diff --git a/.github/commitlint.config.mjs b/.github/commitlint.config.mjs
index f8ef60e8..cba64c5d 100644
--- a/.github/commitlint.config.mjs
+++ b/.github/commitlint.config.mjs
@@ -12,7 +12,8 @@ export default {
         'commitlint',
         'labeler',
         'renovate',
-        'sonar-dotnet'
+        'sonar-dotnet',
+        'arc-container'
     ]]
   }
 };
diff --git a/.github/workflows/actions-runner-container.yaml b/.github/workflows/actions-runner-container.yaml
new file mode 100644
index 00000000..3dc27071
--- /dev/null
+++ b/.github/workflows/actions-runner-container.yaml
@@ -0,0 +1,45 @@
+name: Build Actions Runner Container
+
+on:
+  pull_request:
+    paths:
+      - '.github/workflows/actions-runner-container.yaml'
+      - 'containers/actions-runner/**'
+  push:
+    branches:
+      - 'main'
+    paths:
+      - '.github/workflows/actions-runner-container.yaml'
+      - 'containers/actions-runner/**'
+
+permissions:
+  contents: write
+  pull-requests: write
+  actions: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  # Cancel early on pull requests if new commits are added,
+  # Don't cancel on release pushes
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
+jobs:
+  # Job name must be unique across repo to target
+  # branch protection rules "required checks" properly!
+  actions-runner-container:
+    uses: SwanseaUniversityMedical/workflows/.github/workflows/pr-and-release-container.yaml@feat/runs-on-input
+    with:
+      job-name: actions-runner-container
+      comment-pr: "true"
+      comment-release: "true"
+      registry: ${{ vars.HARBOR_REGISTRY }}
+      registry-user: ${{ vars.HARBOR_USER }}
+      registry-repo: ${{ vars.HARBOR_PROJECT }}/actions-runner
+      release-tag-format: 'v${version}-actions-runner-container'
+      cosign-public-key: ${{ vars.COSIGN_PUBLIC_KEY }}
+      build-file: containers/actions-runner/Dockerfile
+      build-context: containers/actions-runner
+    secrets:
+      cosign-private-key: ${{ secrets.COSIGN_PRIVATE_KEY }}
+      cosign-password: ${{ secrets.COSIGN_PASSWORD }}
+      registry-token: ${{ secrets.HARBOR_TOKEN }}
diff --git a/containers/actions-runner/Dockerfile b/containers/actions-runner/Dockerfile
new file mode 100644
index 00000000..9612011b
--- /dev/null
+++ b/containers/actions-runner/Dockerfile
@@ -0,0 +1,18 @@
+FROM ghcr.io/actions/actions-runner:2.318.0
+
+LABEL org.opencontainers.image.source=https://github.com/SwanseaUniversityMedical/workflows
+
+# Add missing dependencies compared to the old summerwind runners
+USER root
+RUN apt-get update && \
+    DEBIAN_FRONTEND=noninteractive \
+    apt-get install -y --no-install-recommends \
+      curl unzip jq wget python3-pip git-all && \
+    rm -rf /var/lib/apt/lists/*
+
+RUN echo 'export PATH="/home/runner/.local/bin:$PATH"' >> /etc/profile
+ENV PATH="/home/runner/.local/bin:$PATH"
+
+USER runner
+ENV PATH="/home/runner/.local/bin:$PATH"
+