From 5529895301e968e8f3b13d9e8e582e735d68f0cd Mon Sep 17 00:00:00 2001 From: Chris Burns <29541485+ChrisJBurns@users.noreply.github.com> Date: Fri, 16 Jan 2026 00:16:49 +0000 Subject: [PATCH] Download binary to runner temp directory Download and extract releaseo binary to ${{ runner.temp }} instead of the workspace directory. This prevents the binary and archive contents (LICENSE, README.md) from appearing in git status and being committed to release PRs. Co-Authored-By: Claude Opus 4.5 --- action.yml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/action.yml b/action.yml index 0f24bc5..2e7699e 100644 --- a/action.yml +++ b/action.yml @@ -84,20 +84,21 @@ runs: *) echo "::error::Unsupported architecture: $ARCH"; exit 1 ;; esac - # Download the binary + # Download the binary to runner temp directory (outside workspace) ASSET_NAME="releaseo_${VERSION#v}_${OS}_${ARCH}.tar.gz" ASSET_URL="https://github.com/stacklok/releaseo/releases/download/${VERSION}/${ASSET_NAME}" echo "Downloading releaseo ${VERSION} for ${OS}/${ARCH}..." - if ! curl -sSL --fail -o releaseo.tar.gz "$ASSET_URL"; then + if ! curl -sSL --fail -o "${{ runner.temp }}/releaseo.tar.gz" "$ASSET_URL"; then echo "::error::Failed to download releaseo ${VERSION}. Ensure the release exists: https://github.com/stacklok/releaseo/releases/tag/${VERSION}" exit 1 fi - tar xzf releaseo.tar.gz - chmod +x releaseo - rm releaseo.tar.gz + # Extract only the binary (archive also contains LICENSE and README.md which we don't want) + tar xzf "${{ runner.temp }}/releaseo.tar.gz" -C "${{ runner.temp }}" releaseo + chmod +x "${{ runner.temp }}/releaseo" + rm "${{ runner.temp }}/releaseo.tar.gz" echo "Successfully downloaded releaseo ${VERSION}" @@ -123,4 +124,4 @@ runs: ARGS+=(--version-files="$VERSION_FILES_JSON") fi - ./releaseo "${ARGS[@]}" + "${{ runner.temp }}/releaseo" "${ARGS[@]}"