GitHub action run showing incorrect workflow definition

Hi,

When using a workflow with pull_request_target the workflow definition shown in the UI for a workflow run is sometimes different from the workflow definition actually being run.

To reproduce:

The problem:

  • Create a branch branch-X from master, but branch of from the commit which has v1 of the workflow
  • Commit something to the branch, for example an empty test.txt.
  • Push branch
  • Create PR
  • Observe the workflow action will run on the PR.
  • Observe in the logs that the correct v2 version of the workflow is run.
  • Observe that in the UI the workflow definition v1 is shown, which includes the docker login step.

UI showing old v1 workflow: https://github.com/DefectDojo/django-DefectDojo/actions/runs/392263966/workflow
UI showing logs shows correct v2 workflow: https://github.com/DefectDojo/django-DefectDojo/runs/1475796185?check_suite_focus=true

So the UI is showing the wrong workflow definition. This seems to suggest the old / previous version of the workflow is being run. But when you check the logs of the run, it shows that the correct version has been run (without the docker login step, that was removed in v2).

Valentijn