feat: Allow updater to target non-default branches

.github/workflows/workflow-tests.yml

@@ -73,6 +73,70 @@ jobs:
 
           echo "✅ PR creation scenario validation passed!"
 
+  # Test target-branch functionality - should use specified branch as base
+  updater-target-branch:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Run updater action with target-branch
+        id: updater
+        uses: ./updater
+        with:
+          path: updater/tests/sentry-cli.properties
+          name: TARGET-BRANCH-TEST-DO-NOT-MERGE
+          pattern: '^2\.0\.'
+          target-branch: test/nonbot-commits
+          pr-strategy: update
+          api-token: ${{ github.token }}
+
+      - name: Validate target-branch outputs
+        env:
+          BASE_BRANCH: ${{ steps.updater.outputs.baseBranch }}
+          ORIGINAL_TAG: ${{ steps.updater.outputs.originalTag }}
+          LATEST_TAG: ${{ steps.updater.outputs.latestTag }}
+          PR_URL: ${{ steps.updater.outputs.prUrl }}
+          PR_BRANCH: ${{ steps.updater.outputs.prBranch }}
+        run: |
+          echo "🔍 Validating target-branch scenario outputs..."
+          echo "Base Branch: '$BASE_BRANCH'"
+          echo "Original Tag: '$ORIGINAL_TAG'"
+          echo "Latest Tag: '$LATEST_TAG'"
+          echo "PR URL: '$PR_URL'"
+          echo "PR Branch: '$PR_BRANCH'"
+
+          # Validate base branch is the specified target-branch
+          if [[ "$BASE_BRANCH" != "test/nonbot-commits" ]]; then
+            echo "❌ Expected base branch 'test/nonbot-commits', got '$BASE_BRANCH'"
+            exit 1
+          fi
+
+          # Validate original tag is expected test value
+          if [[ "$ORIGINAL_TAG" != "2.0.0" ]]; then
+            echo "❌ Expected original tag '2.0.0', got '$ORIGINAL_TAG'"
+            exit 1
+          fi
+
+          # Validate latest tag is a valid version
+          if [[ ! "$LATEST_TAG" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            echo "❌ Latest tag '$LATEST_TAG' is not a valid version format"
+            exit 1
+          fi
+
+          # Validate PR URL format
+          if [[ ! "$PR_URL" =~ ^https://github\.com/getsentry/github-workflows/pull/[0-9]+$ ]]; then
+            echo "❌ PR URL '$PR_URL' is not a valid GitHub PR URL"
+            exit 1
+          fi
+
+          # Validate PR branch format
+          if [[ "$PR_BRANCH" != "test/nonbot-commits-deps/updater/tests/sentry-cli.properties" ]]; then
+            echo "❌ Expected PR branch 'test/nonbot-commits-deps/updater/tests/sentry-cli.properties', got '$PR_BRANCH'"
+            exit 1
+          fi
+
+          echo "✅ Target-branch scenario validation passed!"
+
   # Test no-change scenario - should detect no updates needed
   updater-no-changes:
     runs-on: macos-latest

CHANGELOG.md

@@ -44,6 +44,7 @@ To update your existing Danger workflows:
 
 ### Features
 
+- Updater now supports targeting non-default branches via the new `target-branch` input parameter ([#118](https://github.com/getsentry/github-workflows/pull/118))
 - Updater now supports filtering releases by GitHub release title patterns, e.g. to support release channels ([#117](https://github.com/getsentry/github-workflows/pull/117))
 - Updater now supports dependencies without changelog files by falling back to git commit messages ([#116](https://github.com/getsentry/github-workflows/pull/116))
 - Danger - Improve conventional commit scope handling, and non-conventional PR title support ([#105](https://github.com/getsentry/github-workflows/pull/105))

updater/README.md

@@ -82,6 +82,19 @@ jobs:
           path: vendor/dependencies.cmake#googletest
           name: GoogleTest
           api-token: ${{ secrets.CI_DEPLOY_KEY }}
+
+  # Update dependencies on a non-default branch (e.g., alpha, beta, or version branches)
+  # Note: due to limitations in GitHub Actions' schedule trigger, this code needs to be pushed to the default branch.
+  cocoa-v7:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: getsentry/github-workflows/updater@v3
+        with:
+          path: modules/sentry-cocoa
+          name: Cocoa SDK
+          target-branch: v7
+          pattern: '^1\.'  # Limit to major version '1'
+          api-token: ${{ secrets.CI_DEPLOY_KEY }}
 ```
 
 ## Inputs
@@ -118,6 +131,10 @@ jobs:
   Can be either of the following:
   * `create` (default) - create a new PR for new dependency versions as they are released - maintainers may merge or close older PRs manually
   * `update` - keep a single PR that gets updated with new dependency versions until merged - only the latest version update is available at any time
+* `target-branch`: Branch to use as base for dependency updates. Defaults to repository default branch if not specified.
+  * type: string
+  * required: false
+  * default: '' (uses repository default branch)
 * `api-token`: Token for the repo. Can be passed in using `${{ secrets.GITHUB_TOKEN }}`.
   If you provide the usual `${{ github.token }}`, no followup CI will run on the created PR.
   If you want CI to run on the PRs created by the Updater, you need to provide custom user-specific auth token.
@@ -139,4 +156,4 @@ If you're migrating from the v2 reusable workflow, see the [changelog migration
 Key changes:
 - Add `runs-on` to specify the runner
 - Move `secrets.api-token` to `with.api-token`
-- No need for explicit `actions/checkout` step (handled internally)
+- No need for explicit `actions/checkout` step (handled internally)

updater/action.yml

@@ -29,6 +29,10 @@ inputs:
     description: 'How to handle PRs - can be either "create" (create new PRs for each version) or "update" (keep single PR updated with latest version)'
     required: false
     default: 'create'
+  target-branch:
+    description: 'Branch to use as base for dependency updates. Defaults to repository default branch if not specified.'
+    required: false
+    default: ''
   api-token:
     description: 'Token for the repo. Can be passed in using {{ secrets.GITHUB_TOKEN }}'
     required: true
@@ -53,11 +57,6 @@ outputs:
 runs:
   using: 'composite'
   steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
-      with:
-        token: ${{ inputs.api-token }}
-
     - name: Cancel Previous Runs
       uses: styfle/cancel-workflow-action@85880fa0301c86cca9da44039ee3bb12d3bedbfa # Tag: 0.12.1
       with:
@@ -104,10 +103,13 @@ runs:
       uses: actions/checkout@v4
       with:
         token: ${{ inputs.api-token }}
+        ref: ${{ inputs.target-branch || github.ref }}
+        path: caller-repo
 
     - name: Update to the latest version
       id: target
       shell: pwsh
+      working-directory: caller-repo
       env:
         DEPENDENCY_PATH: ${{ inputs.path }}
         DEPENDENCY_PATTERN: ${{ inputs.pattern }}
@@ -119,17 +121,26 @@ runs:
       if: steps.target.outputs.latestTag != steps.target.outputs.originalTag
       id: root
       shell: pwsh
+      working-directory: caller-repo
       env:
         PR_STRATEGY: ${{ inputs.pr-strategy }}
         DEPENDENCY_PATH: ${{ inputs.path }}
+        TARGET_BRANCH: ${{ inputs.target-branch }}
       run: |
-        $mainBranch = $(git remote show origin | Select-String "HEAD branch: (.*)").Matches[0].Groups[1].Value
+        if ([string]::IsNullOrEmpty($env:TARGET_BRANCH)) {
+            $mainBranch = $(git remote show origin | Select-String "HEAD branch: (.*)").Matches[0].Groups[1].Value
+            $prBranchPrefix = ''
+        } else {
+            $mainBranch = $env:TARGET_BRANCH
+            $prBranchPrefix = "$mainBranch-"
+        }
         $prBranch = switch ($env:PR_STRATEGY)
         {
             'create' { "deps/$env:DEPENDENCY_PATH/${{ steps.target.outputs.latestTag }}" }
             'update' { "deps/$env:DEPENDENCY_PATH" }
             default { throw "Unkown PR strategy '$env:PR_STRATEGY'." }
         }
+        $prBranch = $prBranchPrefix + $prBranch
         "baseBranch=$mainBranch" | Tee-Object $env:GITHUB_OUTPUT -Append
         "prBranch=$prBranch" | Tee-Object $env:GITHUB_OUTPUT -Append
         $nonBotCommits = ${{ github.action_path }}/scripts/nonbot-commits.ps1 `
@@ -144,9 +155,10 @@ runs:
     - name: Parse the existing PR URL
       if: ${{ ( steps.target.outputs.latestTag != steps.target.outputs.originalTag ) && ( steps.root.outputs.changed == 'false') }}
       id: existing-pr
+      shell: pwsh
+      working-directory: caller-repo
       env:
         GH_TOKEN: ${{ inputs.api-token }}
-      shell: pwsh
       run: |
         $urls = @(gh api 'repos/${{ github.repository }}/pulls?base=${{ steps.root.outputs.baseBranch }}&head=${{ github.repository_owner }}:${{ steps.root.outputs.prBranch }}' --jq '.[].html_url')
         if ($urls.Length -eq 0)
@@ -165,11 +177,13 @@ runs:
     - name: Show git diff
       if: ${{ ( steps.target.outputs.latestTag != steps.target.outputs.originalTag ) && ( steps.existing-pr.outputs.url == '') && ( steps.root.outputs.changed == 'false') }}
       shell: bash
+      working-directory: caller-repo
       run: git --no-pager diff
 
     - name: Get target changelog
       if: ${{ ( steps.target.outputs.latestTag != steps.target.outputs.originalTag ) && ( steps.root.outputs.changed == 'false') }}
       shell: pwsh
+      working-directory: caller-repo
       env:
         GH_TOKEN: ${{ inputs.api-token }}
       run: |
@@ -188,6 +202,7 @@ runs:
         DEPENDENCY_PATH: ${{ inputs.path }}
         DEPENDENCY_NAME: ${{ inputs.name }}
       with:
+        path: caller-repo
         base: ${{ steps.root.outputs.baseBranch }}
         branch: ${{ steps.root.outputs.prBranch }}
         commit-message: 'chore: update ${{ env.DEPENDENCY_PATH }} to ${{ steps.target.outputs.latestTag }}'
@@ -204,6 +219,7 @@ runs:
       if: ${{ ( steps.target.outputs.latestTag != steps.target.outputs.originalTag ) && ( steps.root.outputs.changed == 'false') }}
       id: pr
       shell: pwsh
+      working-directory: caller-repo
       run: |
         if ('${{ steps.create-pr.outputs.pull-request-url }}' -ne '')
         {
@@ -225,10 +241,13 @@ runs:
       uses: actions/checkout@v4
       with:
         token: ${{ inputs.api-token }}
+        ref: ${{ inputs.target-branch || github.ref }}
+        path: caller-repo
 
     - name: 'After new PR: redo the update'
       if: ${{ ( steps.target.outputs.latestTag != steps.target.outputs.originalTag ) && ( steps.existing-pr.outputs.url == '') && ( steps.root.outputs.changed == 'false') }}
       shell: pwsh
+      working-directory: caller-repo
       env:
         DEPENDENCY_PATH: ${{ inputs.path }}
         GH_TOKEN: ${{ inputs.api-token }}
@@ -237,6 +256,7 @@ runs:
     - name: Update Changelog
       if: ${{ inputs.changelog-entry && ( steps.target.outputs.latestTag != steps.target.outputs.originalTag ) && ( steps.root.outputs.changed == 'false') }}
       shell: pwsh
+      working-directory: caller-repo
       env:
         DEPENDENCY_NAME: ${{ inputs.name }}
         CHANGELOG_SECTION: ${{ inputs.changelog-section }}
@@ -254,6 +274,7 @@ runs:
     - name: Show final git diff
       if: ${{ ( steps.target.outputs.latestTag != steps.target.outputs.originalTag ) && ( steps.root.outputs.changed == 'false') }}
       shell: bash
+      working-directory: caller-repo
       run: git --no-pager diff
 
     # Now make the PR in its final state. This way we only have one commit and no updates if there are no changes between runs.
@@ -265,6 +286,7 @@ runs:
         DEPENDENCY_PATH: ${{ inputs.path }}
         DEPENDENCY_NAME: ${{ inputs.name }}
       with:
+        path: caller-repo
         base: ${{ steps.root.outputs.baseBranch }}
         branch: ${{ steps.root.outputs.prBranch }}
         commit-message: 'chore: update ${{ env.DEPENDENCY_PATH }} to ${{ steps.target.outputs.latestTag }}'