From e7b0a65efb66476c9572f4e3e92ffee95c8a14d7 Mon Sep 17 00:00:00 2001
From: miampf <miampf@proton.me>
Date: Thu, 27 Feb 2025 11:07:54 +0100
Subject: [PATCH] double checkout

---
 .../check_measurements_reproducibility/action.yml     | 11 ++++++++++-
 .../workflows/check-measurements-reproducibility.yml  |  5 ++---
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/.github/actions/check_measurements_reproducibility/action.yml b/.github/actions/check_measurements_reproducibility/action.yml
index df3bd6b94..a52908340 100644
--- a/.github/actions/check_measurements_reproducibility/action.yml
+++ b/.github/actions/check_measurements_reproducibility/action.yml
@@ -6,10 +6,19 @@ inputs:
     type: string
     description: The version of the measurements that are downloaded from the CDN.
     required: true
+  ref:
+    type: string
+    description: The git ref to check out. You probably want this to be the tag of the release you are testing.
+    required: true
 
 runs:
   using: "composite"
   steps:
+    - name: Checkout
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      with:
+        ref: ${{ inputs.ref }}
+
     - name: Set up bazel
       uses: ./.github/actions/setup_bazel_nix
       with:
@@ -32,7 +41,7 @@ runs:
 
     - name: Download measurements
       run: |
-        curl -O https://cdn.confidential.cloud/constellation/v2/ref/-/stream/stable/${{ github.event.inputs.version }}/image/measurements.json
+        curl -O https://cdn.confidential.cloud/constellation/v2/ref/-/stream/stable/${{ inputs.version }}/image/measurements.json
     
     - name: Cleanup release measurements and generate our own
       run: |
diff --git a/.github/workflows/check-measurements-reproducibility.yml b/.github/workflows/check-measurements-reproducibility.yml
index 8bd867b34..b0ef25560 100644
--- a/.github/workflows/check-measurements-reproducibility.yml
+++ b/.github/workflows/check-measurements-reproducibility.yml
@@ -27,10 +27,9 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          ref: ${{ github.event.inputs.ref }}
-
+        
       - name: Check reproducibility
         uses: ./.github/actions/check_measurements_reproducibility
         with:
           version: ${{ github.event.inputs.version }}
+          ref: ${{ github.event.inputs.ref }}