From db75dc0a59a27eb3747c62d5051743acb75901cc Mon Sep 17 00:00:00 2001 From: Ivan Dlugos <6349682+vaind@users.noreply.github.com> Date: Fri, 19 Sep 2025 20:13:12 +0200 Subject: [PATCH 1/5] chore/danger-workflow-download --- .github/workflows/danger.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/danger.yml b/.github/workflows/danger.yml index c2e3931b..4bed880b 100644 --- a/.github/workflows/danger.yml +++ b/.github/workflows/danger.yml @@ -24,6 +24,7 @@ jobs: - name: Download dangerfile.js and utilities run: | + printenv wget https://raw.githubusercontent.com/getsentry/github-workflows/${{ inputs._workflow_version }}/danger/dangerfile.js -P ${{ runner.temp }} wget https://raw.githubusercontent.com/getsentry/github-workflows/${{ inputs._workflow_version }}/danger/dangerfile-utils.js -P ${{ runner.temp }} From 33fcf3ca21a85e4a5ea5e56212ff2309cb37efe9 Mon Sep 17 00:00:00 2001 From: Ivan Dlugos Date: Fri, 19 Sep 2025 20:25:02 +0200 Subject: [PATCH 2/5] Use GITHUB_WORKFLOW_REF instead of _workflow_version input MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Automatically determines the workflow reference from GITHUB_WORKFLOW_REF instead of requiring manual _workflow_version input parameter. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- .github/workflows/danger-workflow-tests.yml | 2 -- .github/workflows/danger.yml | 13 ++++--------- 2 files changed, 4 insertions(+), 11 deletions(-) diff --git a/.github/workflows/danger-workflow-tests.yml b/.github/workflows/danger-workflow-tests.yml index 0b27a3a1..dd9877a1 100644 --- a/.github/workflows/danger-workflow-tests.yml +++ b/.github/workflows/danger-workflow-tests.yml @@ -8,8 +8,6 @@ on: jobs: danger: uses: ./.github/workflows/danger.yml - with: - _workflow_version: ${{ github.sha }} test-outputs: runs-on: ubuntu-latest diff --git a/.github/workflows/danger.yml b/.github/workflows/danger.yml index 4bed880b..6cdf7159 100644 --- a/.github/workflows/danger.yml +++ b/.github/workflows/danger.yml @@ -1,12 +1,6 @@ # Runs DangerJS with a pre-configured set of rules on a Pull Request. on: workflow_call: - inputs: - _workflow_version: - description: 'Internal: specify github-workflows (this repo) revision to use when checking out scripts.' - type: string - required: false - default: v2 # Note: update when publishing a new version outputs: outcome: description: Whether the Danger run finished successfully. Possible values are success, failure, cancelled, or skipped. @@ -24,9 +18,10 @@ jobs: - name: Download dangerfile.js and utilities run: | - printenv - wget https://raw.githubusercontent.com/getsentry/github-workflows/${{ inputs._workflow_version }}/danger/dangerfile.js -P ${{ runner.temp }} - wget https://raw.githubusercontent.com/getsentry/github-workflows/${{ inputs._workflow_version }}/danger/dangerfile-utils.js -P ${{ runner.temp }} + # Extract the ref from GITHUB_WORKFLOW_REF (e.g., getsentry/github-workflows/.github/workflows/danger.yml@refs/pull/109/merge -> refs/pull/109/merge) + WORKFLOW_REF=$(echo "${{ github.workflow_ref }}" | sed 's/.*@//') + wget https://raw.githubusercontent.com/getsentry/github-workflows/${WORKFLOW_REF}/danger/dangerfile.js -P ${{ runner.temp }} + wget https://raw.githubusercontent.com/getsentry/github-workflows/${WORKFLOW_REF}/danger/dangerfile-utils.js -P ${{ runner.temp }} # Using a pre-built docker image in GitHub container registry instaed of NPM to reduce possible attack vectors. - name: Run DangerJS From 7c6534a038a4fd0b2ac940a9325d350321c3075e Mon Sep 17 00:00:00 2001 From: Ivan Dlugos Date: Fri, 19 Sep 2025 20:29:38 +0200 Subject: [PATCH 3/5] Update updater workflow to use GITHUB_WORKFLOW_REF MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Remove _workflow_version input parameter and automatically determine the workflow reference from GITHUB_WORKFLOW_REF instead. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- .github/workflows/updater.yml | 9 +++------ .github/workflows/workflow-tests.yml | 2 -- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml index e98a257f..8cf48e87 100644 --- a/.github/workflows/updater.yml +++ b/.github/workflows/updater.yml @@ -38,11 +38,6 @@ on: type: string required: false default: create - _workflow_version: - description: 'Internal: specify github-workflows (this repo) revision to use when checking out scripts.' - type: string - required: false - default: v2 # Note: update when publishing a new version secrets: api-token: required: true @@ -141,11 +136,13 @@ jobs: # Note: cannot use `actions/checkout` at the moment because you can't clone outside of the repo root. # Follow https://github.com/actions/checkout/issues/197 run: | + # Extract the ref from GITHUB_WORKFLOW_REF (e.g., getsentry/github-workflows/.github/workflows/updater.yml@refs/pull/109/merge -> refs/pull/109/merge) + WORKFLOW_REF=$(echo "${{ github.workflow_ref }}" | sed 's/.*@//') mkdir -p ${{ runner.temp }}/ghwf cd ${{ runner.temp }}/ghwf git init git remote add origin https://github.com/getsentry/github-workflows.git - git fetch --depth 1 origin ${{ inputs._workflow_version }} + git fetch --depth 1 origin ${WORKFLOW_REF} git checkout FETCH_HEAD - name: Update to the latest version diff --git a/.github/workflows/workflow-tests.yml b/.github/workflows/workflow-tests.yml index aeeb351b..da019473 100644 --- a/.github/workflows/workflow-tests.yml +++ b/.github/workflows/workflow-tests.yml @@ -12,7 +12,6 @@ jobs: name: WORKFLOW-TEST-DEPENDENCY-DO-NOT-MERGE pattern: '^2\.0\.' pr-strategy: update - _workflow_version: ${{ github.sha }} secrets: api-token: ${{ github.token }} @@ -23,7 +22,6 @@ jobs: name: Workflow args test script runs-on: macos-latest pattern: '.*' - _workflow_version: ${{ github.sha }} secrets: api-token: ${{ github.token }} From 758c2992d70de5f542d7c305a496907d9dbcc8a6 Mon Sep 17 00:00:00 2001 From: Ivan Dlugos Date: Fri, 19 Sep 2025 20:33:03 +0200 Subject: [PATCH 4/5] Add changelog entry for GITHUB_WORKFLOW_REF fix MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- CHANGELOG.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ed4b44cd..2fb48ba1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ # Changelog +## Unreleased + +### Fixes + +- Use GITHUB_WORKFLOW_REF instead of _workflow_version input parameter to automatically determine workflow script versions ([#109](https://github.com/getsentry/github-workflows/pull/109)) + ## 2.14.0 ### Features From c2d6b718e4e8263f0f9b1bc2bbf6deea7134eb23 Mon Sep 17 00:00:00 2001 From: Ivan Dlugos Date: Fri, 19 Sep 2025 22:48:58 +0200 Subject: [PATCH 5/5] fix(updater): Convert shell commands to PowerShell in workflow checkout step MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The workflow was failing because it used shell syntax (bash) in a PowerShell context. Converted the shell commands to proper PowerShell equivalents: - Variable assignment using PowerShell syntax - mkdir -> New-Item with -Force flag - cd -> Set-Location - regex replacement using PowerShell -replace operator 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- .github/workflows/updater.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml index 8cf48e87..dfe349bc 100644 --- a/.github/workflows/updater.yml +++ b/.github/workflows/updater.yml @@ -137,12 +137,12 @@ jobs: # Follow https://github.com/actions/checkout/issues/197 run: | # Extract the ref from GITHUB_WORKFLOW_REF (e.g., getsentry/github-workflows/.github/workflows/updater.yml@refs/pull/109/merge -> refs/pull/109/merge) - WORKFLOW_REF=$(echo "${{ github.workflow_ref }}" | sed 's/.*@//') - mkdir -p ${{ runner.temp }}/ghwf - cd ${{ runner.temp }}/ghwf + $workflowRef = '${{ github.workflow_ref }}' -replace '.*@', '' + New-Item -ItemType Directory -Force -Path '${{ runner.temp }}/ghwf' + Set-Location '${{ runner.temp }}/ghwf' git init git remote add origin https://github.com/getsentry/github-workflows.git - git fetch --depth 1 origin ${WORKFLOW_REF} + git fetch --depth 1 origin $workflowRef git checkout FETCH_HEAD - name: Update to the latest version