diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml
index 5710b7f3c8..69869c8c28 100644
--- a/.github/workflows/cla.yml
+++ b/.github/workflows/cla.yml
@@ -14,7 +14,7 @@ permissions:
 jobs:
   ContributorLicenseAgreement:
     if: github.repository == 'signalfx/splunk-otel-collector'
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - name: "CLA Assistant"
         if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target'
diff --git a/.github/workflows/cleanup-closed-pr.yml b/.github/workflows/cleanup-closed-pr.yml
index 5411c678a1..1d3693bcfd 100644
--- a/.github/workflows/cleanup-closed-pr.yml
+++ b/.github/workflows/cleanup-closed-pr.yml
@@ -7,7 +7,7 @@ on:
 
 jobs:
   cleanup:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - name: Check out code
         uses: actions/checkout@v4
diff --git a/.github/workflows/nomad.yml b/.github/workflows/nomad.yml
index b829fbe469..d0aea7744f 100644
--- a/.github/workflows/nomad.yml
+++ b/.github/workflows/nomad.yml
@@ -22,7 +22,7 @@ jobs:
   test:
     timeout-minutes: 30
     name: Test
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     strategy:
       matrix:
         nomad: [ "1.6.10-1", "1.7.7-1" ]
diff --git a/.github/workflows/splunk-ta-otel.yml b/.github/workflows/splunk-ta-otel.yml
index 3da88bb498..3de768ccd0 100644
--- a/.github/workflows/splunk-ta-otel.yml
+++ b/.github/workflows/splunk-ta-otel.yml
@@ -24,7 +24,7 @@ env:
 jobs:
   setup-environment:
     name: setup-environment
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - name: Check out the codebase.
         uses: actions/checkout@v4
@@ -42,7 +42,7 @@ jobs:
 
   test:
     name: test
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     needs: [setup-environment]
     steps:
       - name: Check out the codebase.
@@ -62,7 +62,7 @@ jobs:
 
 
   check_changes:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     outputs:
       ta_packaging_change: ${{ steps.filter.outputs.ta_packaging_change }}
       ta_workflow_change: ${{ steps.filter.outputs.ta_workflow_change }}
@@ -95,7 +95,7 @@ jobs:
 
   distribute-ta:
     name: "distribute-ta" # what gets run to package in gitlab
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     needs: [setup-environment, check_changes]
     if: needs.check_changes.outputs.ta_packaging_change == 'true' || needs.check_changes.outputs.ta_workflow_change == 'true'
     steps:
diff --git a/.github/workflows/vuln-scans.yml b/.github/workflows/vuln-scans.yml
index 81ff694d5f..b27e980b43 100644
--- a/.github/workflows/vuln-scans.yml
+++ b/.github/workflows/vuln-scans.yml
@@ -202,7 +202,7 @@ jobs:
           image: "otelcol-windows:latest"
 
   check-snyk-token:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     outputs:
       has-snyk-token: ${{ steps.snyk-token-check.outputs.defined }}
     steps:
@@ -216,7 +216,7 @@ jobs:
           fi
 
   snyk-fs-scan:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     needs: check-snyk-token
     if: ${{ needs.check-snyk-token.outputs.has-snyk-token == 'true' }}
     steps:
@@ -235,7 +235,7 @@ jobs:
           sarif_file: snyk.sarif
 
   snyk-docker-scan:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     needs: [docker-otelcol, check-snyk-token]
     if: ${{ needs.check-snyk-token.outputs.has-snyk-token == 'true' }}
     strategy:
@@ -268,7 +268,7 @@ jobs:
           sarif_file: snyk.sarif
 
   govulncheck:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     timeout-minutes: 30
     steps:
       - name: Checkout Repo