {
-        for (const secret of step.secrets) {
-          if (secret.ParameterValue === undefined && process.env[secret.EnvironmentVariable] !== undefined) {
-            if (CloudRunner.buildParameters?.cloudRunnerDebug) {
-              // CloudRunnerLogger.log(`Injecting custom step ${step.name} from env var ${secret.ParameterKey}`);
-            }
-            secret.ParameterValue = process.env[secret.ParameterKey] || ``;
-          }
-        }
-      }
-      if (step.image === undefined) {
-        step.image = `ubuntu`;
-      }
-    }
-    if (object === undefined) {
-      throw new Error(`Failed to parse ${steps}`);
-    }
-
-    return object;
-  }
-
-  static async RunPostBuildSteps(cloudRunnerStepState: CloudRunnerStepParameters) {
-    let output = ``;
-    const steps: ContainerHook[] = [
-      ...ContainerHookService.ParseContainerHooks(CloudRunner.buildParameters.postBuildContainerHooks),
-      ...ContainerHookService.GetContainerHooksFromFiles(`after`),
-    ];
-
-    if (steps.length > 0) {
-      output += await CustomWorkflow.runContainerJob(
-        steps,
-        cloudRunnerStepState.environment,
-        cloudRunnerStepState.secrets,
-      );
-    }
-
-    return output;
-  }
-  static async RunPreBuildSteps(cloudRunnerStepState: CloudRunnerStepParameters) {
-    let output = ``;
-    const steps: ContainerHook[] = [
-      ...ContainerHookService.ParseContainerHooks(CloudRunner.buildParameters.preBuildContainerHooks),
-      ...ContainerHookService.GetContainerHooksFromFiles(`before`),
-    ];
-
-    if (steps.length > 0) {
-      output += await CustomWorkflow.runContainerJob(
-        steps,
-        cloudRunnerStepState.environment,
-        cloudRunnerStepState.secrets,
-      );
-    }
-
-    return output;
-  }
-}
--- a/src/model/cloud-runner/services/hooks/container-hook.ts
+++ b/src/model/cloud-runner/services/hooks/container-hook.ts
@@ -1,9 +0,0 @@
-import CloudRunnerSecret from '../../options/cloud-runner-secret';
-
-export class ContainerHook {
-  public commands!: string;
-  public secrets: CloudRunnerSecret[] = new Array<CloudRunnerSecret>();
-  public name!: string;
-  public image: string = `ubuntu`;
-  public hook!: string;
-}
--- a/src/model/cloud-runner/tests/cloud-runner-github-checks.test.ts
+++ b/src/model/cloud-runner/tests/cloud-runner-github-checks.test.ts
@@ -1,59 +0,0 @@
-import { BuildParameters } from '../..';
-import CloudRunner from '../cloud-runner';
-import UnityVersioning from '../../unity-versioning';
-import { Cli } from '../../cli/cli';
-import CloudRunnerOptions from '../options/cloud-runner-options';
-import setups from './cloud-runner-suite.test';
-import { OptionValues } from 'commander';
-import GitHub from '../../github';
-export const TIMEOUT_INFINITE = 1e9;
-async function CreateParameters(overrides: OptionValues | undefined) {
-  if (overrides) Cli.options = overrides;
-
-  return BuildParameters.create();
-}
-describe('Cloud Runner Github Checks', () => {
-  setups();
-  it('Responds', () => {});
-
-  if (CloudRunnerOptions.cloudRunnerDebug) {
-    it(
-      'Check Handling Direct',
-      async () => {
-        // Setup parameters
-        const buildParameter = await CreateParameters({
-          versioning: 'None',
-          projectPath: 'test-project',
-          unityVersion: UnityVersioning.read('test-project'),
-          asyncCloudRunner: `true`,
-          githubChecks: `true`,
-        });
-        await CloudRunner.setup(buildParameter);
-        CloudRunner.buildParameters.githubCheckId = await GitHub.createGitHubCheck(`direct create`);
-        await GitHub.updateGitHubCheck(`1 ${new Date().toISOString()}`, `direct`);
-        await GitHub.updateGitHubCheck(`2 ${new Date().toISOString()}`, `direct`, `success`, `completed`);
-      },
-      TIMEOUT_INFINITE,
-    );
-    it(
-      'Check Handling Via Async Workflow',
-      async () => {
-        // Setup parameters
-        const buildParameter = await CreateParameters({
-          versioning: 'None',
-          projectPath: 'test-project',
-          unityVersion: UnityVersioning.read('test-project'),
-          asyncCloudRunner: `true`,
-          githubChecks: `true`,
-        });
-        GitHub.forceAsyncTest = true;
-        await CloudRunner.setup(buildParameter);
-        CloudRunner.buildParameters.githubCheckId = await GitHub.createGitHubCheck(`async create`);
-        await GitHub.updateGitHubCheck(`1 ${new Date().toISOString()}`, `async`);
-        await GitHub.updateGitHubCheck(`2 ${new Date().toISOString()}`, `async`, `success`, `completed`);
-        GitHub.forceAsyncTest = false;
-      },
-      TIMEOUT_INFINITE,
-    );
-  }
-});
--- a/src/model/cloud-runner/tests/cloud-runner-s3-steps.test.ts
+++ b/src/model/cloud-runner/tests/cloud-runner-s3-steps.test.ts
@@ -1,48 +0,0 @@
-import CloudRunner from '../cloud-runner';
-import { BuildParameters, ImageTag } from '../..';
-import UnityVersioning from '../../unity-versioning';
-import { Cli } from '../../cli/cli';
-import CloudRunnerLogger from '../services/core/cloud-runner-logger';
-import { v4 as uuidv4 } from 'uuid';
-import CloudRunnerOptions from '../options/cloud-runner-options';
-import setups from './cloud-runner-suite.test';
-import { CloudRunnerSystem } from '../services/core/cloud-runner-system';
-import { OptionValues } from 'commander';
-
-async function CreateParameters(overrides: OptionValues | undefined) {
-  if (overrides) {
-    Cli.options = overrides;
-  }
-
-  return await BuildParameters.create();
-}
-
-describe('Cloud Runner pre-built S3 steps', () => {
-  it('Responds', () => {});
-  setups();
-  if (CloudRunnerOptions.cloudRunnerDebug && CloudRunnerOptions.providerStrategy !== `local-docker`) {
-    it('Run build and prebuilt s3 cache pull, cache push and upload build', async () => {
-      const overrides = {
-        versioning: 'None',
-        projectPath: 'test-project',
-        unityVersion: UnityVersioning.determineUnityVersion('test-project', UnityVersioning.read('test-project')),
-        targetPlatform: 'StandaloneLinux64',
-        cacheKey: `test-case-${uuidv4()}`,
-        containerHookFiles: `aws-s3-pull-cache,aws-s3-upload-cache,aws-s3-upload-build`,
-      };
-      const buildParameter2 = await CreateParameters(overrides);
-      const baseImage2 = new ImageTag(buildParameter2);
-      const results2Object = await CloudRunner.run(buildParameter2, baseImage2.toString());
-      const results2 = results2Object.BuildResults;
-      CloudRunnerLogger.log(`run 2 succeeded`);
-
-      const build2ContainsBuildSucceeded = results2.includes('Build succeeded');
-      expect(build2ContainsBuildSucceeded).toBeTruthy();
-
-      const results = await CloudRunnerSystem.RunAndReadLines(
-        `aws s3 ls s3://${CloudRunner.buildParameters.awsStackName}/cloud-runner-cache/`,
-      );
-      CloudRunnerLogger.log(results.join(`,`));
-    }, 1_000_000_000);
-  }
-});
--- a/src/model/cloud-runner/tests/e2e/cloud-runner-end2end-caching.test.ts
+++ b/src/model/cloud-runner/tests/e2e/cloud-runner-end2end-caching.test.ts
@@ -1,92 +0,0 @@
-import CloudRunner from '../../cloud-runner';
-import { BuildParameters, ImageTag } from '../../..';
-import UnityVersioning from '../../../unity-versioning';
-import { Cli } from '../../../cli/cli';
-import CloudRunnerLogger from '../../services/core/cloud-runner-logger';
-import { v4 as uuidv4 } from 'uuid';
-import CloudRunnerOptions from '../../options/cloud-runner-options';
-import setups from '../cloud-runner-suite.test';
-import * as fs from 'node:fs';
-import { CloudRunnerSystem } from '../../services/core/cloud-runner-system';
-
-async function CreateParameters(overrides: any) {
-  if (overrides) {
-    Cli.options = overrides;
-  }
-
-  return await BuildParameters.create();
-}
-
-describe('Cloud Runner Caching', () => {
-  it('Responds', () => {});
-  setups();
-  if (CloudRunnerOptions.cloudRunnerDebug) {
-    it('Run one build it should not use cache, run subsequent build which should use cache', async () => {
-      const overrides = {
-        versioning: 'None',
-        image: 'ubuntu',
-        projectPath: 'test-project',
-        unityVersion: UnityVersioning.determineUnityVersion('test-project', UnityVersioning.read('test-project')),
-        targetPlatform: 'StandaloneLinux64',
-        cacheKey: `test-case-${uuidv4()}`,
-        containerHookFiles: `debug-cache`,
-        cloudRunnerBranch: `cloud-runner-develop`,
-      };
-      if (CloudRunnerOptions.providerStrategy === `k8s`) {
-        overrides.containerHookFiles += `,aws-s3-pull-cache,aws-s3-upload-cache`;
-      }
-      const buildParameter = await CreateParameters(overrides);
-      expect(buildParameter.projectPath).toEqual(overrides.projectPath);
-
-      const baseImage = new ImageTag(buildParameter);
-      const resultsObject = await CloudRunner.run(buildParameter, baseImage.toString());
-      const results = resultsObject.BuildResults;
-      const libraryString = 'Rebuilding Library because the asset database could not be found!';
-      const cachePushFail = 'Did not push source folder to cache because it was empty Library';
-      const buildSucceededString = 'Build succeeded';
-
-      expect(results).toContain(libraryString);
-      expect(results).toContain(buildSucceededString);
-      expect(results).not.toContain(cachePushFail);
-
-      CloudRunnerLogger.log(`run 1 succeeded`);
-
-      if (CloudRunnerOptions.providerStrategy === `local-docker`) {
-        await CloudRunnerSystem.Run(`tree ./cloud-runner-cache/cache`);
-        await CloudRunnerSystem.Run(
-          `cp ./cloud-runner-cache/cache/${buildParameter.cacheKey}/Library/lib-${buildParameter.buildGuid}.tar ./`,
-        );
-        await CloudRunnerSystem.Run(`mkdir results`);
-        await CloudRunnerSystem.Run(`tar -xf lib-${buildParameter.buildGuid}.tar -C ./results`);
-        await CloudRunnerSystem.Run(`tree -d ./results`);
-        const cacheFolderExists = fs.existsSync(`cloud-runner-cache/cache/${overrides.cacheKey}`);
-        expect(cacheFolderExists).toBeTruthy();
-      }
-      const buildParameter2 = await CreateParameters(overrides);
-
-      buildParameter2.cacheKey = buildParameter.cacheKey;
-      const baseImage2 = new ImageTag(buildParameter2);
-      const results2Object = await CloudRunner.run(buildParameter2, baseImage2.toString());
-      const results2 = results2Object.BuildResults;
-      CloudRunnerLogger.log(`run 2 succeeded`);
-
-      const build2ContainsCacheKey = results2.includes(buildParameter.cacheKey);
-      const build2ContainsBuildSucceeded = results2.includes(buildSucceededString);
-      const build2NotContainsZeroLibraryCacheFilesMessage = !results2.includes(
-        'There is 0 files/dir in the cache pulled contents for Library',
-      );
-      const build2NotContainsZeroLFSCacheFilesMessage = !results2.includes(
-        'There is 0 files/dir in the cache pulled contents for LFS',
-      );
-
-      expect(build2ContainsCacheKey).toBeTruthy();
-      expect(results2).toContain('Activation successful');
-      expect(build2ContainsBuildSucceeded).toBeTruthy();
-      expect(results2).toContain(buildSucceededString);
-      const splitResults = results2.split('Activation successful');
-      expect(splitResults[splitResults.length - 1]).not.toContain(libraryString);
-      expect(build2NotContainsZeroLibraryCacheFilesMessage).toBeTruthy();
-      expect(build2NotContainsZeroLFSCacheFilesMessage).toBeTruthy();
-    }, 1_000_000_000);
-  }
-});
--- a/src/model/cloud-runner/tests/e2e/cloud-runner-end2end-retaining.test.ts
+++ b/src/model/cloud-runner/tests/e2e/cloud-runner-end2end-retaining.test.ts
@@ -1,92 +0,0 @@
-import CloudRunner from '../../cloud-runner';
-import { ImageTag } from '../../..';
-import UnityVersioning from '../../../unity-versioning';
-import CloudRunnerLogger from '../../services/core/cloud-runner-logger';
-import { v4 as uuidv4 } from 'uuid';
-import CloudRunnerOptions from '../../options/cloud-runner-options';
-import setups from './../cloud-runner-suite.test';
-import * as fs from 'node:fs';
-import path from 'node:path';
-import { CloudRunnerFolders } from '../../options/cloud-runner-folders';
-import SharedWorkspaceLocking from '../../services/core/shared-workspace-locking';
-import { CreateParameters } from '../create-test-parameter';
-import { CloudRunnerSystem } from '../../services/core/cloud-runner-system';
-
-describe('Cloud Runner Retain Workspace', () => {
-  it('Responds', () => {});
-  setups();
-  if (CloudRunnerOptions.cloudRunnerDebug) {
-    it('Run one build it should not already be retained, run subsequent build which should use retained workspace', async () => {
-      const overrides = {
-        versioning: 'None',
-        projectPath: 'test-project',
-        unityVersion: UnityVersioning.determineUnityVersion('test-project', UnityVersioning.read('test-project')),
-        targetPlatform: 'StandaloneLinux64',
-        cacheKey: `test-case-${uuidv4()}`,
-        maxRetainedWorkspaces: 1,
-      };
-      const buildParameter = await CreateParameters(overrides);
-      expect(buildParameter.projectPath).toEqual(overrides.projectPath);
-
-      const baseImage = new ImageTag(buildParameter);
-      const resultsObject = await CloudRunner.run(buildParameter, baseImage.toString());
-      const results = resultsObject.BuildResults;
-      const libraryString = 'Rebuilding Library because the asset database could not be found!';
-      const cachePushFail = 'Did not push source folder to cache because it was empty Library';
-      const buildSucceededString = 'Build succeeded';
-
-      expect(results).toContain(libraryString);
-      expect(results).toContain(buildSucceededString);
-      expect(results).not.toContain(cachePushFail);
-
-      if (CloudRunnerOptions.providerStrategy === `local-docker`) {
-        const cacheFolderExists = fs.existsSync(`cloud-runner-cache/cache/${overrides.cacheKey}`);
-        expect(cacheFolderExists).toBeTruthy();
-        await CloudRunnerSystem.Run(`tree -d ./cloud-runner-cache`);
-      }
-
-      CloudRunnerLogger.log(`run 1 succeeded`);
-
-      // await CloudRunnerSystem.Run(`tree -d ./cloud-runner-cache/${}`);
-      const buildParameter2 = await CreateParameters(overrides);
-
-      buildParameter2.cacheKey = buildParameter.cacheKey;
-      const baseImage2 = new ImageTag(buildParameter2);
-      const results2Object = await CloudRunner.run(buildParameter2, baseImage2.toString());
-      const results2 = results2Object.BuildResults;
-      CloudRunnerLogger.log(`run 2 succeeded`);
-
-      const build2ContainsCacheKey = results2.includes(buildParameter.cacheKey);
-      const build2ContainsBuildGuid1FromRetainedWorkspace = results2.includes(buildParameter.buildGuid);
-      const build2ContainsRetainedWorkspacePhrase = results2.includes(`Retained Workspace:`);
-      const build2ContainsWorkspaceExistsAlreadyPhrase = results2.includes(`Retained Workspace Already Exists!`);
-      const build2ContainsBuildSucceeded = results2.includes(buildSucceededString);
-      const build2NotContainsZeroLibraryCacheFilesMessage = !results2.includes(
-        'There is 0 files/dir in the cache pulled contents for Library',
-      );
-      const build2NotContainsZeroLFSCacheFilesMessage = !results2.includes(
-        'There is 0 files/dir in the cache pulled contents for LFS',
-      );
-
-      expect(build2ContainsCacheKey).toBeTruthy();
-      expect(build2ContainsRetainedWorkspacePhrase).toBeTruthy();
-      expect(build2ContainsWorkspaceExistsAlreadyPhrase).toBeTruthy();
-      expect(build2ContainsBuildGuid1FromRetainedWorkspace).toBeTruthy();
-      expect(build2ContainsBuildSucceeded).toBeTruthy();
-      expect(build2NotContainsZeroLibraryCacheFilesMessage).toBeTruthy();
-      expect(build2NotContainsZeroLFSCacheFilesMessage).toBeTruthy();
-      const splitResults = results2.split('Activation successful');
-      expect(splitResults[splitResults.length - 1]).not.toContain(libraryString);
-    }, 1_000_000_000);
-    afterAll(async () => {
-      await SharedWorkspaceLocking.CleanupWorkspace(CloudRunner.lockedWorkspace || ``, CloudRunner.buildParameters);
-      if (
-        fs.existsSync(`./cloud-runner-cache/${path.basename(CloudRunnerFolders.uniqueCloudRunnerJobFolderAbsolute)}`)
-      ) {
-        CloudRunnerLogger.log(
-          `Cleaning up ./cloud-runner-cache/${path.basename(CloudRunnerFolders.uniqueCloudRunnerJobFolderAbsolute)}`,
-        );
-      }
-    });
-  }
-});
--- a/src/model/cloud-runner/tests/e2e/cloud-runner-kubernetes.test.ts
+++ b/src/model/cloud-runner/tests/e2e/cloud-runner-kubernetes.test.ts
@@ -1,56 +0,0 @@
-import CloudRunner from '../../cloud-runner';
-import UnityVersioning from '../../../unity-versioning';
-import { Cli } from '../../../cli/cli';
-import CloudRunnerLogger from '../../services/core/cloud-runner-logger';
-import { v4 as uuidv4 } from 'uuid';
-import CloudRunnerOptions from '../../options/cloud-runner-options';
-import setups from '../cloud-runner-suite.test';
-import BuildParameters from '../../../build-parameters';
-import ImageTag from '../../../image-tag';
-
-async function CreateParameters(overrides: any) {
-  if (overrides) {
-    Cli.options = overrides;
-  }
-
-  return await BuildParameters.create();
-}
-
-describe('Cloud Runner Kubernetes', () => {
-  it('Responds', () => {});
-  setups();
-
-  if (CloudRunnerOptions.cloudRunnerDebug) {
-    it('Run one build it using K8s without error', async () => {
-      if (CloudRunnerOptions.providerStrategy !== `k8s`) {
-        return;
-      }
-      process.env.USE_IL2CPP = 'false';
-      const overrides = {
-        versioning: 'None',
-        projectPath: 'test-project',
-        unityVersion: UnityVersioning.determineUnityVersion('test-project', UnityVersioning.read('test-project')),
-        targetPlatform: 'StandaloneLinux64',
-        cacheKey: `test-case-${uuidv4()}`,
-        providerStrategy: 'k8s',
-        buildPlatform: 'linux',
-      };
-      const buildParameter = await CreateParameters(overrides);
-      expect(buildParameter.projectPath).toEqual(overrides.projectPath);
-
-      const baseImage = new ImageTag(buildParameter);
-      const resultsObject = await CloudRunner.run(buildParameter, baseImage.toString());
-      const results = resultsObject.BuildResults;
-      const libraryString = 'Rebuilding Library because the asset database could not be found!';
-      const cachePushFail = 'Did not push source folder to cache because it was empty Library';
-      const buildSucceededString = 'Build succeeded';
-
-      expect(results).toContain('Collected Logs');
-      expect(results).toContain(libraryString);
-      expect(results).toContain(buildSucceededString);
-      expect(results).not.toContain(cachePushFail);
-
-      CloudRunnerLogger.log(`run 1 succeeded`);
-    }, 1_000_000_000);
-  }
-});
--- a/src/model/cloud-runner/workflows/build-automation-workflow.ts
+++ b/src/model/cloud-runner/workflows/build-automation-workflow.ts
@@ -1,114 +0,0 @@
-import CloudRunnerLogger from '../services/core/cloud-runner-logger';
-import { CloudRunnerFolders } from '../options/cloud-runner-folders';
-import { CloudRunnerStepParameters } from '../options/cloud-runner-step-parameters';
-import { WorkflowInterface } from './workflow-interface';
-import { CommandHookService } from '../services/hooks/command-hook-service';
-import path from 'node:path';
-import CloudRunner from '../cloud-runner';
-import { ContainerHookService } from '../services/hooks/container-hook-service';
-
-export class BuildAutomationWorkflow implements WorkflowInterface {
-  async run(cloudRunnerStepState: CloudRunnerStepParameters) {
-    return await BuildAutomationWorkflow.standardBuildAutomation(cloudRunnerStepState.image, cloudRunnerStepState);
-  }
-
-  private static async standardBuildAutomation(baseImage: string, cloudRunnerStepState: CloudRunnerStepParameters) {
-    // TODO accept post and pre build steps as yaml files in the repo
-    CloudRunnerLogger.log(`Cloud Runner is running standard build automation`);
-
-    let output = '';
-
-    output += await ContainerHookService.RunPreBuildSteps(cloudRunnerStepState);
-    CloudRunnerLogger.logWithTime('Configurable pre build step(s) time');
-    CloudRunnerLogger.log(baseImage);
-    CloudRunnerLogger.logLine(` `);
-    CloudRunnerLogger.logLine('Starting build automation job');
-
-    output += await CloudRunner.Provider.runTaskInWorkflow(
-      CloudRunner.buildParameters.buildGuid,
-      baseImage.toString(),
-      BuildAutomationWorkflow.BuildWorkflow,
-      `/${CloudRunnerFolders.buildVolumeFolder}`,
-      `/${CloudRunnerFolders.buildVolumeFolder}/`,
-      cloudRunnerStepState.environment,
-      cloudRunnerStepState.secrets,
-    );
-    CloudRunnerLogger.logWithTime('Build time');
-
-    output += await ContainerHookService.RunPostBuildSteps(cloudRunnerStepState);
-    CloudRunnerLogger.logWithTime('Configurable post build step(s) time');
-
-    CloudRunnerLogger.log(`Cloud Runner finished running standard build automation`);
-
-    return output;
-  }
-
-  private static get BuildWorkflow() {
-    const setupHooks = CommandHookService.getHooks(CloudRunner.buildParameters.commandHooks).filter((x) =>
-      x.step?.includes(`setup`),
-    );
-    const buildHooks = CommandHookService.getHooks(CloudRunner.buildParameters.commandHooks).filter((x) =>
-      x.step?.includes(`build`),
-    );
-    const builderPath = CloudRunnerFolders.ToLinuxFolder(
-      path.join(CloudRunnerFolders.builderPathAbsolute, 'dist', `index.js`),
-    );
-
-    return `echo "cloud runner build workflow starting"
-      apt-get update > /dev/null
-      apt-get install -y curl tar tree npm git-lfs jq git > /dev/null
-      npm --version
-      npm i -g n > /dev/null
-      npm i -g semver > /dev/null
-      npm install --global yarn > /dev/null
-      n 20.8.0
-      node --version
-      ${setupHooks.filter((x) => x.hook.includes(`before`)).map((x) => x.commands) || ' '}
-      export GITHUB_WORKSPACE="${CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.repoPathAbsolute)}"
-      df -H /data/
-      ${BuildAutomationWorkflow.setupCommands(builderPath)}
-      ${setupHooks.filter((x) => x.hook.includes(`after`)).map((x) => x.commands) || ' '}
-      ${buildHooks.filter((x) => x.hook.includes(`before`)).map((x) => x.commands) || ' '}
-      ${BuildAutomationWorkflow.BuildCommands(builderPath)}
-      ${buildHooks.filter((x) => x.hook.includes(`after`)).map((x) => x.commands) || ' '}`;
-  }
-
-  private static setupCommands(builderPath: string) {
-    const commands = `mkdir -p ${CloudRunnerFolders.ToLinuxFolder(
-      CloudRunnerFolders.builderPathAbsolute,
-    )} && git clone -q -b ${CloudRunner.buildParameters.cloudRunnerBranch} ${
-      CloudRunnerFolders.unityBuilderRepoUrl
-    } "${CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.builderPathAbsolute)}" && chmod +x ${builderPath}`;
-
-    const cloneBuilderCommands = `if [ -e "${CloudRunnerFolders.ToLinuxFolder(
-      CloudRunnerFolders.uniqueCloudRunnerJobFolderAbsolute,
-    )}" ] && [ -e "${CloudRunnerFolders.ToLinuxFolder(
-      path.join(CloudRunnerFolders.builderPathAbsolute, `.git`),
-    )}" ] ; then echo "Builder Already Exists!" && tree ${
-      CloudRunnerFolders.builderPathAbsolute
-    }; else ${commands} ; fi`;
-
-    return `export GIT_DISCOVERY_ACROSS_FILESYSTEM=1
-${cloneBuilderCommands}
-echo "log start" >> /home/job-log.txt
-node ${builderPath} -m remote-cli-pre-build`;
-  }
-
-  private static BuildCommands(builderPath: string) {
-    const distFolder = path.join(CloudRunnerFolders.builderPathAbsolute, 'dist');
-    const ubuntuPlatformsFolder = path.join(CloudRunnerFolders.builderPathAbsolute, 'dist', 'platforms', 'ubuntu');
-
-    return `
-    mkdir -p ${`${CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.projectBuildFolderAbsolute)}/build`}
-    cd ${CloudRunnerFolders.ToLinuxFolder(CloudRunnerFolders.projectPathAbsolute)}
-    cp -r "${CloudRunnerFolders.ToLinuxFolder(path.join(distFolder, 'default-build-script'))}" "/UnityBuilderAction"
-    cp -r "${CloudRunnerFolders.ToLinuxFolder(path.join(ubuntuPlatformsFolder, 'entrypoint.sh'))}" "/entrypoint.sh"
-    cp -r "${CloudRunnerFolders.ToLinuxFolder(path.join(ubuntuPlatformsFolder, 'steps'))}" "/steps"
-    chmod -R +x "/entrypoint.sh"
-    chmod -R +x "/steps"
-    echo "game ci start"
-    echo "game ci start" >> /home/job-log.txt
-    /entrypoint.sh | node ${builderPath} -m remote-cli-log-stream --logFile /home/job-log.txt
-    node ${builderPath} -m remote-cli-post-build`;
-  }
-}
--- a/src/model/cloud-runner/workflows/custom-workflow.ts
+++ b/src/model/cloud-runner/workflows/custom-workflow.ts
@@ -1,51 +0,0 @@
-import CloudRunnerLogger from '../services/core/cloud-runner-logger';
-import CloudRunnerSecret from '../options/cloud-runner-secret';
-import { CloudRunnerFolders } from '../options/cloud-runner-folders';
-import CloudRunnerEnvironmentVariable from '../options/cloud-runner-environment-variable';
-import { ContainerHookService } from '../services/hooks/container-hook-service';
-import { ContainerHook } from '../services/hooks/container-hook';
-import CloudRunner from '../cloud-runner';
-
-export class CustomWorkflow {
-  public static async runContainerJobFromString(
-    buildSteps: string,
-    environmentVariables: CloudRunnerEnvironmentVariable[],
-    secrets: CloudRunnerSecret[],
-  ): Promise<string> {
-    return await CustomWorkflow.runContainerJob(
-      ContainerHookService.ParseContainerHooks(buildSteps),
-      environmentVariables,
-      secrets,
-    );
-  }
-
-  public static async runContainerJob(
-    steps: ContainerHook[],
-    environmentVariables: CloudRunnerEnvironmentVariable[],
-    secrets: CloudRunnerSecret[],
-  ) {
-    try {
-      let output = '';
-
-      // if (CloudRunner.buildParameters?.cloudRunnerDebug) {
-      //   CloudRunnerLogger.log(`Custom Job Description \n${JSON.stringify(buildSteps, undefined, 4)}`);
-      // }
-      for (const step of steps) {
-        CloudRunnerLogger.log(`Cloud Runner is running in custom job mode`);
-        output += await CloudRunner.Provider.runTaskInWorkflow(
-          CloudRunner.buildParameters.buildGuid,
-          step.image,
-          step.commands,
-          `/${CloudRunnerFolders.buildVolumeFolder}`,
-          `/${CloudRunnerFolders.projectPathAbsolute}/`,
-          environmentVariables,
-          [...secrets, ...step.secrets],
-        );
-      }
-
-      return output;
-    } catch (error) {
-      throw error;
-    }
-  }
-}
--- a/src/model/cloud-runner/workflows/workflow-composition-root.ts
+++ b/src/model/cloud-runner/workflows/workflow-composition-root.ts
@@ -1,39 +0,0 @@
-import { CloudRunnerStepParameters } from '../options/cloud-runner-step-parameters';
-import { CustomWorkflow } from './custom-workflow';
-import { WorkflowInterface } from './workflow-interface';
-import { BuildAutomationWorkflow } from './build-automation-workflow';
-import CloudRunner from '../cloud-runner';
-import CloudRunnerOptions from '../options/cloud-runner-options';
-import { AsyncWorkflow } from './async-workflow';
-
-export class WorkflowCompositionRoot implements WorkflowInterface {
-  async run(cloudRunnerStepState: CloudRunnerStepParameters) {
-    try {
-      if (
-        CloudRunnerOptions.asyncCloudRunner &&
-        !CloudRunner.isCloudRunnerAsyncEnvironment &&
-        !CloudRunner.isCloudRunnerEnvironment
-      ) {
-        return await AsyncWorkflow.runAsyncWorkflow(cloudRunnerStepState.environment, cloudRunnerStepState.secrets);
-      }
-
-      if (CloudRunner.buildParameters.customJob !== '') {
-        return await CustomWorkflow.runContainerJobFromString(
-          CloudRunner.buildParameters.customJob,
-          cloudRunnerStepState.environment,
-          cloudRunnerStepState.secrets,
-        );
-      }
-
-      return await new BuildAutomationWorkflow().run(
-        new CloudRunnerStepParameters(
-          cloudRunnerStepState.image.toString(),
-          cloudRunnerStepState.environment,
-          cloudRunnerStepState.secrets,
-        ),
-      );
-    } catch (error) {
-      throw error;
-    }
-  }
-}
--- a/src/model/cloud-runner/workflows/workflow-interface.ts
+++ b/src/model/cloud-runner/workflows/workflow-interface.ts
@@ -1,8 +0,0 @@
-import { CloudRunnerStepParameters } from '../options/cloud-runner-step-parameters';
-
-export interface WorkflowInterface {
-  run(
-    // eslint-disable-next-line no-unused-vars
-    cloudRunnerStepState: CloudRunnerStepParameters,
-  ): Promise<string>;
-}
--- a/src/model/docker.ts
+++ b/src/model/docker.ts
@@ -55,7 +55,10 @@ class Docker {
    if (!existsSync(githubHome)) mkdirSync(githubHome);
    const githubWorkflow = path.join(runnerTempPath, '_github_workflow');
    if (!existsSync(githubWorkflow)) mkdirSync(githubWorkflow);
-    const commandPrefix = image === `alpine` ? `/bin/sh` : `/bin/bash`;
+
+    // Alpine-based images (alpine, rclone/rclone, etc.) don't have /bin/bash, only /bin/sh
+    const isAlpineBasedImage = image === 'alpine' || image.startsWith('rclone/');
+    const commandPrefix = isAlpineBasedImage ? `/bin/sh` : `/bin/bash`;

    return `docker run \
            --workdir ${dockerWorkspacePath} \
@@ -92,6 +95,7 @@ class Docker {
    const {
      workspace,
      actionFolder,
+      runnerTempPath,
      gitPrivateToken,
      dockerWorkspacePath,
      dockerCpuLimit,
@@ -99,13 +103,18 @@ class Docker {
      dockerIsolationMode,
    } = parameters;

+    const githubHome = path.join(runnerTempPath, '_github_home');
+    if (!existsSync(githubHome)) mkdirSync(githubHome);
+
    return `docker run \
            --workdir c:${dockerWorkspacePath} \
            --rm \
            ${ImageEnvironmentFactory.getEnvVarString(parameters)} \
+            --env BEE_CACHE_DIRECTORY=c:${dockerWorkspacePath}/Library/bee_cache \
            --env GITHUB_WORKSPACE=c:${dockerWorkspacePath} \
            ${gitPrivateToken ? `--env GIT_PRIVATE_TOKEN="${gitPrivateToken}"` : ''} \
            --volume "${workspace}":"c:${dockerWorkspacePath}" \
+            --volume "${githubHome}":"C:/githubhome" \
            --volume "c:/regkeys":"c:/regkeys" \
            --volume "C:/Program Files/Microsoft Visual Studio":"C:/Program Files/Microsoft Visual Studio" \
            --volume "C:/Program Files (x86)/Microsoft Visual Studio":"C:/Program Files (x86)/Microsoft Visual Studio" \
--- a/src/model/github.ts
+++ b/src/model/github.ts
@@ -1,6 +1,6 @@
-import CloudRunnerLogger from './cloud-runner/services/core/cloud-runner-logger';
-import CloudRunner from './cloud-runner/cloud-runner';
-import CloudRunnerOptions from './cloud-runner/options/cloud-runner-options';
+import OrchestratorLogger from './orchestrator/services/core/orchestrator-logger';
+import Orchestrator from './orchestrator/orchestrator';
+import OrchestratorOptions from './orchestrator/options/orchestrator-options';
 import * as core from '@actions/core';
 import { Octokit } from '@octokit/core';

@@ -19,15 +19,15 @@ class GitHub {
  }
  private static get octokitPAT() {
    return new Octokit({
-      auth: CloudRunner.buildParameters.gitPrivateToken,
+      auth: Orchestrator.buildParameters.gitPrivateToken,
    });
  }
  private static get sha() {
-    return CloudRunner.buildParameters.gitSha;
+    return Orchestrator.buildParameters.gitSha;
  }

  private static get checkName() {
-    return `Cloud Runner (${CloudRunner.buildParameters.buildGuid})`;
+    return `Orchestrator (${Orchestrator.buildParameters.buildGuid})`;
  }

  private static get nameReadable() {
@@ -35,24 +35,24 @@ class GitHub {
  }

  private static get checkRunId() {
-    return CloudRunner.buildParameters.githubCheckId;
+    return Orchestrator.buildParameters.githubCheckId;
  }

  private static get owner() {
-    return CloudRunnerOptions.githubOwner;
+    return OrchestratorOptions.githubOwner;
  }

  private static get repo() {
-    return CloudRunnerOptions.githubRepoName;
+    return OrchestratorOptions.githubRepoName;
  }

  public static async createGitHubCheck(summary: string) {
-    if (!CloudRunner.buildParameters.githubChecks) {
+    if (!Orchestrator.buildParameters.githubChecks) {
      return ``;
    }
    GitHub.startedDate = new Date().toISOString();

-    CloudRunnerLogger.log(`Creating github check`);
+    OrchestratorLogger.log(`Creating github check`);
    const data = {
      owner: GitHub.owner,
      repo: GitHub.repo,
@@ -61,7 +61,7 @@ class GitHub {
      head_sha: GitHub.sha,
      status: 'queued',
      // eslint-disable-next-line camelcase
-      external_id: CloudRunner.buildParameters.buildGuid,
+      external_id: Orchestrator.buildParameters.buildGuid,
      // eslint-disable-next-line camelcase
      started_at: GitHub.startedDate,
      output: {
@@ -79,7 +79,7 @@ class GitHub {
    };
    const result = await GitHub.createGitHubCheckRequest(data);

-    CloudRunnerLogger.log(`Creating github check ${result.status}`);
+    OrchestratorLogger.log(`Creating github check ${result.status}`);

    return result.data.id.toString();
  }
@@ -90,11 +90,11 @@ class GitHub {
    result = `neutral`,
    status = `in_progress`,
  ) {
-    if (`${CloudRunner.buildParameters.githubChecks}` !== `true`) {
+    if (`${Orchestrator.buildParameters.githubChecks}` !== `true`) {
      return;
    }
-    CloudRunnerLogger.log(
-      `githubChecks: ${CloudRunner.buildParameters.githubChecks} checkRunId: ${GitHub.checkRunId} sha: ${GitHub.sha} async: ${CloudRunner.isCloudRunnerAsyncEnvironment}`,
+    OrchestratorLogger.log(
+      `githubChecks: ${Orchestrator.buildParameters.githubChecks} checkRunId: ${GitHub.checkRunId} sha: ${GitHub.sha} async: ${Orchestrator.isOrchestratorAsyncEnvironment}`,
    );
    GitHub.longDescriptionContent += `\n${longDescription}`;
    if (GitHub.result !== `success` && GitHub.result !== `failure`) {
@@ -130,7 +130,7 @@ class GitHub {
      data.conclusion = result;
    }

-    await (CloudRunner.isCloudRunnerAsyncEnvironment || GitHub.forceAsyncTest
+    await (Orchestrator.isOrchestratorAsyncEnvironment || GitHub.forceAsyncTest
      ? GitHub.runUpdateAsyncChecksWorkflow(data, `update`)
      : GitHub.updateGitHubCheckRequest(data));
  }
@@ -152,7 +152,7 @@ class GitHub {
      repo: GitHub.repo,
    });
    const workflows = workflowsResult.data.workflows;
-    CloudRunnerLogger.log(`Got ${workflows.length} workflows`);
+    OrchestratorLogger.log(`Got ${workflows.length} workflows`);
    let selectedId = ``;
    for (let index = 0; index < workflowsResult.data.total_count; index++) {
      if (workflows[index].name === GitHub.asyncChecksApiWorkflowName) {
@@ -168,7 +168,7 @@ class GitHub {
      repo: GitHub.repo,
      // eslint-disable-next-line camelcase
      workflow_id: selectedId,
-      ref: CloudRunnerOptions.branch,
+      ref: OrchestratorOptions.branch,
      inputs: {
        checksObject: JSON.stringify({ data, mode }),
      },
@@ -176,7 +176,7 @@ class GitHub {
  }

  static async triggerWorkflowOnComplete(triggerWorkflowOnComplete: string[]) {
-    const isLocalAsync = CloudRunner.buildParameters.asyncWorkflow && !CloudRunner.isCloudRunnerAsyncEnvironment;
+    const isLocalAsync = Orchestrator.buildParameters.asyncWorkflow && !Orchestrator.isOrchestratorAsyncEnvironment;
    if (isLocalAsync || triggerWorkflowOnComplete === undefined || triggerWorkflowOnComplete.length === 0) {
      return;
    }
@@ -186,7 +186,7 @@ class GitHub {
        repo: GitHub.repo,
      });
      const workflows = workflowsResult.data.workflows;
-      CloudRunnerLogger.log(`Got ${workflows.length} workflows`);
+      OrchestratorLogger.log(`Got ${workflows.length} workflows`);
      for (const element of triggerWorkflowOnComplete) {
        let selectedId = ``;
        for (let index = 0; index < workflowsResult.data.total_count; index++) {
@@ -203,9 +203,9 @@ class GitHub {
          repo: GitHub.repo,
          // eslint-disable-next-line camelcase
          workflow_id: selectedId,
-          ref: CloudRunnerOptions.branch,
+          ref: OrchestratorOptions.branch,
          inputs: {
-            buildGuid: CloudRunner.buildParameters.buildGuid,
+            buildGuid: Orchestrator.buildParameters.buildGuid,
          },
        });
      }
--- a/src/model/image-environment-factory.ts
+++ b/src/model/image-environment-factory.ts
@@ -5,16 +5,17 @@ class ImageEnvironmentFactory {
    const environmentVariables = ImageEnvironmentFactory.getEnvironmentVariables(parameters, additionalVariables);
    let string = '';
    for (const p of environmentVariables) {
-      if (p.value === '' || p.value === undefined) {
+      if (p.value === '' || p.value === undefined || p.value === null) {
        continue;
      }
-      if (p.name !== 'ANDROID_KEYSTORE_BASE64' && p.value.toString().includes(`\n`)) {
+      const valueAsString = typeof p.value === 'string' ? p.value : String(p.value);
+      if (p.name !== 'ANDROID_KEYSTORE_BASE64' && valueAsString.includes(`\n`)) {
        string += `--env ${p.name} `;
-        process.env[p.name] = p.value.toString();
+        process.env[p.name] = valueAsString;
        continue;
      }

-      string += `--env ${p.name}="${p.value}" `;
+      string += `--env ${p.name}="${valueAsString}" `;
    }

    return string;
@@ -82,17 +83,12 @@ class ImageEnvironmentFactory {
      { name: 'RUNNER_TEMP', value: process.env.RUNNER_TEMP },
      { name: 'RUNNER_WORKSPACE', value: process.env.RUNNER_WORKSPACE },
    ];
-    if (parameters.providerStrategy === 'local-docker') {
-      for (const element of additionalVariables) {
-        if (!environmentVariables.some((x) => element?.name === x?.name)) {
-          environmentVariables.push(element);
-        }
-      }
-      for (const variable of environmentVariables) {
-        if (!environmentVariables.some((x) => variable?.name === x?.name)) {
-          environmentVariables = environmentVariables.filter((x) => x !== variable);
-        }
-      }
+
+    // Always merge additional variables (e.g., secrets/env from Orchestrator) uniquely by name
+    for (const element of additionalVariables) {
+      if (!element || !element.name) continue;
+      environmentVariables = environmentVariables.filter((x) => x?.name !== element.name);
+      environmentVariables.push(element);
    }
    if (parameters.sshAgent) {
      environmentVariables.push({ name: 'SSH_AUTH_SOCK', value: '/ssh-agent' });
--- a/src/model/image-tag.ts
+++ b/src/model/image-tag.ts
@@ -58,6 +58,7 @@ class ImageTag {
      android: 'android',
      ios: 'ios',
      tvos: 'appletv',
+      visionos: 'visionos',
      facebook: 'facebook',
    };
  }
@@ -82,8 +83,21 @@ class ImageTag {
    version: string,
    providerStrategy: string,
  ): string {
-    const { generic, webgl, mac, windows, windowsIl2cpp, wsaPlayer, linux, linuxIl2cpp, android, ios, tvos, facebook } =
-      ImageTag.targetPlatformSuffixes;
+    const {
+      generic,
+      webgl,
+      mac,
+      windows,
+      windowsIl2cpp,
+      wsaPlayer,
+      linux,
+      linuxIl2cpp,
+      android,
+      ios,
+      tvos,
+      visionos,
+      facebook,
+    } = ImageTag.targetPlatformSuffixes;

    const [major, minor] = version.split('.').map((digit) => Number(digit));

@@ -136,11 +150,17 @@ class ImageTag {
      case Platform.types.XboxOne:
        return windows;
      case Platform.types.tvOS:
-        if (process.platform !== 'win32') {
-          throw new Error(`tvOS can only be built on a windows base OS`);
+        if (process.platform !== 'win32' && process.platform !== 'darwin') {
+          throw new Error(`tvOS can only be built on Windows or macOS base OS`);
        }

        return tvos;
+      case Platform.types.VisionOS:
+        if (process.platform !== 'darwin') {
+          throw new Error(`visionOS can only be built on a macOS base OS`);
+        }
+
+        return visionos;
      case Platform.types.Switch:
        return windows;

--- a/src/model/index.ts
+++ b/src/model/index.ts
@@ -9,7 +9,8 @@ import Platform from './platform';
 import Project from './project';
 import Unity from './unity';
 import Versioning from './versioning';
-import CloudRunner from './cloud-runner/cloud-runner';
+import Orchestrator from './orchestrator/orchestrator';
+import loadProvider, { ProviderLoader } from './orchestrator/providers/provider-loader';

 export {
  Action,
@@ -23,5 +24,7 @@ export {
  Project,
  Unity,
  Versioning,
-  CloudRunner as CloudRunner,
+  Orchestrator as Orchestrator,
+  loadProvider,
+  ProviderLoader,
 };
--- a/src/model/input-readers/generic-input-reader.ts
+++ b/src/model/input-readers/generic-input-reader.ts
@@ -1,12 +1,12 @@
-import { CloudRunnerSystem } from '../cloud-runner/services/core/cloud-runner-system';
-import CloudRunnerOptions from '../cloud-runner/options/cloud-runner-options';
+import { OrchestratorSystem } from '../orchestrator/services/core/orchestrator-system';
+import OrchestratorOptions from '../orchestrator/options/orchestrator-options';

 export class GenericInputReader {
  public static async Run(command: string) {
-    if (CloudRunnerOptions.providerStrategy === 'local') {
+    if (OrchestratorOptions.providerStrategy === 'local') {
      return '';
    }

-    return await CloudRunnerSystem.Run(command, false, true);
+    return await OrchestratorSystem.Run(command, false, true);
  }
 }
--- a/src/model/input-readers/git-repo.test.ts
+++ b/src/model/input-readers/git-repo.test.ts
@@ -1,6 +1,6 @@
 import { GitRepoReader } from './git-repo';
-import { CloudRunnerSystem } from '../cloud-runner/services/core/cloud-runner-system';
-import CloudRunnerOptions from '../cloud-runner/options/cloud-runner-options';
+import { OrchestratorSystem } from '../orchestrator/services/core/orchestrator-system';
+import OrchestratorOptions from '../orchestrator/options/orchestrator-options';

 describe(`git repo tests`, () => {
  it(`Branch value parsed from CLI to not contain illegal characters`, async () => {
@@ -10,15 +10,15 @@ describe(`git repo tests`, () => {

  it(`returns valid branch name when using https`, async () => {
    const mockValue = 'https://github.com/example/example.git';
-    await jest.spyOn(CloudRunnerSystem, 'Run').mockReturnValue(Promise.resolve(mockValue));
-    await jest.spyOn(CloudRunnerOptions, 'providerStrategy', 'get').mockReturnValue('not-local');
+    await jest.spyOn(OrchestratorSystem, 'Run').mockReturnValue(Promise.resolve(mockValue));
+    await jest.spyOn(OrchestratorOptions, 'providerStrategy', 'get').mockReturnValue('not-local');
    expect(await GitRepoReader.GetRemote()).toEqual(`example/example`);
  });

  it(`returns valid branch name when using ssh`, async () => {
    const mockValue = 'git@github.com:example/example.git';
-    await jest.spyOn(CloudRunnerSystem, 'Run').mockReturnValue(Promise.resolve(mockValue));
-    await jest.spyOn(CloudRunnerOptions, 'providerStrategy', 'get').mockReturnValue('not-local');
+    await jest.spyOn(OrchestratorSystem, 'Run').mockReturnValue(Promise.resolve(mockValue));
+    await jest.spyOn(OrchestratorOptions, 'providerStrategy', 'get').mockReturnValue('not-local');
    expect(await GitRepoReader.GetRemote()).toEqual(`example/example`);
  });
 });
--- a/src/model/input-readers/git-repo.ts
+++ b/src/model/input-readers/git-repo.ts
@@ -1,33 +1,33 @@
 import { assert } from 'node:console';
 import fs from 'node:fs';
-import { CloudRunnerSystem } from '../cloud-runner/services/core/cloud-runner-system';
-import CloudRunnerLogger from '../cloud-runner/services/core/cloud-runner-logger';
-import CloudRunnerOptions from '../cloud-runner/options/cloud-runner-options';
+import { OrchestratorSystem } from '../orchestrator/services/core/orchestrator-system';
+import OrchestratorLogger from '../orchestrator/services/core/orchestrator-logger';
+import OrchestratorOptions from '../orchestrator/options/orchestrator-options';
 import Input from '../input';

 export class GitRepoReader {
  public static async GetRemote() {
-    if (CloudRunnerOptions.providerStrategy === 'local') {
+    if (OrchestratorOptions.providerStrategy === 'local') {
      return '';
    }
    assert(fs.existsSync(`.git`));
-    const value = (await CloudRunnerSystem.Run(`cd ${Input.projectPath} && git remote -v`, false, true)).replace(
+    const value = (await OrchestratorSystem.Run(`cd ${Input.projectPath} && git remote -v`, false, true)).replace(
      / /g,
      ``,
    );
-    CloudRunnerLogger.log(`value ${value}`);
+    OrchestratorLogger.log(`value ${value}`);
    assert(value.includes('github.com'));

    return value.split('github.com')[1].split('.git')[0].slice(1);
  }

  public static async GetBranch() {
-    if (CloudRunnerOptions.providerStrategy === 'local') {
+    if (OrchestratorOptions.providerStrategy === 'local') {
      return '';
    }
    assert(fs.existsSync(`.git`));

-    return (await CloudRunnerSystem.Run(`cd ${Input.projectPath} && git branch --show-current`, false, true))
+    return (await OrchestratorSystem.Run(`cd ${Input.projectPath} && git branch --show-current`, false, true))
      .split('\n')[0]
      .replace(/ /g, ``)
      .replace('/head', '');
--- a/src/model/input-readers/github-cli.ts
+++ b/src/model/input-readers/github-cli.ts
@@ -1,19 +1,19 @@
-import { CloudRunnerSystem } from '../cloud-runner/services/core/cloud-runner-system';
+import { OrchestratorSystem } from '../orchestrator/services/core/orchestrator-system';
 import * as core from '@actions/core';
-import CloudRunnerOptions from '../cloud-runner/options/cloud-runner-options';
+import OrchestratorOptions from '../orchestrator/options/orchestrator-options';

 export class GithubCliReader {
  static async GetGitHubAuthToken() {
-    if (CloudRunnerOptions.providerStrategy === 'local') {
+    if (OrchestratorOptions.providerStrategy === 'local') {
      return '';
    }
    try {
-      const authStatus = await CloudRunnerSystem.Run(`gh auth status`, true, true);
+      const authStatus = await OrchestratorSystem.Run(`gh auth status`, true, true);
      if (authStatus.includes('You are not logged') || authStatus === '') {
        return '';
      }

-      return (await CloudRunnerSystem.Run(`gh auth status -t`, false, true))
+      return (await OrchestratorSystem.Run(`gh auth status -t`, false, true))
        .split(`Token: `)[1]
        .replace(/ /g, '')
        .replace(/\n/g, '');
--- a/src/model/input-readers/test-license-reader.ts
+++ b/src/model/input-readers/test-license-reader.ts
@@ -1,13 +1,13 @@
 import path from 'node:path';
 import fs from 'node:fs';
 import YAML from 'yaml';
-import CloudRunnerOptions from '../cloud-runner/options/cloud-runner-options';
+import OrchestratorOptions from '../orchestrator/options/orchestrator-options';

 export function ReadLicense(): string {
-  if (CloudRunnerOptions.providerStrategy === 'local') {
+  if (OrchestratorOptions.providerStrategy === 'local') {
    return '';
  }
-  const pipelineFile = path.join(__dirname, `.github`, `workflows`, `cloud-runner-k8s-pipeline.yml`);
+  const pipelineFile = path.join(__dirname, `.github`, `workflows`, `orchestrator-k8s-pipeline.yml`);

  return fs.existsSync(pipelineFile) ? YAML.parse(fs.readFileSync(pipelineFile, 'utf8')).env.UNITY_LICENSE : '';
 }
--- a/src/model/input.ts
+++ b/src/model/input.ts
@@ -1,7 +1,7 @@
 import fs from 'node:fs';
 import path from 'node:path';
 import { Cli } from './cli/cli';
-import CloudRunnerQueryOverride from './cloud-runner/options/cloud-runner-query-override';
+import OrchestratorQueryOverride from './orchestrator/options/orchestrator-query-override';
 import Platform from './platform';
 import GitHub from './github';
 import os from 'node:os';
@@ -32,8 +32,8 @@ class Input {
      return Cli.query(query, alternativeQuery);
    }

-    if (CloudRunnerQueryOverride.query(query, alternativeQuery)) {
-      return CloudRunnerQueryOverride.query(query, alternativeQuery);
+    if (OrchestratorQueryOverride.query(query, alternativeQuery)) {
+      return OrchestratorQueryOverride.query(query, alternativeQuery);
    }

    if (process.env[query] !== undefined) {
--- a/src/model/orchestrator/error/orchestrator-error.ts
+++ b/src/model/orchestrator/error/orchestrator-error.ts
@@ -0,0 +1,15 @@
+import OrchestratorLogger from '../services/core/orchestrator-logger';
+import * as core from '@actions/core';
+import Orchestrator from '../orchestrator';
+import OrchestratorSecret from '../options/orchestrator-secret';
+import BuildParameters from '../../build-parameters';
+
+export class OrchestratorError {
+  public static async handleException(error: unknown, buildParameters: BuildParameters, secrets: OrchestratorSecret[]) {
+    OrchestratorLogger.error(JSON.stringify(error, undefined, 4));
+    core.setFailed('Orchestrator failed');
+    if (Orchestrator.Provider !== undefined) {
+      await Orchestrator.Provider.cleanupWorkflow(buildParameters, buildParameters.branch, secrets);
+    }
+  }
+}
--- a/src/model/orchestrator/options/orchestrator-constants.ts
+++ b/src/model/orchestrator/options/orchestrator-constants.ts
@@ -0,0 +1,4 @@
+class OrchestratorConstants {
+  static alphabet = '0123456789abcdefghijklmnopqrstuvwxyz';
+}
+export default OrchestratorConstants;
--- a/src/model/orchestrator/options/orchestrator-environment-variable.ts
+++ b/src/model/orchestrator/options/orchestrator-environment-variable.ts
@@ -0,0 +1,5 @@
+class OrchestratorEnvironmentVariable {
+  public name!: string;
+  public value!: string;
+}
+export default OrchestratorEnvironmentVariable;
--- a/src/model/orchestrator/options/orchestrator-folders-auth.test.ts
+++ b/src/model/orchestrator/options/orchestrator-folders-auth.test.ts
@@ -0,0 +1,140 @@
+import { OrchestratorFolders } from './orchestrator-folders';
+
+jest.mock('../orchestrator', () => ({
+  __esModule: true,
+  default: {
+    buildParameters: {
+      orchestratorRepoName: 'game-ci/unity-builder',
+      githubRepo: 'myorg/myrepo',
+      gitPrivateToken: 'ghp_test123',
+      gitAuthMode: 'header',
+      buildGuid: 'test-guid',
+      projectPath: '',
+      buildPath: 'Builds',
+      cacheKey: 'test-cache',
+    },
+    lockedWorkspace: '',
+  },
+}));
+
+jest.mock('./orchestrator-options', () => ({
+  __esModule: true,
+  default: {
+    useSharedBuilder: false,
+  },
+}));
+
+jest.mock('../services/core/orchestrator-system', () => ({
+  OrchestratorSystem: {
+    Run: jest.fn().mockResolvedValue(''),
+  },
+}));
+
+const mockOrchestrator = require('../orchestrator').default;
+
+describe('OrchestratorFolders git auth', () => {
+  beforeEach(() => {
+    jest.clearAllMocks();
+  });
+
+  describe('useHeaderAuth', () => {
+    it('should return true when gitAuthMode is header', () => {
+      mockOrchestrator.buildParameters.gitAuthMode = 'header';
+      expect(OrchestratorFolders.useHeaderAuth).toBe(true);
+    });
+
+    it('should return true when gitAuthMode is undefined (default)', () => {
+      mockOrchestrator.buildParameters.gitAuthMode = undefined;
+      expect(OrchestratorFolders.useHeaderAuth).toBe(true);
+    });
+
+    it('should return false when gitAuthMode is url', () => {
+      mockOrchestrator.buildParameters.gitAuthMode = 'url';
+      expect(OrchestratorFolders.useHeaderAuth).toBe(false);
+    });
+  });
+
+  describe('unityBuilderRepoUrl', () => {
+    it('should not include token in URL when using header auth', () => {
+      mockOrchestrator.buildParameters.gitAuthMode = 'header';
+      const url = OrchestratorFolders.unityBuilderRepoUrl;
+      expect(url).toBe('https://github.com/game-ci/unity-builder.git');
+      expect(url).not.toContain('ghp_test123');
+    });
+
+    it('should include token in URL when using url auth (legacy)', () => {
+      mockOrchestrator.buildParameters.gitAuthMode = 'url';
+      const url = OrchestratorFolders.unityBuilderRepoUrl;
+      expect(url).toBe('https://ghp_test123@github.com/game-ci/unity-builder.git');
+    });
+  });
+
+  describe('targetBuildRepoUrl', () => {
+    it('should not include token in URL when using header auth', () => {
+      mockOrchestrator.buildParameters.gitAuthMode = 'header';
+      const url = OrchestratorFolders.targetBuildRepoUrl;
+      expect(url).toBe('https://github.com/myorg/myrepo.git');
+      expect(url).not.toContain('ghp_test123');
+    });
+
+    it('should include token in URL when using url auth (legacy)', () => {
+      mockOrchestrator.buildParameters.gitAuthMode = 'url';
+      const url = OrchestratorFolders.targetBuildRepoUrl;
+      expect(url).toBe('https://ghp_test123@github.com/myorg/myrepo.git');
+    });
+  });
+
+  describe('gitAuthConfigScript', () => {
+    it('should emit http.extraHeader commands in header mode', () => {
+      mockOrchestrator.buildParameters.gitAuthMode = 'header';
+      const script = OrchestratorFolders.gitAuthConfigScript;
+      expect(script).toContain('http.extraHeader');
+      expect(script).toContain('GIT_PRIVATE_TOKEN');
+      expect(script).toContain('Authorization: Basic');
+    });
+
+    it('should emit no-op comment in url mode', () => {
+      mockOrchestrator.buildParameters.gitAuthMode = 'url';
+      const script = OrchestratorFolders.gitAuthConfigScript;
+      expect(script).toContain('legacy');
+      expect(script).not.toContain('http.extraHeader');
+    });
+  });
+
+  describe('configureGitAuth', () => {
+    it('should run git config with http.extraHeader in header mode', async () => {
+      mockOrchestrator.buildParameters.gitAuthMode = 'header';
+      mockOrchestrator.buildParameters.gitPrivateToken = 'ghp_test123';
+      const { OrchestratorSystem } = require('../services/core/orchestrator-system');
+
+      await OrchestratorFolders.configureGitAuth();
+
+      // Verify the base64 encoding and extraHeader config are correct
+      const expectedEncoded = Buffer.from('x-access-token:ghp_test123').toString('base64');
+      expect(OrchestratorSystem.Run).toHaveBeenCalledWith(expect.stringContaining(expectedEncoded));
+      expect(OrchestratorSystem.Run).toHaveBeenCalledWith(expect.stringContaining('.extraHeader'));
+    });
+
+    it('should not run git config in url mode', async () => {
+      mockOrchestrator.buildParameters.gitAuthMode = 'url';
+      const { OrchestratorSystem } = require('../services/core/orchestrator-system');
+
+      await OrchestratorFolders.configureGitAuth();
+
+      expect(OrchestratorSystem.Run).not.toHaveBeenCalled();
+    });
+
+    it('should not run git config when no token is available', async () => {
+      mockOrchestrator.buildParameters.gitAuthMode = 'header';
+      mockOrchestrator.buildParameters.gitPrivateToken = '';
+      const originalEnv = process.env.GIT_PRIVATE_TOKEN;
+      delete process.env.GIT_PRIVATE_TOKEN;
+      const { OrchestratorSystem } = require('../services/core/orchestrator-system');
+
+      await OrchestratorFolders.configureGitAuth();
+
+      expect(OrchestratorSystem.Run).not.toHaveBeenCalled();
+      if (originalEnv !== undefined) process.env.GIT_PRIVATE_TOKEN = originalEnv;
+    });
+  });
+});
--- a/src/model/orchestrator/options/orchestrator-folders.ts
+++ b/src/model/orchestrator/options/orchestrator-folders.ts
@@ -0,0 +1,143 @@
+import path from 'node:path';
+import OrchestratorOptions from './orchestrator-options';
+import Orchestrator from '../orchestrator';
+import BuildParameters from '../../build-parameters';
+
+export class OrchestratorFolders {
+  public static readonly repositoryFolder = 'repo';
+
+  public static ToLinuxFolder(folder: string) {
+    return folder.replace(/\\/g, `/`);
+  }
+
+  // Only the following paths that do not start a path.join with another "Full" suffixed property need to start with an absolute /
+
+  public static get uniqueOrchestratorJobFolderAbsolute(): string {
+    return Orchestrator.buildParameters && BuildParameters.shouldUseRetainedWorkspaceMode(Orchestrator.buildParameters)
+      ? path.join(`/`, OrchestratorFolders.buildVolumeFolder, Orchestrator.lockedWorkspace)
+      : path.join(`/`, OrchestratorFolders.buildVolumeFolder, Orchestrator.buildParameters.buildGuid);
+  }
+
+  public static get cacheFolderForAllFull(): string {
+    return path.join('/', OrchestratorFolders.buildVolumeFolder, OrchestratorFolders.cacheFolder);
+  }
+
+  public static get cacheFolderForCacheKeyFull(): string {
+    return path.join(
+      '/',
+      OrchestratorFolders.buildVolumeFolder,
+      OrchestratorFolders.cacheFolder,
+      Orchestrator.buildParameters.cacheKey,
+    );
+  }
+
+  public static get builderPathAbsolute(): string {
+    return path.join(
+      OrchestratorOptions.useSharedBuilder
+        ? `/${OrchestratorFolders.buildVolumeFolder}`
+        : OrchestratorFolders.uniqueOrchestratorJobFolderAbsolute,
+      `builder`,
+    );
+  }
+
+  public static get repoPathAbsolute(): string {
+    return path.join(OrchestratorFolders.uniqueOrchestratorJobFolderAbsolute, OrchestratorFolders.repositoryFolder);
+  }
+
+  public static get projectPathAbsolute(): string {
+    return path.join(OrchestratorFolders.repoPathAbsolute, Orchestrator.buildParameters.projectPath);
+  }
+
+  public static get libraryFolderAbsolute(): string {
+    return path.join(OrchestratorFolders.projectPathAbsolute, `Library`);
+  }
+
+  public static get projectBuildFolderAbsolute(): string {
+    return path.join(OrchestratorFolders.repoPathAbsolute, Orchestrator.buildParameters.buildPath);
+  }
+
+  public static get lfsFolderAbsolute(): string {
+    return path.join(OrchestratorFolders.repoPathAbsolute, `.git`, `lfs`);
+  }
+
+  public static get purgeRemoteCaching(): boolean {
+    return process.env.PURGE_REMOTE_BUILDER_CACHE !== undefined;
+  }
+
+  public static get lfsCacheFolderFull() {
+    return path.join(OrchestratorFolders.cacheFolderForCacheKeyFull, `lfs`);
+  }
+
+  public static get libraryCacheFolderFull() {
+    return path.join(OrchestratorFolders.cacheFolderForCacheKeyFull, `Library`);
+  }
+
+  /**
+   * Whether to use http.extraHeader for git authentication (secure, default)
+   * instead of embedding the token in clone URLs (legacy).
+   */
+  public static get useHeaderAuth(): boolean {
+    return Orchestrator.buildParameters.gitAuthMode !== 'url';
+  }
+
+  public static get unityBuilderRepoUrl(): string {
+    if (OrchestratorFolders.useHeaderAuth) {
+      return `https://github.com/${Orchestrator.buildParameters.orchestratorRepoName}.git`;
+    }
+
+    return `https://${Orchestrator.buildParameters.gitPrivateToken}@github.com/${Orchestrator.buildParameters.orchestratorRepoName}.git`;
+  }
+
+  public static get targetBuildRepoUrl(): string {
+    if (OrchestratorFolders.useHeaderAuth) {
+      return `https://github.com/${Orchestrator.buildParameters.githubRepo}.git`;
+    }
+
+    return `https://${Orchestrator.buildParameters.gitPrivateToken}@github.com/${Orchestrator.buildParameters.githubRepo}.git`;
+  }
+
+  /**
+   * Shell commands to configure git authentication via http.extraHeader.
+   * Uses GIT_PRIVATE_TOKEN env var so the token never appears in clone URLs or git config output.
+   * This is the same mechanism used by actions/checkout.
+   *
+   * Only emits commands when gitAuthMode is 'header' (default). In 'url' mode,
+   * returns a no-op comment since the token is already in the URL.
+   */
+  public static get gitAuthConfigScript(): string {
+    if (!OrchestratorFolders.useHeaderAuth) {
+      return `# git auth: using token-in-URL mode (legacy)`;
+    }
+
+    return `# git auth: configuring http.extraHeader (secure mode)
+if [ -n "$GIT_PRIVATE_TOKEN" ]; then
+  git config --global http.https://github.com/.extraHeader "Authorization: Basic $(printf '%s' "x-access-token:$GIT_PRIVATE_TOKEN" | base64 -w 0)"
+fi`;
+  }
+
+  /**
+   * Configure git authentication via http.extraHeader in the current Node process.
+   * For use in the remote-client where shell scripts aren't used.
+   * Only configures when gitAuthMode is 'header' (default).
+   */
+  public static async configureGitAuth(): Promise<void> {
+    if (!OrchestratorFolders.useHeaderAuth) return;
+
+    const token = Orchestrator.buildParameters.gitPrivateToken || process.env.GIT_PRIVATE_TOKEN || '';
+    if (!token) return;
+
+    const encoded = Buffer.from(`x-access-token:${token}`).toString('base64');
+    const { OrchestratorSystem } = await import('../services/core/orchestrator-system');
+    await OrchestratorSystem.Run(
+      `git config --global http.https://github.com/.extraHeader "Authorization: Basic ${encoded}"`,
+    );
+  }
+
+  public static get buildVolumeFolder() {
+    return 'data';
+  }
+
+  public static get cacheFolder() {
+    return 'cache';
+  }
+}
--- a/src/model/orchestrator/options/orchestrator-guid.ts
+++ b/src/model/orchestrator/options/orchestrator-guid.ts
@@ -1,11 +1,11 @@
 import { customAlphabet } from 'nanoid';
-import CloudRunnerConstants from './cloud-runner-constants';
+import OrchestratorConstants from './orchestrator-constants';

-class CloudRunnerNamespace {
+class OrchestratorNamespace {
  static generateGuid(runNumber: string | number, platform: string) {
-    const nanoid = customAlphabet(CloudRunnerConstants.alphabet, 4);
+    const nanoid = customAlphabet(OrchestratorConstants.alphabet, 4);

    return `${runNumber}-${platform.toLowerCase().replace('standalone', '')}-${nanoid()}`;
  }
 }
-export default CloudRunnerNamespace;
+export default OrchestratorNamespace;
--- a/src/model/orchestrator/options/orchestrator-options-reader.ts
+++ b/src/model/orchestrator/options/orchestrator-options-reader.ts
@@ -0,0 +1,10 @@
+import Input from '../../input';
+import OrchestratorOptions from './orchestrator-options';
+
+class OrchestratorOptionsReader {
+  static GetProperties() {
+    return [...Object.getOwnPropertyNames(Input), ...Object.getOwnPropertyNames(OrchestratorOptions)];
+  }
+}
+
+export default OrchestratorOptionsReader;
--- a/src/model/orchestrator/options/orchestrator-options.ts
+++ b/src/model/orchestrator/options/orchestrator-options.ts
@@ -0,0 +1,342 @@
+import { Cli } from '../../cli/cli';
+import OrchestratorQueryOverride from './orchestrator-query-override';
+import GitHub from '../../github';
+import * as core from '@actions/core';
+
+class OrchestratorOptions {
+  // ### ### ###
+  // Input Handling
+  // ### ### ###
+  public static getInput(query: string): string | undefined {
+    if (GitHub.githubInputEnabled) {
+      const coreInput = core.getInput(query);
+      if (coreInput && coreInput !== '') {
+        return coreInput;
+      }
+    }
+    const alternativeQuery = OrchestratorOptions.ToEnvVarFormat(query);
+
+    // Query input sources
+    if (Cli.query(query, alternativeQuery)) {
+      return Cli.query(query, alternativeQuery);
+    }
+
+    if (OrchestratorQueryOverride.query(query, alternativeQuery)) {
+      return OrchestratorQueryOverride.query(query, alternativeQuery);
+    }
+
+    if (process.env[query] !== undefined) {
+      return process.env[query];
+    }
+
+    if (alternativeQuery !== query && process.env[alternativeQuery] !== undefined) {
+      return process.env[alternativeQuery];
+    }
+  }
+
+  public static ToEnvVarFormat(input: string): string {
+    if (input.toUpperCase() === input) {
+      return input;
+    }
+
+    return input
+      .replace(/([A-Z])/g, ' $1')
+      .trim()
+      .toUpperCase()
+      .replace(/ /g, '_');
+  }
+
+  // ### ### ###
+  // Provider parameters
+  // ### ### ###
+
+  static get region(): string {
+    return OrchestratorOptions.getInput('region') || 'eu-west-2';
+  }
+
+  // ### ### ###
+  // GitHub  parameters
+  // ### ### ###
+  static get githubChecks(): boolean {
+    const value = OrchestratorOptions.getInput('githubChecks');
+
+    return value === `true` || false;
+  }
+  static get githubCheckId(): string {
+    return OrchestratorOptions.getInput('githubCheckId') || ``;
+  }
+
+  static get githubOwner(): string {
+    return OrchestratorOptions.getInput('githubOwner') || OrchestratorOptions.githubRepo?.split(`/`)[0] || '';
+  }
+
+  static get githubRepoName(): string {
+    return OrchestratorOptions.getInput('githubRepoName') || OrchestratorOptions.githubRepo?.split(`/`)[1] || '';
+  }
+
+  static get orchestratorRepoName(): string {
+    return OrchestratorOptions.getInput('orchestratorRepoName') || 'game-ci/unity-builder';
+  }
+
+  static get cloneDepth(): string {
+    return OrchestratorOptions.getInput('cloneDepth') || '50';
+  }
+
+  static get finalHooks(): string[] {
+    return OrchestratorOptions.getInput('finalHooks')?.split(',') || [];
+  }
+
+  // ### ### ###
+  // Git syncronization parameters
+  // ### ### ###
+
+  static get githubRepo(): string | undefined {
+    return (
+      OrchestratorOptions.getInput('GITHUB_REPOSITORY') || OrchestratorOptions.getInput('GITHUB_REPO') || undefined
+    );
+  }
+  static get branch(): string {
+    if (OrchestratorOptions.getInput(`GITHUB_REF`)) {
+      return (
+        OrchestratorOptions.getInput(`GITHUB_REF`)?.replace('refs/', '').replace(`head/`, '').replace(`heads/`, '') ||
+        ``
+      );
+    } else if (OrchestratorOptions.getInput('branch')) {
+      return OrchestratorOptions.getInput('branch') || ``;
+    } else {
+      return '';
+    }
+  }
+
+  // ### ### ###
+  // Orchestrator parameters
+  // ### ### ###
+
+  static get buildPlatform(): string {
+    const input = OrchestratorOptions.getInput('buildPlatform');
+    if (input && input !== '') {
+      return input;
+    }
+    if (OrchestratorOptions.providerStrategy !== 'local') {
+      return 'linux';
+    }
+
+    return process.platform;
+  }
+
+  static get orchestratorBranch(): string {
+    return OrchestratorOptions.getInput('orchestratorBranch') || 'main';
+  }
+
+  static get providerStrategy(): string {
+    const provider =
+      OrchestratorOptions.getInput('orchestratorCluster') || OrchestratorOptions.getInput('providerStrategy');
+    if (Cli.isCliMode) {
+      return provider || 'aws';
+    }
+
+    return provider || 'local';
+  }
+
+  static get gitAuthMode(): string {
+    return OrchestratorOptions.getInput('gitAuthMode') || 'header';
+  }
+
+  static get containerCpu(): string {
+    return OrchestratorOptions.getInput('containerCpu') || `1024`;
+  }
+
+  static get containerMemory(): string {
+    return OrchestratorOptions.getInput('containerMemory') || `3072`;
+  }
+
+  static get containerNamespace(): string {
+    return OrchestratorOptions.getInput('containerNamespace') || `default`;
+  }
+
+  static get customJob(): string {
+    return OrchestratorOptions.getInput('customJob') || '';
+  }
+
+  // ### ### ###
+  // Custom commands from files parameters
+  // ### ### ###
+
+  static get containerHookFiles(): string[] {
+    return OrchestratorOptions.getInput('containerHookFiles')?.split(`,`) || [];
+  }
+
+  static get commandHookFiles(): string[] {
+    return OrchestratorOptions.getInput('commandHookFiles')?.split(`,`) || [];
+  }
+
+  // ### ### ###
+  // Custom commands from yaml parameters
+  // ### ### ###
+
+  static get commandHooks(): string {
+    return OrchestratorOptions.getInput('commandHooks') || '';
+  }
+
+  static get postBuildContainerHooks(): string {
+    return OrchestratorOptions.getInput('postBuildContainerHooks') || '';
+  }
+
+  static get preBuildContainerHooks(): string {
+    return OrchestratorOptions.getInput('preBuildContainerHooks') || '';
+  }
+
+  // ### ### ###
+  // Input override handling
+  // ### ### ###
+
+  static get pullInputList(): string[] {
+    return OrchestratorOptions.getInput('pullInputList')?.split(`,`) || [];
+  }
+
+  static get inputPullCommand(): string {
+    const value = OrchestratorOptions.getInput('inputPullCommand');
+
+    if (value === 'gcp-secret-manager') {
+      return 'gcloud secrets versions access 1 --secret="{0}"';
+    } else if (value === 'aws-secret-manager') {
+      return 'aws secretsmanager get-secret-value --secret-id {0}';
+    }
+
+    return value || '';
+  }
+
+  // ### ### ###
+  // Aws
+  // ### ### ###
+
+  static get awsStackName() {
+    return OrchestratorOptions.getInput('awsStackName') || 'game-ci';
+  }
+
+  static get awsEndpoint(): string | undefined {
+    return OrchestratorOptions.getInput('awsEndpoint');
+  }
+
+  static get awsCloudFormationEndpoint(): string | undefined {
+    return OrchestratorOptions.getInput('awsCloudFormationEndpoint') || OrchestratorOptions.awsEndpoint;
+  }
+
+  static get awsEcsEndpoint(): string | undefined {
+    return OrchestratorOptions.getInput('awsEcsEndpoint') || OrchestratorOptions.awsEndpoint;
+  }
+
+  static get awsKinesisEndpoint(): string | undefined {
+    return OrchestratorOptions.getInput('awsKinesisEndpoint') || OrchestratorOptions.awsEndpoint;
+  }
+
+  static get awsCloudWatchLogsEndpoint(): string | undefined {
+    return OrchestratorOptions.getInput('awsCloudWatchLogsEndpoint') || OrchestratorOptions.awsEndpoint;
+  }
+
+  static get awsS3Endpoint(): string | undefined {
+    return OrchestratorOptions.getInput('awsS3Endpoint') || OrchestratorOptions.awsEndpoint;
+  }
+
+  // ### ### ###
+  // Storage
+  // ### ### ###
+
+  static get storageProvider(): string {
+    return OrchestratorOptions.getInput('storageProvider') || 's3';
+  }
+
+  static get rcloneRemote(): string {
+    return OrchestratorOptions.getInput('rcloneRemote') || '';
+  }
+
+  // ### ### ###
+  // K8s
+  // ### ### ###
+
+  static get kubeConfig(): string {
+    return OrchestratorOptions.getInput('kubeConfig') || '';
+  }
+
+  static get kubeVolume(): string {
+    return OrchestratorOptions.getInput('kubeVolume') || '';
+  }
+
+  static get kubeVolumeSize(): string {
+    return OrchestratorOptions.getInput('kubeVolumeSize') || '25Gi';
+  }
+
+  static get kubeStorageClass(): string {
+    return OrchestratorOptions.getInput('kubeStorageClass') || '';
+  }
+
+  // ### ### ###
+  // Caching
+  // ### ### ###
+
+  static get cacheKey(): string {
+    return OrchestratorOptions.getInput('cacheKey') || OrchestratorOptions.branch;
+  }
+
+  // ### ### ###
+  // Utility Parameters
+  // ### ### ###
+
+  static get orchestratorDebug(): boolean {
+    return (
+      OrchestratorOptions.getInput(`orchestratorTests`) === `true` ||
+      OrchestratorOptions.getInput(`orchestratorDebug`) === `true` ||
+      OrchestratorOptions.getInput(`orchestratorDebugTree`) === `true` ||
+      OrchestratorOptions.getInput(`orchestratorDebugEnv`) === `true` ||
+      false
+    );
+  }
+  static get skipLfs(): boolean {
+    return OrchestratorOptions.getInput(`skipLfs`) === `true`;
+  }
+  static get skipCache(): boolean {
+    return OrchestratorOptions.getInput(`skipCache`) === `true`;
+  }
+
+  public static get asyncOrchestrator(): boolean {
+    return OrchestratorOptions.getInput('asyncOrchestrator') === 'true';
+  }
+
+  public static get resourceTracking(): boolean {
+    return OrchestratorOptions.getInput('resourceTracking') === 'true';
+  }
+
+  public static get useLargePackages(): boolean {
+    return OrchestratorOptions.getInput(`useLargePackages`) === `true`;
+  }
+
+  public static get useSharedBuilder(): boolean {
+    return OrchestratorOptions.getInput(`useSharedBuilder`) === `true`;
+  }
+
+  public static get useCompressionStrategy(): boolean {
+    return OrchestratorOptions.getInput(`useCompressionStrategy`) === `true`;
+  }
+
+  public static get useCleanupCron(): boolean {
+    return (OrchestratorOptions.getInput(`useCleanupCron`) || 'true') === 'true';
+  }
+
+  // ### ### ###
+  // Retained Workspace
+  // ### ### ###
+
+  public static get maxRetainedWorkspaces(): string {
+    return OrchestratorOptions.getInput(`maxRetainedWorkspaces`) || `0`;
+  }
+
+  // ### ### ###
+  // Garbage Collection
+  // ### ### ###
+
+  static get garbageMaxAge(): number {
+    return Number(OrchestratorOptions.getInput(`garbageMaxAge`)) || 24;
+  }
+}
+
+export default OrchestratorOptions;
--- a/src/model/orchestrator/options/orchestrator-query-override.ts
+++ b/src/model/orchestrator/options/orchestrator-query-override.ts
@@ -0,0 +1,67 @@
+import Input from '../../input';
+import { GenericInputReader } from '../../input-readers/generic-input-reader';
+import OrchestratorOptions from './orchestrator-options';
+
+const formatFunction = (value: string, arguments_: any[]) => {
+  for (const element of arguments_) {
+    value = value.replace(`{${element.key}}`, element.value);
+  }
+
+  return value;
+};
+
+class OrchestratorQueryOverride {
+  static queryOverrides: { [key: string]: string } | undefined;
+
+  // TODO accept premade secret sources or custom secret source definition yamls
+
+  public static query(key: string, alternativeKey: string) {
+    if (OrchestratorQueryOverride.queryOverrides && OrchestratorQueryOverride.queryOverrides[key] !== undefined) {
+      return OrchestratorQueryOverride.queryOverrides[key];
+    }
+    if (
+      OrchestratorQueryOverride.queryOverrides &&
+      alternativeKey &&
+      OrchestratorQueryOverride.queryOverrides[alternativeKey] !== undefined
+    ) {
+      return OrchestratorQueryOverride.queryOverrides[alternativeKey];
+    }
+
+    return;
+  }
+
+  private static shouldUseOverride(query: string) {
+    if (OrchestratorOptions.inputPullCommand !== '') {
+      if (OrchestratorOptions.pullInputList.length > 0) {
+        const doesInclude =
+          OrchestratorOptions.pullInputList.includes(query) ||
+          OrchestratorOptions.pullInputList.includes(Input.ToEnvVarFormat(query));
+
+        return doesInclude ? true : false;
+      } else {
+        return true;
+      }
+    }
+  }
+
+  private static async queryOverride(query: string) {
+    if (!this.shouldUseOverride(query)) {
+      throw new Error(`Should not be trying to run override query on ${query}`);
+    }
+
+    return await GenericInputReader.Run(
+      formatFunction(OrchestratorOptions.inputPullCommand, [{ key: 0, value: query }]),
+    );
+  }
+
+  public static async PopulateQueryOverrideInput() {
+    const queries = OrchestratorOptions.pullInputList;
+    OrchestratorQueryOverride.queryOverrides = {};
+    for (const element of queries) {
+      if (OrchestratorQueryOverride.shouldUseOverride(element)) {
+        OrchestratorQueryOverride.queryOverrides[element] = await OrchestratorQueryOverride.queryOverride(element);
+      }
+    }
+  }
+}
+export default OrchestratorQueryOverride;
--- a/src/model/orchestrator/options/orchestrator-secret.ts
+++ b/src/model/orchestrator/options/orchestrator-secret.ts
@@ -1,6 +1,6 @@
-class CloudRunnerSecret {
+class OrchestratorSecret {
  public ParameterKey!: string;
  public EnvironmentVariable!: string;
  public ParameterValue!: string;
 }
-export default CloudRunnerSecret;
+export default OrchestratorSecret;
--- a/src/model/orchestrator/options/orchestrator-statics.ts
+++ b/src/model/orchestrator/options/orchestrator-statics.ts
@@ -0,0 +1,3 @@
+export class OrchestratorStatics {
+  public static readonly logPrefix = `Orchestrator`;
+}
--- a/src/model/orchestrator/options/orchestrator-step-parameters.ts
+++ b/src/model/orchestrator/options/orchestrator-step-parameters.ts
@@ -0,0 +1,13 @@
+import OrchestratorEnvironmentVariable from './orchestrator-environment-variable';
+import OrchestratorSecret from './orchestrator-secret';
+
+export class OrchestratorStepParameters {
+  public image: string;
+  public environment: OrchestratorEnvironmentVariable[];
+  public secrets: OrchestratorSecret[];
+  constructor(image: string, environmentVariables: OrchestratorEnvironmentVariable[], secrets: OrchestratorSecret[]) {
+    this.image = image;
+    this.environment = environmentVariables;
+    this.secrets = secrets;
+  }
+}
--- a/src/model/orchestrator/orchestrator.ts
+++ b/src/model/orchestrator/orchestrator.ts
@@ -0,0 +1,345 @@
+import AwsBuildPlatform from './providers/aws';
+import { BuildParameters, Input } from '..';
+import Kubernetes from './providers/k8s';
+import OrchestratorLogger from './services/core/orchestrator-logger';
+import { OrchestratorStepParameters } from './options/orchestrator-step-parameters';
+import { WorkflowCompositionRoot } from './workflows/workflow-composition-root';
+import { OrchestratorError } from './error/orchestrator-error';
+import { TaskParameterSerializer } from './services/core/task-parameter-serializer';
+import * as core from '@actions/core';
+import OrchestratorSecret from './options/orchestrator-secret';
+import { ProviderInterface } from './providers/provider-interface';
+import OrchestratorEnvironmentVariable from './options/orchestrator-environment-variable';
+import TestOrchestrator from './providers/test';
+import LocalOrchestrator from './providers/local';
+import LocalDockerOrchestrator from './providers/docker';
+import loadProvider from './providers/provider-loader';
+import GitHub from '../github';
+import SharedWorkspaceLocking from './services/core/shared-workspace-locking';
+import { FollowLogStreamService } from './services/core/follow-log-stream-service';
+import OrchestratorResult from './services/core/orchestrator-result';
+import OrchestratorOptions from './options/orchestrator-options';
+import ResourceTracking from './services/core/resource-tracking';
+
+class Orchestrator {
+  public static Provider: ProviderInterface;
+  public static buildParameters: BuildParameters;
+  private static defaultSecrets: OrchestratorSecret[];
+  private static orchestratorEnvironmentVariables: OrchestratorEnvironmentVariable[];
+  static lockedWorkspace: string = ``;
+  public static readonly retainedWorkspacePrefix: string = `retained-workspace`;
+
+  // When true, validates AWS CloudFormation templates even when using local-docker execution
+  // This is set by AWS_FORCE_PROVIDER=aws-local mode
+  public static validateAwsTemplates: boolean = false;
+  public static get isOrchestratorEnvironment() {
+    return process.env[`GITHUB_ACTIONS`] !== `true`;
+  }
+  public static get isOrchestratorAsyncEnvironment() {
+    return process.env[`ASYNC_WORKFLOW`] === `true`;
+  }
+  public static async setup(buildParameters: BuildParameters) {
+    OrchestratorLogger.setup();
+    OrchestratorLogger.log(`Setting up orchestrator`);
+    Orchestrator.buildParameters = buildParameters;
+    ResourceTracking.logAllocationSummary('setup');
+    await ResourceTracking.logDiskUsageSnapshot('setup');
+    if (Orchestrator.buildParameters.githubCheckId === ``) {
+      Orchestrator.buildParameters.githubCheckId = await GitHub.createGitHubCheck(
+        Orchestrator.buildParameters.buildGuid,
+      );
+    }
+    await Orchestrator.setupSelectedBuildPlatform();
+    Orchestrator.defaultSecrets = TaskParameterSerializer.readDefaultSecrets();
+    Orchestrator.orchestratorEnvironmentVariables =
+      TaskParameterSerializer.createOrchestratorEnvironmentVariables(buildParameters);
+    if (GitHub.githubInputEnabled) {
+      const buildParameterPropertyNames = Object.getOwnPropertyNames(buildParameters);
+      for (const element of Orchestrator.orchestratorEnvironmentVariables) {
+        // OrchestratorLogger.log(`Orchestrator output ${Input.ToEnvVarFormat(element.name)} = ${element.value}`);
+        core.setOutput(Input.ToEnvVarFormat(element.name), element.value);
+      }
+      for (const element of buildParameterPropertyNames) {
+        // OrchestratorLogger.log(`Orchestrator output ${Input.ToEnvVarFormat(element)} = ${buildParameters[element]}`);
+        core.setOutput(Input.ToEnvVarFormat(element), buildParameters[element]);
+      }
+      core.setOutput(
+        Input.ToEnvVarFormat(`buildArtifact`),
+        `build-${Orchestrator.buildParameters.buildGuid}.tar${
+          Orchestrator.buildParameters.useCompressionStrategy ? '.lz4' : ''
+        }`,
+      );
+    }
+    FollowLogStreamService.Reset();
+  }
+
+  private static async setupSelectedBuildPlatform() {
+    OrchestratorLogger.log(`Orchestrator platform selected ${Orchestrator.buildParameters.providerStrategy}`);
+
+    // Detect LocalStack endpoints and handle AWS provider appropriately
+    // AWS_FORCE_PROVIDER options:
+    //   - 'aws': Force AWS provider (requires LocalStack Pro with ECS support)
+    //   - 'aws-local': Validate AWS templates/config but execute via local-docker (for CI without ECS)
+    //   - unset/other: Auto-fallback to local-docker when LocalStack detected
+    const awsForceProvider = process.env.AWS_FORCE_PROVIDER || '';
+    const forceAwsProvider = awsForceProvider === 'aws' || awsForceProvider === 'true';
+    const useAwsLocalMode = awsForceProvider === 'aws-local';
+    const endpointsToCheck = [
+      process.env.AWS_ENDPOINT,
+      process.env.AWS_S3_ENDPOINT,
+      process.env.AWS_CLOUD_FORMATION_ENDPOINT,
+      process.env.AWS_ECS_ENDPOINT,
+      process.env.AWS_KINESIS_ENDPOINT,
+      process.env.AWS_CLOUD_WATCH_LOGS_ENDPOINT,
+      OrchestratorOptions.awsEndpoint,
+      OrchestratorOptions.awsS3Endpoint,
+      OrchestratorOptions.awsCloudFormationEndpoint,
+      OrchestratorOptions.awsEcsEndpoint,
+      OrchestratorOptions.awsKinesisEndpoint,
+      OrchestratorOptions.awsCloudWatchLogsEndpoint,
+    ]
+      .filter((x) => typeof x === 'string')
+      .join(' ');
+    const isLocalStack = /localstack|localhost|127\.0\.0\.1/i.test(endpointsToCheck);
+    let provider = Orchestrator.buildParameters.providerStrategy;
+    let validateAwsTemplates = false;
+
+    if (provider === 'aws' && isLocalStack) {
+      if (useAwsLocalMode) {
+        // aws-local mode: Validate AWS templates but execute via local-docker
+        // This provides confidence in AWS CloudFormation without requiring LocalStack Pro
+        OrchestratorLogger.log('AWS_FORCE_PROVIDER=aws-local: Validating AWS templates, executing via local-docker');
+        validateAwsTemplates = true;
+        provider = 'local-docker';
+      } else if (forceAwsProvider) {
+        // Force full AWS provider (requires LocalStack Pro with ECS support)
+        OrchestratorLogger.log(
+          'LocalStack endpoints detected but AWS_FORCE_PROVIDER=aws; using full AWS provider (requires ECS support)',
+        );
+      } else {
+        // Auto-fallback to local-docker
+        OrchestratorLogger.log('LocalStack endpoints detected; routing provider to local-docker for this run');
+        OrchestratorLogger.log(
+          'Note: Set AWS_FORCE_PROVIDER=aws-local to validate AWS templates with local-docker execution',
+        );
+        provider = 'local-docker';
+      }
+    }
+
+    // Store whether we should validate AWS templates (used by aws-local mode)
+    Orchestrator.validateAwsTemplates = validateAwsTemplates;
+
+    switch (provider) {
+      case 'k8s':
+        Orchestrator.Provider = new Kubernetes(Orchestrator.buildParameters);
+        break;
+      case 'aws':
+        Orchestrator.Provider = new AwsBuildPlatform(Orchestrator.buildParameters);
+
+        // Validate that AWS provider is actually being used when expected
+        if (isLocalStack && forceAwsProvider) {
+          OrchestratorLogger.log('✓ AWS provider initialized with LocalStack - AWS functionality will be validated');
+        } else if (isLocalStack && !forceAwsProvider) {
+          OrchestratorLogger.log(
+            '⚠ WARNING: AWS provider was requested but LocalStack detected without AWS_FORCE_PROVIDER',
+          );
+          OrchestratorLogger.log('⚠ This may cause AWS functionality tests to fail validation');
+        }
+        break;
+      case 'test':
+        Orchestrator.Provider = new TestOrchestrator();
+        break;
+      case 'local-docker':
+        Orchestrator.Provider = new LocalDockerOrchestrator();
+        break;
+      case 'local-system':
+        Orchestrator.Provider = new LocalOrchestrator();
+        break;
+      case 'local':
+        Orchestrator.Provider = new LocalOrchestrator();
+        break;
+      default:
+        // Try to load provider using the dynamic loader for unknown providers
+        try {
+          Orchestrator.Provider = await loadProvider(provider, Orchestrator.buildParameters);
+        } catch (error: any) {
+          OrchestratorLogger.log(`Failed to load provider '${provider}' using dynamic loader: ${error.message}`);
+          OrchestratorLogger.log('Falling back to local provider...');
+          Orchestrator.Provider = new LocalOrchestrator();
+        }
+        break;
+    }
+
+    // Final validation: Ensure provider matches expectations
+    const finalProviderName = Orchestrator.Provider.constructor.name;
+    if (Orchestrator.buildParameters.providerStrategy === 'aws' && finalProviderName !== 'AWSBuildEnvironment') {
+      OrchestratorLogger.log(`⚠ WARNING: Expected AWS provider but got ${finalProviderName}`);
+      OrchestratorLogger.log('⚠ AWS functionality tests may not be validating AWS services correctly');
+    }
+  }
+
+  static async run(buildParameters: BuildParameters, baseImage: string) {
+    if (baseImage.includes(`undefined`)) {
+      throw new Error(`baseImage is undefined`);
+    }
+    await Orchestrator.setup(buildParameters);
+
+    // When aws-local mode is enabled, validate AWS CloudFormation templates
+    // This ensures AWS templates are correct even when executing via local-docker
+    if (Orchestrator.validateAwsTemplates) {
+      await Orchestrator.validateAwsCloudFormationTemplates();
+    }
+    await Orchestrator.Provider.setupWorkflow(
+      Orchestrator.buildParameters.buildGuid,
+      Orchestrator.buildParameters,
+      Orchestrator.buildParameters.branch,
+      Orchestrator.defaultSecrets,
+    );
+    try {
+      if (buildParameters.maxRetainedWorkspaces > 0) {
+        Orchestrator.lockedWorkspace = SharedWorkspaceLocking.NewWorkspaceName();
+
+        const result = await SharedWorkspaceLocking.GetLockedWorkspace(
+          Orchestrator.lockedWorkspace,
+          Orchestrator.buildParameters.buildGuid,
+          Orchestrator.buildParameters,
+        );
+
+        if (result) {
+          OrchestratorLogger.logLine(`Using retained workspace ${Orchestrator.lockedWorkspace}`);
+          Orchestrator.orchestratorEnvironmentVariables = [
+            ...Orchestrator.orchestratorEnvironmentVariables,
+            { name: `LOCKED_WORKSPACE`, value: Orchestrator.lockedWorkspace },
+          ];
+        } else {
+          OrchestratorLogger.log(`Max retained workspaces reached ${buildParameters.maxRetainedWorkspaces}`);
+          buildParameters.maxRetainedWorkspaces = 0;
+          Orchestrator.lockedWorkspace = ``;
+        }
+      }
+      await Orchestrator.updateStatusWithBuildParameters();
+      const output = await new WorkflowCompositionRoot().run(
+        new OrchestratorStepParameters(
+          baseImage,
+          Orchestrator.orchestratorEnvironmentVariables,
+          Orchestrator.defaultSecrets,
+        ),
+      );
+      await Orchestrator.Provider.cleanupWorkflow(
+        Orchestrator.buildParameters,
+        Orchestrator.buildParameters.branch,
+        Orchestrator.defaultSecrets,
+      );
+      if (!Orchestrator.buildParameters.isCliMode) core.endGroup();
+      if (buildParameters.asyncWorkflow && this.isOrchestratorEnvironment && this.isOrchestratorAsyncEnvironment) {
+        await GitHub.updateGitHubCheck(Orchestrator.buildParameters.buildGuid, `success`, `success`, `completed`);
+      }
+
+      if (BuildParameters.shouldUseRetainedWorkspaceMode(buildParameters)) {
+        const workspace = Orchestrator.lockedWorkspace || ``;
+        await SharedWorkspaceLocking.ReleaseWorkspace(
+          workspace,
+          Orchestrator.buildParameters.buildGuid,
+          Orchestrator.buildParameters,
+        );
+        const isLocked = await SharedWorkspaceLocking.IsWorkspaceLocked(workspace, Orchestrator.buildParameters);
+        if (isLocked) {
+          throw new Error(
+            `still locked after releasing ${await SharedWorkspaceLocking.GetAllLocksForWorkspace(
+              workspace,
+              buildParameters,
+            )}`,
+          );
+        }
+        Orchestrator.lockedWorkspace = ``;
+      }
+
+      await GitHub.triggerWorkflowOnComplete(Orchestrator.buildParameters.finalHooks);
+
+      if (buildParameters.constantGarbageCollection) {
+        Orchestrator.Provider.garbageCollect(``, true, buildParameters.garbageMaxAge, true, true);
+      }
+
+      return new OrchestratorResult(buildParameters, output, true, true, false);
+    } catch (error: any) {
+      OrchestratorLogger.log(JSON.stringify(error, undefined, 4));
+      await GitHub.updateGitHubCheck(
+        Orchestrator.buildParameters.buildGuid,
+        `Failed - Error ${error?.message || error}`,
+        `failure`,
+        `completed`,
+      );
+      if (!Orchestrator.buildParameters.isCliMode) core.endGroup();
+      await OrchestratorError.handleException(error, Orchestrator.buildParameters, Orchestrator.defaultSecrets);
+      throw error;
+    }
+  }
+
+  private static async updateStatusWithBuildParameters() {
+    const content = { ...Orchestrator.buildParameters };
+    content.gitPrivateToken = ``;
+    content.unitySerial = ``;
+    content.unityEmail = ``;
+    content.unityPassword = ``;
+    const jsonContent = JSON.stringify(content, undefined, 4);
+    await GitHub.updateGitHubCheck(jsonContent, Orchestrator.buildParameters.buildGuid);
+  }
+
+  /**
+   * Validates AWS CloudFormation templates without deploying them.
+   * Used by aws-local mode to ensure AWS templates are correct when executing via local-docker.
+   * This provides confidence that AWS ECS deployments would work with the generated templates.
+   */
+  private static async validateAwsCloudFormationTemplates() {
+    OrchestratorLogger.log('=== AWS CloudFormation Template Validation (aws-local mode) ===');
+
+    try {
+      // Import AWS template formations
+      const { BaseStackFormation } = await import('./providers/aws/cloud-formations/base-stack-formation');
+      const { TaskDefinitionFormation } = await import('./providers/aws/cloud-formations/task-definition-formation');
+
+      // Validate base stack template
+      const baseTemplate = BaseStackFormation.formation;
+      OrchestratorLogger.log(`✓ Base stack template generated (${baseTemplate.length} chars)`);
+
+      // Check for required resources in base stack
+      const requiredBaseResources = ['AWS::EC2::VPC', 'AWS::ECS::Cluster', 'AWS::S3::Bucket', 'AWS::IAM::Role'];
+      for (const resource of requiredBaseResources) {
+        if (baseTemplate.includes(resource)) {
+          OrchestratorLogger.log(`  ✓ Contains ${resource}`);
+        } else {
+          throw new Error(`Base stack template missing required resource: ${resource}`);
+        }
+      }
+
+      // Validate task definition template
+      const taskTemplate = TaskDefinitionFormation.formation;
+      OrchestratorLogger.log(`✓ Task definition template generated (${taskTemplate.length} chars)`);
+
+      // Check for required resources in task definition
+      const requiredTaskResources = ['AWS::ECS::TaskDefinition', 'AWS::Logs::LogGroup'];
+      for (const resource of requiredTaskResources) {
+        if (taskTemplate.includes(resource)) {
+          OrchestratorLogger.log(`  ✓ Contains ${resource}`);
+        } else {
+          throw new Error(`Task definition template missing required resource: ${resource}`);
+        }
+      }
+
+      // Validate YAML syntax by checking for common patterns
+      if (!baseTemplate.includes('AWSTemplateFormatVersion')) {
+        throw new Error('Base stack template missing AWSTemplateFormatVersion');
+      }
+      if (!taskTemplate.includes('AWSTemplateFormatVersion')) {
+        throw new Error('Task definition template missing AWSTemplateFormatVersion');
+      }
+
+      OrchestratorLogger.log('=== AWS CloudFormation templates validated successfully ===');
+      OrchestratorLogger.log('Note: Actual execution will use local-docker provider');
+    } catch (error: any) {
+      OrchestratorLogger.log(`AWS CloudFormation template validation failed: ${error.message}`);
+      throw error;
+    }
+  }
+}
+export default Orchestrator;
--- a/src/model/orchestrator/providers/README.md
+++ b/src/model/orchestrator/providers/README.md
@@ -0,0 +1,222 @@
+# Provider Loader Dynamic Imports
+
+## What is a Provider?
+
+A **provider** is a pluggable backend that Orchestrator uses to run builds and workflows. Examples include **AWS**, **Kubernetes**, or local execution. Each provider implements the [ProviderInterface](https://github.com/game-ci/unity-builder/blob/main/src/model/orchestrator/providers/provider-interface.ts), which defines the common lifecycle methods (setup, run, cleanup, garbage collection, etc.).
+
+This abstraction makes Orchestrator flexible: you can switch execution environments or add your own provider (via npm package, GitHub repo, or local path) without changing the rest of your pipeline.
+
+## Dynamic Provider Loading
+
+The provider loader now supports dynamic loading of providers from multiple sources including local file paths, GitHub repositories, and NPM packages.
+
+## Features
+
+- **Local File Paths**: Load providers from relative or absolute file paths
+- **GitHub URLs**: Clone and load providers from GitHub repositories with automatic updates
+- **NPM Packages**: Load providers from installed NPM packages
+- **Automatic Updates**: GitHub repositories are automatically updated when changes are available
+- **Caching**: Local caching of cloned repositories for improved performance
+- **Fallback Support**: Graceful fallback to local provider if loading fails
+
+## Usage Examples
+
+### Loading Built-in Providers
+
+```typescript
+import { ProviderLoader } from './provider-loader';
+
+// Load built-in providers
+const awsProvider = await ProviderLoader.loadProvider('aws', buildParameters);
+const k8sProvider = await ProviderLoader.loadProvider('k8s', buildParameters);
+```
+
+### Loading Local Providers
+
+```typescript
+// Load from relative path
+const localProvider = await ProviderLoader.loadProvider('./my-local-provider', buildParameters);
+
+// Load from absolute path
+const absoluteProvider = await ProviderLoader.loadProvider('/path/to/provider', buildParameters);
+```
+
+### Loading GitHub Providers
+
+```typescript
+// Load from GitHub URL
+const githubProvider = await ProviderLoader.loadProvider(
+  'https://github.com/user/my-provider', 
+  buildParameters
+);
+
+// Load from specific branch
+const branchProvider = await ProviderLoader.loadProvider(
+  'https://github.com/user/my-provider/tree/develop', 
+  buildParameters
+);
+
+// Load from specific path in repository
+const pathProvider = await ProviderLoader.loadProvider(
+  'https://github.com/user/my-provider/tree/main/src/providers', 
+  buildParameters
+);
+
+// Shorthand notation
+const shorthandProvider = await ProviderLoader.loadProvider('user/repo', buildParameters);
+const branchShorthand = await ProviderLoader.loadProvider('user/repo@develop', buildParameters);
+```
+
+### Loading NPM Packages
+
+```typescript
+// Load from NPM package
+const npmProvider = await ProviderLoader.loadProvider('my-provider-package', buildParameters);
+
+// Load from scoped NPM package
+const scopedProvider = await ProviderLoader.loadProvider('@scope/my-provider', buildParameters);
+```
+
+## Provider Interface
+
+All providers must implement the `ProviderInterface`:
+
+```typescript
+interface ProviderInterface {
+  cleanupWorkflow(): Promise<void>;
+  setupWorkflow(buildGuid: string, buildParameters: BuildParameters, branchName: string, defaultSecretsArray: any[]): Promise<void>;
+  runTaskInWorkflow(buildGuid: string, task: string, workingDirectory: string, buildVolumeFolder: string, environmentVariables: any[], secrets: any[]): Promise<string>;
+  garbageCollect(): Promise<void>;
+  listResources(): Promise<ProviderResource[]>;
+  listWorkflow(): Promise<ProviderWorkflow[]>;
+  watchWorkflow(): Promise<void>;
+}
+```
+
+## Example Provider Implementation
+
+```typescript
+// my-provider.ts
+import { ProviderInterface } from './provider-interface';
+import BuildParameters from './build-parameters';
+
+export default class MyProvider implements ProviderInterface {
+  constructor(private buildParameters: BuildParameters) {}
+
+  async cleanupWorkflow(): Promise<void> {
+    // Cleanup logic
+  }
+
+  async setupWorkflow(buildGuid: string, buildParameters: BuildParameters, branchName: string, defaultSecretsArray: any[]): Promise<void> {
+    // Setup logic
+  }
+
+  async runTaskInWorkflow(buildGuid: string, task: string, workingDirectory: string, buildVolumeFolder: string, environmentVariables: any[], secrets: any[]): Promise<string> {
+    // Task execution logic
+    return 'Task completed';
+  }
+
+  async garbageCollect(): Promise<void> {
+    // Garbage collection logic
+  }
+
+  async listResources(): Promise<ProviderResource[]> {
+    return [];
+  }
+
+  async listWorkflow(): Promise<ProviderWorkflow[]> {
+    return [];
+  }
+
+  async watchWorkflow(): Promise<void> {
+    // Watch logic
+  }
+}
+```
+
+## Utility Methods
+
+### Analyze Provider Source
+
+```typescript
+// Analyze a provider source without loading it
+const sourceInfo = ProviderLoader.analyzeProviderSource('https://github.com/user/repo');
+console.log(sourceInfo.type); // 'github'
+console.log(sourceInfo.owner); // 'user'
+console.log(sourceInfo.repo); // 'repo'
+```
+
+### Clean Up Cache
+
+```typescript
+// Clean up old cached repositories (older than 30 days)
+await ProviderLoader.cleanupCache();
+
+// Clean up repositories older than 7 days
+await ProviderLoader.cleanupCache(7);
+```
+
+### Get Available Providers
+
+```typescript
+// Get list of built-in providers
+const providers = ProviderLoader.getAvailableProviders();
+console.log(providers); // ['aws', 'k8s', 'test', 'local-docker', 'local-system', 'local']
+```
+
+## Supported URL Formats
+
+### GitHub URLs
+- `https://github.com/user/repo`
+- `https://github.com/user/repo.git`
+- `https://github.com/user/repo/tree/branch`
+- `https://github.com/user/repo/tree/branch/path/to/provider`
+- `git@github.com:user/repo.git`
+
+### Shorthand GitHub References
+- `user/repo`
+- `user/repo@branch`
+- `user/repo@branch/path/to/provider`
+
+### Local Paths
+- `./relative/path`
+- `../relative/path`
+- `/absolute/path`
+- `C:\\path\\to\\provider` (Windows)
+
+### NPM Packages
+- `package-name`
+- `@scope/package-name`
+
+## Caching
+
+GitHub repositories are automatically cached in the `.provider-cache` directory. The cache key is generated based on the repository owner, name, and branch. This ensures that:
+
+1. Repositories are only cloned once
+2. Updates are checked and applied automatically
+3. Performance is improved for repeated loads
+4. Storage is managed efficiently
+
+## Error Handling
+
+The provider loader includes comprehensive error handling:
+
+- **Missing packages**: Clear error messages when providers cannot be found
+- **Interface validation**: Ensures providers implement the required interface
+- **Git operations**: Handles network issues and repository access problems
+- **Fallback mechanism**: Falls back to local provider if loading fails
+
+## Configuration
+
+The provider loader can be configured through environment variables:
+
+- `PROVIDER_CACHE_DIR`: Custom cache directory (default: `.provider-cache`)
+- `GIT_TIMEOUT`: Git operation timeout in milliseconds (default: 30000)
+
+## Best Practices
+
+1. **Use specific branches or tags**: Always specify the branch or specific tag when loading from GitHub
+2. **Implement proper error handling**: Wrap provider loading in try-catch blocks
+3. **Clean up regularly**: Use the cleanup utility to manage cache size
+4. **Test locally first**: Test providers locally before deploying
+5. **Use semantic versioning**: Tag your provider repositories for stable versions
--- a/src/model/orchestrator/providers/aws/aws-base-stack.ts
+++ b/src/model/orchestrator/providers/aws/aws-base-stack.ts
@@ -0,0 +1,170 @@
+import OrchestratorLogger from '../../services/core/orchestrator-logger';
+import * as core from '@actions/core';
+import {
+  CloudFormation,
+  CreateStackCommand,
+  // eslint-disable-next-line import/named
+  CreateStackCommandInput,
+  DescribeStacksCommand,
+  // eslint-disable-next-line import/named
+  DescribeStacksCommandInput,
+  ListStacksCommand,
+  // eslint-disable-next-line import/named
+  Parameter,
+  UpdateStackCommand,
+  // eslint-disable-next-line import/named
+  UpdateStackCommandInput,
+  waitUntilStackCreateComplete,
+  waitUntilStackUpdateComplete,
+} from '@aws-sdk/client-cloudformation';
+import { BaseStackFormation } from './cloud-formations/base-stack-formation';
+import crypto from 'node:crypto';
+
+const DEFAULT_STACK_WAIT_TIME_SECONDS = 600;
+
+function getStackWaitTime(): number {
+  const overrideValue = Number(process.env.ORCHESTRATOR_AWS_STACK_WAIT_TIME ?? '');
+  if (!Number.isNaN(overrideValue) && overrideValue > 0) {
+    return overrideValue;
+  }
+
+  return DEFAULT_STACK_WAIT_TIME_SECONDS;
+}
+
+export class AWSBaseStack {
+  constructor(baseStackName: string) {
+    this.baseStackName = baseStackName;
+  }
+  private baseStackName: string;
+
+  async setupBaseStack(CF: CloudFormation) {
+    const baseStackName = this.baseStackName;
+    const stackWaitTimeSeconds = getStackWaitTime();
+
+    const baseStack = BaseStackFormation.formation;
+
+    // Cloud Formation Input
+    const describeStackInput: DescribeStacksCommandInput = {
+      StackName: baseStackName,
+    };
+    const parametersWithoutHash: Parameter[] = [{ ParameterKey: 'EnvironmentName', ParameterValue: baseStackName }];
+    const parametersHash = crypto
+      .createHash('md5')
+      .update(baseStack + JSON.stringify(parametersWithoutHash))
+      .digest('hex');
+    const parameters: Parameter[] = [
+      ...parametersWithoutHash,
+      ...[{ ParameterKey: 'Version', ParameterValue: parametersHash }],
+    ];
+    const updateInput: UpdateStackCommandInput = {
+      StackName: baseStackName,
+      TemplateBody: baseStack,
+      Parameters: parameters,
+      Capabilities: ['CAPABILITY_IAM'],
+    };
+    const createStackInput: CreateStackCommandInput = {
+      StackName: baseStackName,
+      TemplateBody: baseStack,
+      Parameters: parameters,
+      Capabilities: ['CAPABILITY_IAM'],
+    };
+
+    const stacks = await CF.send(
+      new ListStacksCommand({
+        StackStatusFilter: [
+          'CREATE_IN_PROGRESS',
+          'UPDATE_IN_PROGRESS',
+          'UPDATE_COMPLETE',
+          'CREATE_COMPLETE',
+          'ROLLBACK_COMPLETE',
+        ],
+      }),
+    );
+    const stackNames = stacks.StackSummaries?.map((x) => x.StackName) || [];
+    const stackExists: boolean = stackNames.includes(baseStackName);
+    const describeStack = async () => {
+      return await CF.send(new DescribeStacksCommand(describeStackInput));
+    };
+    try {
+      if (!stackExists) {
+        OrchestratorLogger.log(`${baseStackName} stack does not exist (${JSON.stringify(stackNames)})`);
+        let created = false;
+        try {
+          await CF.send(new CreateStackCommand(createStackInput));
+          created = true;
+        } catch (error: any) {
+          const message = `${error?.name ?? ''} ${error?.message ?? ''}`;
+          if (message.includes('AlreadyExistsException')) {
+            OrchestratorLogger.log(`Base stack already exists, continuing with describe`);
+          } else {
+            throw error;
+          }
+        }
+        if (created) {
+          OrchestratorLogger.log(`created stack (version: ${parametersHash})`);
+        }
+      }
+      const CFState = await describeStack();
+      let stack = CFState.Stacks?.[0];
+      if (!stack) {
+        throw new Error(`Base stack doesn't exist, even after creation, stackExists check: ${stackExists}`);
+      }
+      const stackVersion = stack.Parameters?.find((x) => x.ParameterKey === 'Version')?.ParameterValue;
+
+      if (stack.StackStatus === 'CREATE_IN_PROGRESS') {
+        OrchestratorLogger.log(
+          `Waiting up to ${stackWaitTimeSeconds}s for '${baseStackName}' CloudFormation creation to finish`,
+        );
+        await waitUntilStackCreateComplete(
+          {
+            client: CF,
+            maxWaitTime: stackWaitTimeSeconds,
+          },
+          describeStackInput,
+        );
+      }
+
+      if (stackExists) {
+        OrchestratorLogger.log(`Base stack exists (version: ${stackVersion}, local version: ${parametersHash})`);
+        if (parametersHash !== stackVersion) {
+          OrchestratorLogger.log(`Attempting update of base stack`);
+          try {
+            await CF.send(new UpdateStackCommand(updateInput));
+          } catch (error: any) {
+            if (error['message'].includes('No updates are to be performed')) {
+              OrchestratorLogger.log(`No updates are to be performed`);
+            } else {
+              OrchestratorLogger.log(`Update Failed (Stack name: ${baseStackName})`);
+              OrchestratorLogger.log(error['message']);
+            }
+            OrchestratorLogger.log(`Continuing...`);
+          }
+        } else {
+          OrchestratorLogger.log(`No update required`);
+        }
+        stack = (await describeStack()).Stacks?.[0];
+        if (!stack) {
+          throw new Error(
+            `Base stack doesn't exist, even after updating and creation, stackExists check: ${stackExists}`,
+          );
+        }
+        if (stack.StackStatus === 'UPDATE_IN_PROGRESS') {
+          OrchestratorLogger.log(
+            `Waiting up to ${stackWaitTimeSeconds}s for '${baseStackName}' CloudFormation update to finish`,
+          );
+          await waitUntilStackUpdateComplete(
+            {
+              client: CF,
+              maxWaitTime: stackWaitTimeSeconds,
+            },
+            describeStackInput,
+          );
+        }
+      }
+      OrchestratorLogger.log('base stack is now ready');
+    } catch (error) {
+      core.error(JSON.stringify(await describeStack(), undefined, 4));
+      throw error;
+    }
+  }
+}
--- a/src/model/orchestrator/providers/aws/aws-client-factory.ts
+++ b/src/model/orchestrator/providers/aws/aws-client-factory.ts
@@ -0,0 +1,93 @@
+import { CloudFormation } from '@aws-sdk/client-cloudformation';
+import { ECS } from '@aws-sdk/client-ecs';
+import { Kinesis } from '@aws-sdk/client-kinesis';
+import { CloudWatchLogs } from '@aws-sdk/client-cloudwatch-logs';
+import { S3 } from '@aws-sdk/client-s3';
+import { Input } from '../../..';
+import OrchestratorOptions from '../../options/orchestrator-options';
+
+export class AwsClientFactory {
+  private static cloudFormation: CloudFormation;
+  private static ecs: ECS;
+  private static kinesis: Kinesis;
+  private static cloudWatchLogs: CloudWatchLogs;
+  private static s3: S3;
+
+  private static getCredentials() {
+    // Explicitly provide credentials from environment variables for LocalStack compatibility
+    // LocalStack accepts any credentials, but the AWS SDK needs them to be explicitly set
+    const accessKeyId = process.env.AWS_ACCESS_KEY_ID;
+    const secretAccessKey = process.env.AWS_SECRET_ACCESS_KEY;
+
+    if (accessKeyId && secretAccessKey) {
+      return {
+        accessKeyId,
+        secretAccessKey,
+      };
+    }
+
+    // Return undefined to let AWS SDK use default credential chain
+    return;
+  }
+
+  static getCloudFormation(): CloudFormation {
+    if (!this.cloudFormation) {
+      this.cloudFormation = new CloudFormation({
+        region: Input.region,
+        endpoint: OrchestratorOptions.awsCloudFormationEndpoint,
+        credentials: AwsClientFactory.getCredentials(),
+      });
+    }
+
+    return this.cloudFormation;
+  }
+
+  static getECS(): ECS {
+    if (!this.ecs) {
+      this.ecs = new ECS({
+        region: Input.region,
+        endpoint: OrchestratorOptions.awsEcsEndpoint,
+        credentials: AwsClientFactory.getCredentials(),
+      });
+    }
+
+    return this.ecs;
+  }
+
+  static getKinesis(): Kinesis {
+    if (!this.kinesis) {
+      this.kinesis = new Kinesis({
+        region: Input.region,
+        endpoint: OrchestratorOptions.awsKinesisEndpoint,
+        credentials: AwsClientFactory.getCredentials(),
+      });
+    }
+
+    return this.kinesis;
+  }
+
+  static getCloudWatchLogs(): CloudWatchLogs {
+    if (!this.cloudWatchLogs) {
+      this.cloudWatchLogs = new CloudWatchLogs({
+        region: Input.region,
+        endpoint: OrchestratorOptions.awsCloudWatchLogsEndpoint,
+        credentials: AwsClientFactory.getCredentials(),
+      });
+    }
+
+    return this.cloudWatchLogs;
+  }
+
+  static getS3(): S3 {
+    if (!this.s3) {
+      this.s3 = new S3({
+        region: Input.region,
+        endpoint: OrchestratorOptions.awsS3Endpoint,
+        forcePathStyle: true,
+        credentials: AwsClientFactory.getCredentials(),
+      });
+    }
+
+    return this.s3;
+  }
+}
--- a/src/model/orchestrator/providers/aws/aws-cloud-formation-templates.ts
+++ b/src/model/orchestrator/providers/aws/aws-cloud-formation-templates.ts
@@ -21,6 +21,7 @@ export class AWSCloudFormationTemplates {

  public static getSecretDefinitionTemplate(p1: string, p2: string) {
    return `
+          Secrets:
            - Name: '${p1}'
              ValueFrom: !Ref ${p2}Secret
 `;
--- a/src/model/orchestrator/providers/aws/aws-error.ts
+++ b/src/model/orchestrator/providers/aws/aws-error.ts
@@ -0,0 +1,16 @@
+import OrchestratorLogger from '../../services/core/orchestrator-logger';
+import { CloudFormation, DescribeStackEventsCommand } from '@aws-sdk/client-cloudformation';
+import * as core from '@actions/core';
+import Orchestrator from '../../orchestrator';
+
+export class AWSError {
+  static async handleStackCreationFailure(error: any, CF: CloudFormation, taskDefStackName: string) {
+    OrchestratorLogger.log('aws error: ');
+    core.error(JSON.stringify(error, undefined, 4));
+    if (Orchestrator.buildParameters.orchestratorDebug) {
+      OrchestratorLogger.log('Getting events and resources for task stack');
+      const events = (await CF.send(new DescribeStackEventsCommand({ StackName: taskDefStackName }))).StackEvents;
+      OrchestratorLogger.log(JSON.stringify(events, undefined, 4));
+    }
+  }
+}
--- a/src/model/orchestrator/providers/aws/aws-job-stack.ts
+++ b/src/model/orchestrator/providers/aws/aws-job-stack.ts
@@ -1,14 +1,34 @@
-import * as SDK from 'aws-sdk';
-import CloudRunnerAWSTaskDef from './cloud-runner-aws-task-def';
-import CloudRunnerSecret from '../../options/cloud-runner-secret';
+import {
+  CloudFormation,
+  CreateStackCommand,
+  // eslint-disable-next-line import/named
+  CreateStackCommandInput,
+  DescribeStackResourcesCommand,
+  DescribeStacksCommand,
+  ListStacksCommand,
+  waitUntilStackCreateComplete,
+} from '@aws-sdk/client-cloudformation';
+import OrchestratorAWSTaskDef from './orchestrator-aws-task-def';
+import OrchestratorSecret from '../../options/orchestrator-secret';
 import { AWSCloudFormationTemplates } from './aws-cloud-formation-templates';
-import CloudRunnerLogger from '../../services/core/cloud-runner-logger';
+import OrchestratorLogger from '../../services/core/orchestrator-logger';
 import { AWSError } from './aws-error';
-import CloudRunner from '../../cloud-runner';
+import Orchestrator from '../../orchestrator';
 import { CleanupCronFormation } from './cloud-formations/cleanup-cron-formation';
-import CloudRunnerOptions from '../../options/cloud-runner-options';
+import OrchestratorOptions from '../../options/orchestrator-options';
 import { TaskDefinitionFormation } from './cloud-formations/task-definition-formation';

+const DEFAULT_STACK_WAIT_TIME_SECONDS = 600;
+
+function getStackWaitTime(): number {
+  const overrideValue = Number(process.env.ORCHESTRATOR_AWS_STACK_WAIT_TIME ?? '');
+  if (!Number.isNaN(overrideValue) && overrideValue > 0) {
+    return overrideValue;
+  }
+
+  return DEFAULT_STACK_WAIT_TIME_SECONDS;
+}
+
 export class AWSJobStack {
  private baseStackName: string;
  constructor(baseStackName: string) {
@@ -16,30 +36,30 @@ export class AWSJobStack {
  }

  public async setupCloudFormations(
-    CF: SDK.CloudFormation,
+    CF: CloudFormation,
    buildGuid: string,
    image: string,
    entrypoint: string[],
    commands: string,
    mountdir: string,
    workingdir: string,
-    secrets: CloudRunnerSecret[],
-  ): Promise<CloudRunnerAWSTaskDef> {
+    secrets: OrchestratorSecret[],
+  ): Promise<OrchestratorAWSTaskDef> {
    const taskDefStackName = `${this.baseStackName}-${buildGuid}`;
    let taskDefCloudFormation = AWSCloudFormationTemplates.readTaskCloudFormationTemplate();
    taskDefCloudFormation = taskDefCloudFormation.replace(
      `ContainerCpu:
    Default: 1024`,
      `ContainerCpu:
-    Default: ${Number.parseInt(CloudRunner.buildParameters.containerCpu)}`,
+    Default: ${Number.parseInt(Orchestrator.buildParameters.containerCpu)}`,
    );
    taskDefCloudFormation = taskDefCloudFormation.replace(
      `ContainerMemory:
    Default: 2048`,
      `ContainerMemory:
-    Default: ${Number.parseInt(CloudRunner.buildParameters.containerMemory)}`,
+    Default: ${Number.parseInt(Orchestrator.buildParameters.containerMemory)}`,
    );
-    if (!CloudRunnerOptions.asyncCloudRunner) {
+    if (!OrchestratorOptions.asyncOrchestrator) {
      taskDefCloudFormation = AWSCloudFormationTemplates.insertAtTemplate(
        taskDefCloudFormation,
        '# template resources logstream',
@@ -113,13 +133,13 @@ export class AWSJobStack {
      },
      ...secretsMappedToCloudFormationParameters,
    ];
-    CloudRunnerLogger.log(
-      `Starting AWS job with memory: ${CloudRunner.buildParameters.containerMemory} cpu: ${CloudRunner.buildParameters.containerCpu}`,
+    OrchestratorLogger.log(
+      `Starting AWS job with memory: ${Orchestrator.buildParameters.containerMemory} cpu: ${Orchestrator.buildParameters.containerCpu}`,
    );
    let previousStackExists = true;
    while (previousStackExists) {
      previousStackExists = false;
-      const stacks = await CF.listStacks().promise();
+      const stacks = await CF.send(new ListStacksCommand({}));
      if (!stacks.StackSummaries) {
        throw new Error('Faild to get stacks');
      }
@@ -127,22 +147,31 @@ export class AWSJobStack {
        const element = stacks.StackSummaries[index];
        if (element.StackName === taskDefStackName && element.StackStatus !== 'DELETE_COMPLETE') {
          previousStackExists = true;
-          CloudRunnerLogger.log(`Previous stack still exists: ${JSON.stringify(element)}`);
+          OrchestratorLogger.log(`Previous stack still exists: ${JSON.stringify(element)}`);
          await new Promise((promise) => setTimeout(promise, 5000));
        }
      }
    }
-    const createStackInput: SDK.CloudFormation.CreateStackInput = {
+    const createStackInput: CreateStackCommandInput = {
      StackName: taskDefStackName,
      TemplateBody: taskDefCloudFormation,
      Capabilities: ['CAPABILITY_IAM'],
      Parameters: parameters,
    };
    try {
-      CloudRunnerLogger.log(`Creating job aws formation ${taskDefStackName}`);
-      await CF.createStack(createStackInput).promise();
-      await CF.waitFor('stackCreateComplete', { StackName: taskDefStackName }).promise();
-      const describeStack = await CF.describeStacks({ StackName: taskDefStackName }).promise();
+      const stackWaitTimeSeconds = getStackWaitTime();
+      OrchestratorLogger.log(
+        `Creating job aws formation ${taskDefStackName} (waiting up to ${stackWaitTimeSeconds}s for completion)`,
+      );
+      await CF.send(new CreateStackCommand(createStackInput));
+      await waitUntilStackCreateComplete(
+        {
+          client: CF,
+          maxWaitTime: stackWaitTimeSeconds,
+        },
+        { StackName: taskDefStackName },
+      );
+      const describeStack = await CF.send(new DescribeStacksCommand({ StackName: taskDefStackName }));
      for (const parameter of parameters) {
        if (!describeStack.Stacks?.[0].Parameters?.some((x) => x.ParameterKey === parameter.ParameterKey)) {
          throw new Error(`Parameter ${parameter.ParameterKey} not found in stack`);
@@ -153,7 +182,7 @@ export class AWSJobStack {
      throw error;
    }

-    const createCleanupStackInput: SDK.CloudFormation.CreateStackInput = {
+    const createCleanupStackInput: CreateStackCommandInput = {
      StackName: `${taskDefStackName}-cleanup`,
      TemplateBody: CleanupCronFormation.formation,
      Capabilities: ['CAPABILITY_IAM'],
@@ -172,7 +201,7 @@ export class AWSJobStack {
        },
        {
          ParameterKey: 'BUILDGUID',
-          ParameterValue: CloudRunner.buildParameters.buildGuid,
+          ParameterValue: Orchestrator.buildParameters.buildGuid,
        },
        {
          ParameterKey: 'EnvironmentName',
@@ -180,10 +209,10 @@ export class AWSJobStack {
        },
      ],
    };
-    if (CloudRunnerOptions.useCleanupCron) {
+    if (OrchestratorOptions.useCleanupCron) {
      try {
-        CloudRunnerLogger.log(`Creating job cleanup formation`);
-        await CF.createStack(createCleanupStackInput).promise();
+        OrchestratorLogger.log(`Creating job cleanup formation`);
+        await CF.send(new CreateStackCommand(createCleanupStackInput));

        // await CF.waitFor('stackCreateComplete', { StackName: createCleanupStackInput.StackName }).promise();
      } catch (error) {
@@ -193,12 +222,15 @@ export class AWSJobStack {
    }

    const taskDefResources = (
-      await CF.describeStackResources({
-        StackName: taskDefStackName,
-      }).promise()
+      await CF.send(
+        new DescribeStackResourcesCommand({
+          StackName: taskDefStackName,
+        }),
+      )
    ).StackResources;

-    const baseResources = (await CF.describeStackResources({ StackName: this.baseStackName }).promise()).StackResources;
+    const baseResources = (await CF.send(new DescribeStackResourcesCommand({ StackName: this.baseStackName })))
+      .StackResources;

    return {
      taskDefStackName,
--- a/src/model/orchestrator/providers/aws/aws-task-runner.ts
+++ b/src/model/orchestrator/providers/aws/aws-task-runner.ts
@@ -0,0 +1,335 @@
+import { DescribeTasksCommand, RunTaskCommand, waitUntilTasksRunning } from '@aws-sdk/client-ecs';
+import { DescribeStreamCommand, GetRecordsCommand, GetShardIteratorCommand } from '@aws-sdk/client-kinesis';
+import OrchestratorEnvironmentVariable from '../../options/orchestrator-environment-variable';
+import * as core from '@actions/core';
+import OrchestratorAWSTaskDef from './orchestrator-aws-task-def';
+import * as zlib from 'node:zlib';
+import OrchestratorLogger from '../../services/core/orchestrator-logger';
+import { Input } from '../../..';
+import Orchestrator from '../../orchestrator';
+import { CommandHookService } from '../../services/hooks/command-hook-service';
+import { FollowLogStreamService } from '../../services/core/follow-log-stream-service';
+import OrchestratorOptions from '../../options/orchestrator-options';
+import GitHub from '../../../github';
+import { AwsClientFactory } from './aws-client-factory';
+
+class AWSTaskRunner {
+  private static readonly encodedUnderscore = `$252F`;
+
+  /**
+   * Transform localhost endpoints to host.docker.internal for container environments.
+   * When LocalStack is used, ECS tasks run in Docker containers that need to reach
+   * LocalStack on the host machine via host.docker.internal.
+   */
+  private static transformEndpointsForContainer(
+    environment: OrchestratorEnvironmentVariable[],
+  ): OrchestratorEnvironmentVariable[] {
+    const endpointEnvironmentNames = new Set([
+      'AWS_S3_ENDPOINT',
+      'AWS_ENDPOINT',
+      'AWS_CLOUD_FORMATION_ENDPOINT',
+      'AWS_ECS_ENDPOINT',
+      'AWS_KINESIS_ENDPOINT',
+      'AWS_CLOUD_WATCH_LOGS_ENDPOINT',
+      'INPUT_AWSS3ENDPOINT',
+      'INPUT_AWSENDPOINT',
+    ]);
+
+    return environment.map((x) => {
+      let value = x.value;
+      if (
+        typeof value === 'string' &&
+        endpointEnvironmentNames.has(x.name) &&
+        (value.startsWith('http://localhost') || value.startsWith('http://127.0.0.1'))
+      ) {
+        // Replace localhost with host.docker.internal so ECS containers can access host services
+        value = value
+          .replace('http://localhost', 'http://host.docker.internal')
+          .replace('http://127.0.0.1', 'http://host.docker.internal');
+        OrchestratorLogger.log(`AWS TaskRunner: Replaced localhost with host.docker.internal for ${x.name}: ${value}`);
+      }
+
+      return { name: x.name, value };
+    });
+  }
+
+  static async runTask(
+    taskDef: OrchestratorAWSTaskDef,
+    environment: OrchestratorEnvironmentVariable[],
+    commands: string,
+  ): Promise<{ output: string; shouldCleanup: boolean }> {
+    const cluster = taskDef.baseResources?.find((x) => x.LogicalResourceId === 'ECSCluster')?.PhysicalResourceId || '';
+    const taskDefinition =
+      taskDef.taskDefResources?.find((x) => x.LogicalResourceId === 'TaskDefinition')?.PhysicalResourceId || '';
+    const SubnetOne =
+      taskDef.baseResources?.find((x) => x.LogicalResourceId === 'PublicSubnetOne')?.PhysicalResourceId || '';
+    const SubnetTwo =
+      taskDef.baseResources?.find((x) => x.LogicalResourceId === 'PublicSubnetTwo')?.PhysicalResourceId || '';
+    const ContainerSecurityGroup =
+      taskDef.baseResources?.find((x) => x.LogicalResourceId === 'ContainerSecurityGroup')?.PhysicalResourceId || '';
+    const streamName =
+      taskDef.taskDefResources?.find((x) => x.LogicalResourceId === 'KinesisStream')?.PhysicalResourceId || '';
+
+    // Transform localhost endpoints for container environment
+    const transformedEnvironment = AWSTaskRunner.transformEndpointsForContainer(environment);
+
+    const runParameters = {
+      cluster,
+      taskDefinition,
+      platformVersion: '1.4.0',
+      overrides: {
+        containerOverrides: [
+          {
+            name: taskDef.taskDefStackName,
+            environment: transformedEnvironment,
+            command: ['-c', CommandHookService.ApplyHooksToCommands(commands, Orchestrator.buildParameters)],
+          },
+        ],
+      },
+      launchType: 'FARGATE',
+      networkConfiguration: {
+        awsvpcConfiguration: {
+          subnets: [SubnetOne, SubnetTwo],
+          assignPublicIp: 'ENABLED',
+          securityGroups: [ContainerSecurityGroup],
+        },
+      },
+    };
+
+    if (JSON.stringify(runParameters.overrides.containerOverrides).length > 8192) {
+      OrchestratorLogger.log(JSON.stringify(runParameters.overrides.containerOverrides, undefined, 4));
+      throw new Error(`Container Overrides length must be at most 8192`);
+    }
+
+    const task = await AwsClientFactory.getECS().send(new RunTaskCommand(runParameters as any));
+    const taskArn = task.tasks?.[0].taskArn || '';
+    OrchestratorLogger.log('Orchestrator job is starting');
+    await AWSTaskRunner.waitUntilTaskRunning(taskArn, cluster);
+    OrchestratorLogger.log(
+      `Orchestrator job status is running ${(await AWSTaskRunner.describeTasks(cluster, taskArn))?.lastStatus} Async:${
+        OrchestratorOptions.asyncOrchestrator
+      }`,
+    );
+    if (OrchestratorOptions.asyncOrchestrator) {
+      const shouldCleanup: boolean = false;
+      const output: string = '';
+      OrchestratorLogger.log(`Watch Orchestrator To End: false`);
+
+      return { output, shouldCleanup };
+    }
+
+    OrchestratorLogger.log(`Streaming...`);
+    const { output, shouldCleanup } = await this.streamLogsUntilTaskStops(cluster, taskArn, streamName);
+    let exitCode;
+    let containerState;
+    let taskData;
+    while (exitCode === undefined) {
+      await new Promise((resolve) => setTimeout(resolve, 10000));
+      taskData = await AWSTaskRunner.describeTasks(cluster, taskArn);
+      const containers = taskData?.containers as any[] | undefined;
+      if (!containers || containers.length === 0) {
+        continue;
+      }
+      containerState = containers[0];
+      exitCode = containerState?.exitCode;
+    }
+    OrchestratorLogger.log(`Container State: ${JSON.stringify(containerState, undefined, 4)}`);
+    if (exitCode === undefined) {
+      OrchestratorLogger.logWarning(`Undefined exitcode for container`);
+    }
+    const wasSuccessful = exitCode === 0;
+    if (wasSuccessful) {
+      OrchestratorLogger.log(`Orchestrator job has finished successfully`);
+
+      return { output, shouldCleanup };
+    }
+
+    if (taskData?.stoppedReason === 'Essential container in task exited' && exitCode === 1) {
+      throw new Error('Container exited with code 1');
+    }
+
+    throw new Error(`Task failed`);
+  }
+
+  private static async waitUntilTaskRunning(taskArn: string, cluster: string) {
+    try {
+      await waitUntilTasksRunning(
+        {
+          client: AwsClientFactory.getECS(),
+          maxWaitTime: 300,
+          minDelay: 5,
+          maxDelay: 30,
+        },
+        { tasks: [taskArn], cluster },
+      );
+    } catch (error_) {
+      const error = error_ as Error;
+      await new Promise((resolve) => setTimeout(resolve, 3000));
+      const taskAfterError = await AWSTaskRunner.describeTasks(cluster, taskArn);
+      OrchestratorLogger.log(`Orchestrator job has ended ${taskAfterError?.containers?.[0]?.lastStatus}`);
+
+      core.setFailed(error);
+      core.error(error);
+    }
+  }
+
+  static async describeTasks(clusterName: string, taskArn: string) {
+    const maxAttempts = 10;
+    let delayMs = 1000;
+    const maxDelayMs = 60000;
+    for (let attempt = 1; attempt <= maxAttempts; attempt++) {
+      try {
+        const tasks = await AwsClientFactory.getECS().send(
+          new DescribeTasksCommand({ cluster: clusterName, tasks: [taskArn] }),
+        );
+        if (tasks.tasks?.[0]) {
+          return tasks.tasks?.[0];
+        }
+        throw new Error('No task found');
+      } catch (error: any) {
+        const isThrottle = error?.name === 'ThrottlingException' || /rate exceeded/i.test(String(error?.message));
+        if (!isThrottle || attempt === maxAttempts) {
+          throw error;
+        }
+        const jitterMs = Math.floor(Math.random() * Math.min(1000, delayMs));
+        const sleepMs = delayMs + jitterMs;
+        OrchestratorLogger.log(
+          `AWS throttled DescribeTasks (attempt ${attempt}/${maxAttempts}), backing off ${sleepMs}ms (${delayMs} + jitter ${jitterMs})`,
+        );
+        await new Promise((r) => setTimeout(r, sleepMs));
+        delayMs = Math.min(delayMs * 2, maxDelayMs);
+      }
+    }
+  }
+
+  static async streamLogsUntilTaskStops(clusterName: string, taskArn: string, kinesisStreamName: string) {
+    await new Promise((resolve) => setTimeout(resolve, 3000));
+    OrchestratorLogger.log(`Streaming...`);
+    const stream = await AWSTaskRunner.getLogStream(kinesisStreamName);
+    let iterator = await AWSTaskRunner.getLogIterator(stream);
+
+    const logBaseUrl = `https://${Input.region}.console.aws.amazon.com/cloudwatch/home?region=${Input.region}#logsV2:log-groups/log-group/${Orchestrator.buildParameters.awsStackName}${AWSTaskRunner.encodedUnderscore}${Orchestrator.buildParameters.awsStackName}-${Orchestrator.buildParameters.buildGuid}`;
+    OrchestratorLogger.log(`You view the log stream on AWS Cloud Watch: ${logBaseUrl}`);
+    await GitHub.updateGitHubCheck(`You view the log stream on AWS Cloud Watch:  ${logBaseUrl}`, ``);
+    let shouldReadLogs = true;
+    let shouldCleanup = true;
+    let timestamp: number = 0;
+    let output = '';
+    while (shouldReadLogs) {
+      await new Promise((resolve) => setTimeout(resolve, 1500));
+      const taskData = await AWSTaskRunner.describeTasks(clusterName, taskArn);
+      ({ timestamp, shouldReadLogs } = AWSTaskRunner.checkStreamingShouldContinue(taskData, timestamp, shouldReadLogs));
+      if (taskData?.lastStatus !== 'RUNNING') {
+        await new Promise((resolve) => setTimeout(resolve, 3500));
+      }
+      ({ iterator, shouldReadLogs, output, shouldCleanup } = await AWSTaskRunner.handleLogStreamIteration(
+        iterator,
+        shouldReadLogs,
+        output,
+        shouldCleanup,
+      ));
+    }
+
+    return { output, shouldCleanup };
+  }
+
+  private static async handleLogStreamIteration(
+    iterator: string,
+    shouldReadLogs: boolean,
+    output: string,
+    shouldCleanup: boolean,
+  ) {
+    let records: any;
+    try {
+      records = await AwsClientFactory.getKinesis().send(new GetRecordsCommand({ ShardIterator: iterator }));
+    } catch (error: any) {
+      const isThrottle = error?.name === 'ThrottlingException' || /rate exceeded/i.test(String(error?.message));
+      if (isThrottle) {
+        const baseBackoffMs = 1000;
+        const jitterMs = Math.floor(Math.random() * 1000);
+        const sleepMs = baseBackoffMs + jitterMs;
+        OrchestratorLogger.log(`AWS throttled GetRecords, backing off ${sleepMs}ms (1000 + jitter ${jitterMs})`);
+        await new Promise((r) => setTimeout(r, sleepMs));
+
+        return { iterator, shouldReadLogs, output, shouldCleanup };
+      }
+      throw error;
+    }
+    iterator = records.NextShardIterator || '';
+    ({ shouldReadLogs, output, shouldCleanup } = AWSTaskRunner.logRecords(
+      records,
+      iterator,
+      shouldReadLogs,
+      output,
+      shouldCleanup,
+    ));
+
+    return { iterator, shouldReadLogs, output, shouldCleanup };
+  }
+
+  private static checkStreamingShouldContinue(taskData: any, timestamp: number, shouldReadLogs: boolean) {
+    if (taskData?.lastStatus === 'UNKNOWN') {
+      OrchestratorLogger.log('## Orchestrator job unknwon');
+    }
+    if (taskData?.lastStatus !== 'RUNNING') {
+      if (timestamp === 0) {
+        OrchestratorLogger.log('## Orchestrator job stopped, streaming end of logs');
+        timestamp = Date.now();
+      }
+      if (timestamp !== 0 && Date.now() - timestamp > 30000) {
+        OrchestratorLogger.log('## Orchestrator status is not RUNNING for 30 seconds, last query for logs');
+        shouldReadLogs = false;
+      }
+      OrchestratorLogger.log(`## Status of job: ${taskData.lastStatus}`);
+    }
+
+    return { timestamp, shouldReadLogs };
+  }
+
+  private static logRecords(
+    records: any,
+    iterator: string,
+    shouldReadLogs: boolean,
+    output: string,
+    shouldCleanup: boolean,
+  ) {
+    if ((records.Records ?? []).length > 0 && iterator) {
+      for (const record of records.Records ?? []) {
+        const json = JSON.parse(
+          zlib.gunzipSync(Buffer.from(record.Data as unknown as string, 'base64')).toString('utf8'),
+        );
+        if (json.messageType === 'DATA_MESSAGE') {
+          for (const logEvent of json.logEvents) {
+            ({ shouldReadLogs, shouldCleanup, output } = FollowLogStreamService.handleIteration(
+              logEvent.message,
+              shouldReadLogs,
+              shouldCleanup,
+              output,
+            ));
+          }
+        }
+      }
+    }
+
+    return { shouldReadLogs, output, shouldCleanup };
+  }
+
+  private static async getLogStream(kinesisStreamName: string) {
+    return await AwsClientFactory.getKinesis().send(new DescribeStreamCommand({ StreamName: kinesisStreamName }));
+  }
+
+  private static async getLogIterator(stream: any) {
+    return (
+      (
+        await AwsClientFactory.getKinesis().send(
+          new GetShardIteratorCommand({
+            ShardIteratorType: 'TRIM_HORIZON',
+            StreamName: stream.StreamDescription?.StreamName ?? '',
+            ShardId: stream.StreamDescription?.Shards?.[0]?.ShardId || '',
+          }),
+        )
+      ).ShardIterator || ''
+    );
+  }
+}
+export default AWSTaskRunner;
--- a/src/model/orchestrator/providers/aws/cloud-formations/base-stack-formation.ts
+++ b/src/model/orchestrator/providers/aws/cloud-formations/base-stack-formation.ts
--- a/src/model/orchestrator/providers/aws/cloud-formations/cleanup-cron-formation.ts
+++ b/src/model/orchestrator/providers/aws/cloud-formations/cleanup-cron-formation.ts
--- a/Show More
+++ b/Show More