From a1541824c8a223e7cc55fde5f34caff6bcc635ce Mon Sep 17 00:00:00 2001
From: miampf <miampf@proton.me>
Date: Wed, 5 Feb 2025 15:24:08 +0100
Subject: [PATCH] reference selection

---
 .../workflows/check-measurements-reproducibility.yml  | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/check-measurements-reproducibility.yml b/.github/workflows/check-measurements-reproducibility.yml
index 1e9ad5564..6a8d62deb 100644
--- a/.github/workflows/check-measurements-reproducibility.yml
+++ b/.github/workflows/check-measurements-reproducibility.yml
@@ -3,15 +3,22 @@ on:
   release:
     types: [created]
   workflow_dispatch:
+    inputs:
+      releasetag:
+        type: string
+        description: The release to checkout and download.
+        required: true
 
 jobs:
   check-reproducibility:
     runs-on: ubuntu-22.04
+    env:
+      REF: ${{ github.event_name == 'workflow_dispatch' ? github.event.inputs.releasetag : github.event.release.tag_name }}
     steps:
       - name: Checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
-          ref: ${{ github.event.release.tag_name }}
+          ref: ${{ env.REF }}
       - name: Set up bazel
         uses: ./.github/actions/setup_bazel_nix
         with:
@@ -33,7 +40,7 @@ jobs:
           cd $(mktemp -d)
 
           echo "Downloading release measurements"
-          curl -O https://cdn.confidential.cloud/constellation/v2/ref/-/stream/stable/v2.20.0/image/measurements.json
+          curl -O https://cdn.confidential.cloud/constellation/v2/ref/-/stream/stable/${{ env.REF }}/image/measurements.json
 
           # compare all measurements with our own
           for directory in $buildPath/system/!(mkosi_wrapper.sh); do