@@ -266,6 +266,35 @@ runs:
266266 with :
267267 clean : false
268268 if : ${{ github.event_name != 'issue_comment' && inputs.configure-checkout == 'true' }}
269+
270+ - uses : actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
271+ with :
272+ clean : false
273+ repository : ${{ env.action_repository }}
274+ ref : ${{ env.action_ref }}
275+ path : digger-action-repo
276+ env :
277+ action_repository : ${{ github.action_repository }}
278+ action_ref : ${{ github.action_ref }}
279+
280+ - name : Get release tag
281+ id : get_release_tag
282+ shell : bash
283+ working-directory : digger-action-repo
284+ run : |
285+ # Fetch tags
286+ git fetch --prune --unshallow --tags
287+ # Collect tags pointing exactly at this commit, sorted by version (highest first)
288+ tags="$(git tag --points-at HEAD --sort=-v:refname || true)"
289+ echo "Tags: $tags"
290+ # Keep only tags that are SemVer starting with 'v' (e.g., v1.2.3, v1.2.3-rc.1, v1.2.3+meta)
291+ semvers="$(printf '%s\n' "$tags" | grep -E "^v(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)(-[0-9A-Za-z.-]+)?(\+[0-9A-Za-z.-]+)?$" || true)"
292+ echo "SemVers: $semvers"
293+ # Pick the first (highest) match if any
294+ tag="$(printf '%s\n' "$semvers" | head -n 1)"
295+ echo "Tag: $tag"
296+ echo "tag=$tag" >> "$GITHUB_OUTPUT"
297+
269298name : Set up Google Auth Using A Service Account Key
270299 uses : google-github-actions/auth@c200f3691d83b41bf9bbd8638997a462592937ed # v2.1.13
271300 with :
@@ -396,15 +425,15 @@ runs:
396425 with :
397426 go-version-file : " ${{ github.action_path }}/cli/go.mod"
398427 cache : false
399- if : ${{ !startsWith(github.action_ref, 'v') }}
428+ if : ${{ steps.get_release_tag.outputs.tag == '' }}
400429
401430 - name : Determine Golang cache paths
402431 id : golang-env
403432 run : |
404433 echo "build-cache-path=$(go env GOCACHE)" >>"$GITHUB_OUTPUT"
405434 echo "module-cache-path=$(go env GOMODCACHE)" >>"$GITHUB_OUTPUT"
406435shell : bash
407- if : ${{ !startsWith(github.action_ref, 'v') }}
436+ if : ${{ steps.get_release_tag.outputs.tag == '' }}
408437
409438 - name : Copy Digger CLI go.sum for cache key
410439 run : |
@@ -416,7 +445,7 @@ runs:
416445 cp "$GITHUB_ACTION_PATH/cli/go.sum" "$GITHUB_WORKSPACE/.digger.go.sum"
417446 fi
418447shell : bash
419- if : ${{ !startsWith(github.action_ref, 'v') }}
448+ if : ${{ steps.get_release_tag.outputs.tag == '' }}
420449
421450 - name : Adding required env vars for next step
422451 uses : actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7.1.0
@@ -434,7 +463,7 @@ runs:
434463shell : bash
435464
436465 - name : build and run digger
437- if : ${{ !startsWith(github.action_ref, 'v') && inputs.local-dev-mode == 'false' }}
466+ if : ${{ steps.get_release_tag.outputs.tag == '' && inputs.local-dev-mode == 'false' }}
438467 shell : bash
439468 env :
440469 PLAN_UPLOAD_DESTINATION : ${{ inputs.upload-plan-destination }}
@@ -486,9 +515,9 @@ runs:
486515 digger
487516
488517name : run digger
489- if : ${{ startsWith(github.action_ref, 'v') && inputs.local-dev-mode == 'false' }}
518+ if : ${{ steps.get_release_tag.outputs.tag != '' && inputs.local-dev-mode == 'false' }}
490519 env :
491- actionref : ${{ github.action_ref }}
520+ tag : ${{ steps.get_release_tag.outputs.tag }}
492521 PLAN_UPLOAD_DESTINATION : ${{ inputs.upload-plan-destination }}
493522 PLAN_UPLOAD_S3_ENCRYPTION_ENABLED : ${{ inputs.upload-plan-destination-s3-encryption-enabled }}
494523 PLAN_UPLOAD_S3_ENCRYPTION_TYPE : ${{ inputs.upload-plan-destination-s3-encryption-type }}
@@ -525,16 +554,16 @@ runs:
525554 set -euo pipefail
526555
527556 echo "🔧 Downloading Digger CLI..."
528- echo "Runner OS: ${{ runner.os }}, Arch: ${{ runner.arch }}, Action Ref: ${actionref }"
557+ echo "Runner OS: ${{ runner.os }}, Arch: ${{ runner.arch }}, Action Ref: ${tag }"
529558
530559 if [[ ${{ inputs.ee }} == "true" ]]; then
531560 if [[ ${{ inputs.fips }} == "true" ]]; then
532- DOWNLOAD_URL="https://github.com/diggerhq/digger/releases/download/${actionref }/digger-ee-cli-${{ runner.os }}-${{ runner.arch }}-fips"
561+ DOWNLOAD_URL="https://github.com/diggerhq/digger/releases/download/${tag }/digger-ee-cli-${{ runner.os }}-${{ runner.arch }}-fips"
533562 else
534- DOWNLOAD_URL="https://github.com/diggerhq/digger/releases/download/${actionref }/digger-ee-cli-${{ runner.os }}-${{ runner.arch }}"
563+ DOWNLOAD_URL="https://github.com/diggerhq/digger/releases/download/${tag }/digger-ee-cli-${{ runner.os }}-${{ runner.arch }}"
535564 fi
536565 else
537- DOWNLOAD_URL="https://github.com/diggerhq/digger/releases/download/${actionref }/digger-cli-${{ runner.os }}-${{ runner.arch }}"
566+ DOWNLOAD_URL="https://github.com/diggerhq/digger/releases/download/${tag }/digger-cli-${{ runner.os }}-${{ runner.arch }}"
538567 fi
539568
540569 echo "Downloading from: $DOWNLOAD_URL"
@@ -543,12 +572,12 @@ runs:
543572 echo "Failed to download Digger CLI from $DOWNLOAD_URL"
544573 echo ""
545574 echo "Possible reasons:"
546- echo "1. The release ${actionref } might not exist"
575+ echo "1. The release ${tag } might not exist"
547576 echo "2. Binary for ${{ runner.os }}-${{ runner.arch }} might not be available"
548577 echo "3. Network connectivity issues"
549578 echo ""
550579 echo "Suggestions:"
551- echo "- Check if release ${actionref } exists at: https://github.com/diggerhq/digger/releases"
580+ echo "- Check if release ${tag } exists at: https://github.com/diggerhq/digger/releases"
552581 echo "- Verify the architecture combination is supported"
553582 echo "- Try using a different release version"
554583 exit 1
@@ -574,7 +603,6 @@ runs:
574603name : run digger in local dev mode
575604 if : ${{ inputs.local-dev-mode == 'true' }}
576605 env :
577- actionref : ${{ github.action_ref }}
578606 PLAN_UPLOAD_DESTINATION : ${{ inputs.upload-plan-destination }}
579607 PLAN_UPLOAD_S3_ENCRYPTION_ENABLED : ${{ inputs.upload-plan-destination-s3-encryption-enabled }}
580608 PLAN_UPLOAD_S3_ENCRYPTION_TYPE : ${{ inputs.upload-plan-destination-s3-encryption-type }}
0 commit comments