From 6b9b66d6f90dfbf3e390320ba7ce48abfda4b709 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 12:31:06 +0100 Subject: [PATCH 01/17] Add workflow for updating release used by `start-proxy` --- .github/workflows/update-proxy-release.yml | 72 ++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 .github/workflows/update-proxy-release.yml diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml new file mode 100644 index 0000000000..b62074228d --- /dev/null +++ b/.github/workflows/update-proxy-release.yml @@ -0,0 +1,72 @@ +name: Update dependency proxy release assets +on: + workflow_dispatch: + inputs: + tag: + description: "The tag of CodeQL Bundle release that contains the proxy binaries as release assets" + type: string + required: true + +jobs: + update: + name: Update code and create PR + timeout-minutes: 15 + runs-on: macos-latest + permissions: + contents: write # needed to push the updated files + pull-requests: write # needed to create the PR + steps: + - name: Install Node + uses: actions/setup-node@v4 + + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 # ensure we have all tags and can push commits + + - name: Update git config + shell: bash + run: | + git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" + git config --global user.name "github-actions[bot]" + + - name: Update release tag and version + shell: bash + run: | + NOW=$(date +"%Y%m%d%H%M%S") # only used to make sure we don't fetch stale binaries from the toolcache + sed -i '' 's|https://github.com/github/codeql-action/releases/download/codeql-bundle-[0-9.]*/|https://github.com/github/codeql-action/releases/download/${{ inputs.tag }}/|g' ./src/start-proxy-action.ts + sed -i '' "s/\"v2.0.[0-9]*\"/\"v2.0.$NOW\"/g" ./src/start-proxy-action.ts + + - name: Push changes and open PR + shell: bash + env: + BRANCH: "dependency-proxy/${{ inputs.tag }}" + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + run: | + set -exu + pr_title="Update release used by `start-proxy` to ${{ inputs.tag }}" + pr_body=$(cat << EOF + This PR updates the `start-proxy` action to use the private registry proxy binaries that + are attached as release assets to the `${{ inputs.tag }}` release. + + + Please do the following before merging: + + - [ ] Verify that the changes to the code are correct. + EOF + ) + + git checkout -b "$BRANCH" + + npm run build + git add ./src/start-proxy-action.ts + git add ./lib + git commit -m "$pr_title" + + git push origin "$BRANCH" + gh pr create \ + --head "$BRANCH" \ + --base "main" \ + --title "${pr_title}" \ + --body "${pr_body}" \ + --draft From 0180811a94de059a9420a522e8068d61e99a1ccf Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 12:34:21 +0100 Subject: [PATCH 02/17] Use environment variable to store release tag --- .github/workflows/update-proxy-release.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index b62074228d..f5b21d6a27 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -15,6 +15,8 @@ jobs: permissions: contents: write # needed to push the updated files pull-requests: write # needed to create the PR + env: + RELEASE_TAG: ${{ inputs.tag }} steps: - name: Install Node uses: actions/setup-node@v4 @@ -34,20 +36,20 @@ jobs: shell: bash run: | NOW=$(date +"%Y%m%d%H%M%S") # only used to make sure we don't fetch stale binaries from the toolcache - sed -i '' 's|https://github.com/github/codeql-action/releases/download/codeql-bundle-[0-9.]*/|https://github.com/github/codeql-action/releases/download/${{ inputs.tag }}/|g' ./src/start-proxy-action.ts + sed -i '' "s|https://github.com/github/codeql-action/releases/download/codeql-bundle-[0-9.]*/|https://github.com/github/codeql-action/releases/download/$RELEASE_TAG/|g" ./src/start-proxy-action.ts sed -i '' "s/\"v2.0.[0-9]*\"/\"v2.0.$NOW\"/g" ./src/start-proxy-action.ts - name: Push changes and open PR shell: bash env: - BRANCH: "dependency-proxy/${{ inputs.tag }}" + BRANCH: "dependency-proxy/$RELEASE_TAG" GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" run: | set -exu - pr_title="Update release used by `start-proxy` to ${{ inputs.tag }}" + pr_title="Update release used by `start-proxy` to $RELEASE_TAG" pr_body=$(cat << EOF This PR updates the `start-proxy` action to use the private registry proxy binaries that - are attached as release assets to the `${{ inputs.tag }}` release. + are attached as release assets to the `$RELEASE_TAG` release. Please do the following before merging: From e8ad3afb1e33fc0b34c9b187e43d9635c46baeb9 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 12:34:52 +0100 Subject: [PATCH 03/17] Add `push` trigger for testing --- .github/workflows/update-proxy-release.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index f5b21d6a27..61d88cc538 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -1,5 +1,8 @@ name: Update dependency proxy release assets on: + push: + branches: + - mbg/update-proxy-binaries # for testing workflow_dispatch: inputs: tag: @@ -16,7 +19,7 @@ jobs: contents: write # needed to push the updated files pull-requests: write # needed to create the PR env: - RELEASE_TAG: ${{ inputs.tag }} + RELEASE_TAG: ${{ inputs.tag || 'codeql-bundle-v2.22.0' }} steps: - name: Install Node uses: actions/setup-node@v4 From 286556a968509349a3a7977161db2bca69e26c15 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 12:41:56 +0100 Subject: [PATCH 04/17] Fix `pr_title` quotes --- .github/workflows/update-proxy-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index 61d88cc538..d131eb8699 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -49,7 +49,7 @@ jobs: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" run: | set -exu - pr_title="Update release used by `start-proxy` to $RELEASE_TAG" + pr_title="Update release used by \`start-proxy\` to $RELEASE_TAG" pr_body=$(cat << EOF This PR updates the `start-proxy` action to use the private registry proxy binaries that are attached as release assets to the `$RELEASE_TAG` release. From 7ca4105454aaf9bea30f2835db61d9add8898772 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 12:45:06 +0100 Subject: [PATCH 05/17] Fix branch name --- .github/workflows/update-proxy-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index d131eb8699..a3363b21a2 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -45,7 +45,7 @@ jobs: - name: Push changes and open PR shell: bash env: - BRANCH: "dependency-proxy/$RELEASE_TAG" + BRANCH: "dependency-proxy/${{ env.RELEASE_TAG }}" GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" run: | set -exu From 37a3fcc3af9cf362bf9cda779104e04e7b74db9d Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 12:45:26 +0100 Subject: [PATCH 06/17] Improve PR title formatting --- .github/workflows/update-proxy-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index a3363b21a2..c414a1c242 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -49,7 +49,7 @@ jobs: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" run: | set -exu - pr_title="Update release used by \`start-proxy\` to $RELEASE_TAG" + pr_title="Update release used by \`start-proxy\` to \`$RELEASE_TAG\`" pr_body=$(cat << EOF This PR updates the `start-proxy` action to use the private registry proxy binaries that are attached as release assets to the `$RELEASE_TAG` release. From c55fb0ab89a8b55674f0ae2704641f4d17361e9e Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 12:46:30 +0100 Subject: [PATCH 07/17] Fix `pr_body` contents --- .github/workflows/update-proxy-release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index c414a1c242..cda32086fc 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -51,13 +51,13 @@ jobs: set -exu pr_title="Update release used by \`start-proxy\` to \`$RELEASE_TAG\`" pr_body=$(cat << EOF - This PR updates the `start-proxy` action to use the private registry proxy binaries that - are attached as release assets to the `$RELEASE_TAG` release. + This PR updates the \`start-proxy\` action to use the private registry proxy binaries that + are attached as release assets to the \`$RELEASE_TAG\` release. Please do the following before merging: - - [ ] Verify that the changes to the code are correct. + - [ ] Verify that the changes to the code are correct. EOF ) From fcd0ad43d517b69a96cfa8cf0dfaf1470d3f6cb3 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 12:47:58 +0100 Subject: [PATCH 08/17] Start with `main` --- .github/workflows/update-proxy-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index cda32086fc..96e42b9e2b 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -28,6 +28,7 @@ jobs: uses: actions/checkout@v4 with: fetch-depth: 0 # ensure we have all tags and can push commits + ref: main - name: Update git config shell: bash From 46cafbca67362b3679572f160b23571248a1456b Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 12:56:13 +0100 Subject: [PATCH 09/17] Add missing `v` to regex --- .github/workflows/update-proxy-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index 96e42b9e2b..5cc07072d0 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -40,7 +40,7 @@ jobs: shell: bash run: | NOW=$(date +"%Y%m%d%H%M%S") # only used to make sure we don't fetch stale binaries from the toolcache - sed -i '' "s|https://github.com/github/codeql-action/releases/download/codeql-bundle-[0-9.]*/|https://github.com/github/codeql-action/releases/download/$RELEASE_TAG/|g" ./src/start-proxy-action.ts + sed -i '' "s|https://github.com/github/codeql-action/releases/download/codeql-bundle-v[0-9.]*/|https://github.com/github/codeql-action/releases/download/$RELEASE_TAG/|g" ./src/start-proxy-action.ts sed -i '' "s/\"v2.0.[0-9]*\"/\"v2.0.$NOW\"/g" ./src/start-proxy-action.ts - name: Push changes and open PR From e044b152ab374f73f124eca93fbcac405ca7dc01 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 14:49:06 +0100 Subject: [PATCH 10/17] Check that the release tag has the expected format --- .github/workflows/update-proxy-release.yml | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index 5cc07072d0..09320570bb 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -21,6 +21,14 @@ jobs: env: RELEASE_TAG: ${{ inputs.tag || 'codeql-bundle-v2.22.0' }} steps: + - name: Check release tag format + shell: bash + run: | + if ! [[ $RELEASE_TAG =~ ^codeql-bundle-v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + echo "Invalid release tag: expected a CodeQL bundle tag in the 'codeql-bundle-vM.N.P' format." + exit 1 + fi + - name: Install Node uses: actions/setup-node@v4 @@ -40,8 +48,8 @@ jobs: shell: bash run: | NOW=$(date +"%Y%m%d%H%M%S") # only used to make sure we don't fetch stale binaries from the toolcache - sed -i '' "s|https://github.com/github/codeql-action/releases/download/codeql-bundle-v[0-9.]*/|https://github.com/github/codeql-action/releases/download/$RELEASE_TAG/|g" ./src/start-proxy-action.ts - sed -i '' "s/\"v2.0.[0-9]*\"/\"v2.0.$NOW\"/g" ./src/start-proxy-action.ts + sed -i "s|https://github.com/github/codeql-action/releases/download/codeql-bundle-v[0-9.]\+/|https://github.com/github/codeql-action/releases/download/$RELEASE_TAG/|g" ./src/start-proxy-action.ts + sed -i "s/\"v2.0.[0-9]\+\"/\"v2.0.$NOW\"/g" ./src/start-proxy-action.ts - name: Push changes and open PR shell: bash From cce0287569a34dbba8933e3b66b47a357b218d6c Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 14:55:54 +0100 Subject: [PATCH 11/17] Check that the release exists --- .github/workflows/update-proxy-release.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index 09320570bb..9d9d9f4cbf 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -29,6 +29,13 @@ jobs: exit 1 fi + - name: Check that the release exists + shell: bash + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + run: | + (gh release view --repo ${{ github.event.repository.full_name }} --json "assets" "$RELEASE_TAG" && echo "Release found.") || exit 1 + - name: Install Node uses: actions/setup-node@v4 From 9ee60a6e32f5a5a81bf2e3a9fa596cdfc71feccb Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 14:58:00 +0100 Subject: [PATCH 12/17] Run on Ubuntu --- .github/workflows/update-proxy-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index 9d9d9f4cbf..82d479824d 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -14,7 +14,7 @@ jobs: update: name: Update code and create PR timeout-minutes: 15 - runs-on: macos-latest + runs-on: ubuntu-latest permissions: contents: write # needed to push the updated files pull-requests: write # needed to create the PR From 6a3692d673d8a04b729a8468fd331197ea69aea6 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 15:00:45 +0100 Subject: [PATCH 13/17] Construct target branch name in `checks` step --- .github/workflows/update-proxy-release.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index 82d479824d..b945a01f0f 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -22,6 +22,7 @@ jobs: RELEASE_TAG: ${{ inputs.tag || 'codeql-bundle-v2.22.0' }} steps: - name: Check release tag format + id: checks shell: bash run: | if ! [[ $RELEASE_TAG =~ ^codeql-bundle-v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then @@ -29,6 +30,8 @@ jobs: exit 1 fi + echo "target_branch=dependency-proxy/$RELEASE_TAG" >> $GITHUB_OUTPUT + - name: Check that the release exists shell: bash env: @@ -61,7 +64,6 @@ jobs: - name: Push changes and open PR shell: bash env: - BRANCH: "dependency-proxy/${{ env.RELEASE_TAG }}" GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" run: | set -exu @@ -77,16 +79,16 @@ jobs: EOF ) - git checkout -b "$BRANCH" + git checkout -b "${{ steps.checks.outputs.target_branch }}" npm run build git add ./src/start-proxy-action.ts git add ./lib git commit -m "$pr_title" - git push origin "$BRANCH" + git push origin "${{ steps.checks.outputs.target_branch }}" gh pr create \ - --head "$BRANCH" \ + --head "${{ steps.checks.outputs.target_branch }}" \ --base "main" \ --title "${pr_title}" \ --body "${pr_body}" \ From 0cec254fa194f63bd8da71136285050fd7d4be29 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 15:05:31 +0100 Subject: [PATCH 14/17] Use `--dry-run` for non-`workflow_dispatch` events --- .github/workflows/update-proxy-release.yml | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index b945a01f0f..47bacbf151 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -61,6 +61,17 @@ jobs: sed -i "s|https://github.com/github/codeql-action/releases/download/codeql-bundle-v[0-9.]\+/|https://github.com/github/codeql-action/releases/download/$RELEASE_TAG/|g" ./src/start-proxy-action.ts sed -i "s/\"v2.0.[0-9]\+\"/\"v2.0.$NOW\"/g" ./src/start-proxy-action.ts + - name: Compile TypeScript and commit changes + shell: bash + run: | + set -exu + git checkout -b "${{ steps.checks.outputs.target_branch }}" + + npm run build + git add ./src/start-proxy-action.ts + git add ./lib + git commit -m "Update release used by \`start-proxy\` action" + - name: Push changes and open PR shell: bash env: @@ -79,17 +90,10 @@ jobs: EOF ) - git checkout -b "${{ steps.checks.outputs.target_branch }}" - - npm run build - git add ./src/start-proxy-action.ts - git add ./lib - git commit -m "$pr_title" - git push origin "${{ steps.checks.outputs.target_branch }}" gh pr create \ --head "${{ steps.checks.outputs.target_branch }}" \ --base "main" \ --title "${pr_title}" \ --body "${pr_body}" \ - --draft + ${{ (github.event_name == 'workflow_dispatch' && '--draft') || '--dry-run' }} From 6e22e41a25249a484a4a9189e9cd595569e80f0e Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 23 Jun 2025 15:05:50 +0100 Subject: [PATCH 15/17] Add reminder to mark PR as ready for review to trigger CI --- .github/workflows/update-proxy-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index 47bacbf151..3d0e9209e8 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -87,6 +87,7 @@ jobs: Please do the following before merging: - [ ] Verify that the changes to the code are correct. + - [ ] Mark the PR as ready for review to trigger the CI. EOF ) From bbfc5bef5badead8851e78df27b8a0c70505743b Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Tue, 24 Jun 2025 11:30:24 +0100 Subject: [PATCH 16/17] Replace inline expressions with environment variables --- .github/workflows/update-proxy-release.yml | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index 3d0e9209e8..2979913490 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -37,7 +37,7 @@ jobs: env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" run: | - (gh release view --repo ${{ github.event.repository.full_name }} --json "assets" "$RELEASE_TAG" && echo "Release found.") || exit 1 + (gh release view --repo "$GITHUB_REPOSITORY" --json "assets" "$RELEASE_TAG" && echo "Release found.") || exit 1 - name: Install Node uses: actions/setup-node@v4 @@ -63,9 +63,11 @@ jobs: - name: Compile TypeScript and commit changes shell: bash + env: + TARGET_BRANCH: ${{ steps.checks.outputs.target_branch }} run: | set -exu - git checkout -b "${{ steps.checks.outputs.target_branch }}" + git checkout -b "$TARGET_BRANCH" npm run build git add ./src/start-proxy-action.ts @@ -76,6 +78,8 @@ jobs: shell: bash env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + TARGET_BRANCH: ${{ steps.checks.outputs.target_branch }} + PR_FLAG: ${{ (github.event_name == 'workflow_dispatch' && '--draft') || '--dry-run' }} run: | set -exu pr_title="Update release used by \`start-proxy\` to \`$RELEASE_TAG\`" @@ -91,10 +95,10 @@ jobs: EOF ) - git push origin "${{ steps.checks.outputs.target_branch }}" + git push origin "$TARGET_BRANCH" gh pr create \ - --head "${{ steps.checks.outputs.target_branch }}" \ + --head "$TARGET_BRANCH" \ --base "main" \ --title "${pr_title}" \ --body "${pr_body}" \ - ${{ (github.event_name == 'workflow_dispatch' && '--draft') || '--dry-run' }} + $PR_FLAG From 2e3b93fe41263fbfb6eb096825b4d14bd8aed22c Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Tue, 24 Jun 2025 11:34:13 +0100 Subject: [PATCH 17/17] Remove push trigger that was used for testing --- .github/workflows/update-proxy-release.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/update-proxy-release.yml b/.github/workflows/update-proxy-release.yml index 2979913490..9e294f1789 100644 --- a/.github/workflows/update-proxy-release.yml +++ b/.github/workflows/update-proxy-release.yml @@ -1,8 +1,5 @@ name: Update dependency proxy release assets on: - push: - branches: - - mbg/update-proxy-binaries # for testing workflow_dispatch: inputs: tag: @@ -19,7 +16,7 @@ jobs: contents: write # needed to push the updated files pull-requests: write # needed to create the PR env: - RELEASE_TAG: ${{ inputs.tag || 'codeql-bundle-v2.22.0' }} + RELEASE_TAG: ${{ inputs.tag }} steps: - name: Check release tag format id: checks