Fix readme

.github/workflows/cd-ecs.yml

@@ -17,14 +17,14 @@ name: |-
         with:
           image: registry.hub.docker.com/library/nginx
           tag: latest
-          repository: ${{ github.event.repository.name }}
+          repository: $\{\{ github.event.repository.name \}\}
           environment: dev
-          spacelift-organization: ${{ inputs.spacelift-organization }}
+          spacelift-organization: $\{\{ inputs.spacelift-organization \}\}
         secrets:
-          secret-outputs-passphrase: "${{ secrets.secret-outputs-passphrase }}"
-          github-private-actions-pat: "${{ secrets.github-private-actions-pat }}"
-          spacelift-api-key-id: "${{ secrets.spacelift-api-key-id }}"
-          spacelift-api-key-secret: "${{ secrets.spacelift-api-key-secret }}"
+          secret-outputs-passphrase: "$\{\{ secrets.secret-outputs-passphrase \}\}"
+          github-private-actions-pat: "$\{\{ secrets.github-private-actions-pat \}\}"
+          spacelift-api-key-id: "$\{\{ secrets.spacelift-api-key-id \}\}"
+          spacelift-api-key-secret: "$\{\{ secrets.spacelift-api-key-secret \}\}"
   ```
 
 on:

.github/workflows/cd-helmfile.yml

@@ -17,11 +17,11 @@ name: |-
         with:
           image: registry.hub.docker.com/library/nginx
           tag: latest
-          repository: ${{ github.event.repository.name }}
+          repository: $\{\{ github.event.repository.name \}\}
           environment: dev
         secrets:
-          secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
-          github-private-actions-pat: ${{ secrets.github-private-actions-pat }}
+          secret-outputs-passphrase: $\{\{ secrets.secret-outputs-passphrase \}\}
+          github-private-actions-pat: $\{\{ secrets.github-private-actions-pat \}\}
   ```
 
 on:

.github/workflows/cd-preview-ecs.yml

@@ -15,26 +15,26 @@ name: |-
     jobs:
       cd:
         uses: cloudposse/github-actions-workflows/.github/workflows/cd-preview-ecs.yml@main
-        if: ${{ always() }}
+        if: $\{\{ always() \}\}
         with:
           image: registry.hub.docker.com/library/nginx
           tag: latest
-          repository: ${{ github.event.repository.name }}
-          spacelift-organization: ${{ inputs.spacelift-organization }}
-          open: ${{ github.event.pull_request.state == 'open' }}
-          labels: ${{ toJSON(github.event.pull_request.labels.*.name) }}
-          ref: ${{ github.event.pull_request.head.ref }}
+          repository: $\{\{ github.event.repository.name \}\}
+          spacelift-organization: $\{\{ inputs.spacelift-organization \}\}
+          open: $\{\{ github.event.pull_request.state == 'open' \}\}
+          labels: $\{\{ toJSON(github.event.pull_request.labels.*.name) \}\}
+          ref: $\{\{ github.event.pull_request.head.ref \}\}
           exclusive: true
           env-label: |
             qa1: deploy/qa1
             qa2: deploy/qa2
             qa3: deploy/qa3
             qa4: deploy/qa4
         secrets:
-          secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
-          github-private-actions-pat: ${{ secrets.github-private-actions-pat }}
-          spacelift-api-key-id: "${{ secrets.spacelift-api-key-id }}"
-          spacelift-api-key-secret: "${{ secrets.spacelift-api-key-secret }}"  
+          secret-outputs-passphrase: $\{\{ secrets.secret-outputs-passphrase \}\}
+          github-private-actions-pat: $\{\{ secrets.github-private-actions-pat \}\}
+          spacelift-api-key-id: "$\{\{ secrets.spacelift-api-key-id \}\}"
+          spacelift-api-key-secret: "$\{\{ secrets.spacelift-api-key-secret \}\}"  
   ```
 
 on:

.github/workflows/cd-preview-helmfile.yml

@@ -15,20 +15,20 @@ name: |-
     jobs:
       cd:
         uses: cloudposse/github-actions-workflows/.github/workflows/cd-preview-helmfile.yml@main
-        if: ${{ always() }}
+        if: $\{\{ always() \}\}
         with:
           image: registry.hub.docker.com/library/nginx
           tag: latest
-          repository: ${{ github.event.repository.name }}
-          open: ${{ github.event.pull_request.state == 'open' }}
-          labels: ${{ toJSON(github.event.pull_request.labels.*.name) }}
-          ref: ${{ github.event.pull_request.head.ref }}
+          repository: $\{\{ github.event.repository.name \}\}
+          open: $\{\{ github.event.pull_request.state == 'open' \}\}
+          labels: $\{\{ toJSON(github.event.pull_request.labels.*.name) \}\}
+          ref: $\{\{ github.event.pull_request.head.ref \}\}
           exclusive: false
           env-label: |
             preview: deploy
         secrets:
-          secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
-          github-private-actions-pat: ${{ secrets.github-private-actions-pat }}
+          secret-outputs-passphrase: $\{\{ secrets.secret-outputs-passphrase \}\}
+          github-private-actions-pat: $\{\{ secrets.github-private-actions-pat \}\}
   ```
 
 on:

.github/workflows/ci-dockerized-app-build.yml

@@ -15,13 +15,13 @@ name: |-
       ci:
         uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-build.yml@main
         with:
-          organization: ${{ github.event.repository.owner.login }}
-          repository: ${{ github.event.repository.name }}
+          organization: $\{\{ github.event.repository.owner.login \}\}
+          repository: $\{\{ github.event.repository.name \}\}
         secrets:
-          ecr-region: ${{ secrets.ecr-region }}
-          ecr-iam-role: ${{ secrets.ecr-iam-role }}
-          registry: ${{ secrets.registry }}
-          secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
+          ecr-region: $\{\{ secrets.ecr-region \}\}
+          ecr-iam-role: $\{\{ secrets.ecr-iam-role \}\}
+          registry: $\{\{ secrets.registry \}\}
+          secret-outputs-passphrase: $\{\{ secrets.secret-outputs-passphrase \}\}
   ```
 on:
   workflow_call:

.github/workflows/ci-dockerized-app-promote-or-build.yml

@@ -15,14 +15,14 @@ name: |-
       ci:
         uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-promote-or-build.yml@main
         with:
-          organization: ${{ github.event.repository.owner.login }}
-          repository: ${{ github.event.repository.name }}
+          organization: $\{\{ github.event.repository.owner.login \}\}
+          repository: $\{\{ github.event.repository.name \}\}
           force-build: false
         secrets:
-          ecr-region: ${{ secrets.ecr-region }}
-          ecr-iam-role: ${{ secrets.ecr-iam-role }}
-          registry: ${{ secrets.registry }}
-          secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
+          ecr-region: $\{\{ secrets.ecr-region \}\}
+          ecr-iam-role: $\{\{ secrets.ecr-iam-role \}\}
+          registry: $\{\{ secrets.registry \}\}
+          secret-outputs-passphrase: $\{\{ secrets.secret-outputs-passphrase \}\}
   ```
 on:
   workflow_call:

.github/workflows/ci-dockerized-app-promote.yml

@@ -15,14 +15,14 @@ name: |-
       ci:
         uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-promote.yml@main
         with:
-          organization: ${{ github.event.repository.owner.login }}
-          repository: ${{ github.event.repository.name }}
-          version: ${{ github.event.release.tag_name }}
+          organization: $\{\{ github.event.repository.owner.login \}\}
+          repository: $\{\{ github.event.repository.name \}\}
+          version: $\{\{ github.event.release.tag_name \}\}
         secrets:
-          ecr-region: ${{ secrets.ecr-region }}
-          ecr-iam-role: ${{ secrets.ecr-iam-role }}
-          registry: ${{ secrets.registry }}
-          secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
+          ecr-region: $\{\{ secrets.ecr-region \}\}
+          ecr-iam-role: $\{\{ secrets.ecr-iam-role \}\}
+          registry: $\{\{ secrets.registry \}\}
+          secret-outputs-passphrase: $\{\{ secrets.secret-outputs-passphrase \}\}
 
   ```
 

.github/workflows/ci-dockerized-app-verify.yml

@@ -15,14 +15,14 @@ name: |-
       ci:
         uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-verify.yml@main
         with:
-          organization: ${{ github.event.repository.owner.login }}
-          repository: ${{ github.event.repository.name }}
-          version: ${{ github.event.release.tag_name }}
+          organization: $\{\{ github.event.repository.owner.login \}\}
+          repository: $\{\{ github.event.repository.name \}\}
+          version: $\{\{ github.event.release.tag_name \}\}
         secrets:
-          ecr-region: ${{ secrets.ecr-region }}
-          ecr-iam-role: ${{ secrets.ecr-iam-role }}
-          registry: ${{ secrets.registry }}
-          secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
+          ecr-region: $\{\{ secrets.ecr-region \}\}
+          ecr-iam-role: $\{\{ secrets.ecr-iam-role \}\}
+          registry: $\{\{ secrets.registry \}\}
+          secret-outputs-passphrase: $\{\{ secrets.secret-outputs-passphrase \}\}
 
   ```
 

.github/workflows/controller-draft-release.yml

@@ -13,20 +13,23 @@ name: |-
 
     jobs:
       do:
-        uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-verify.yml@main
+        uses:  cloudposse/github-actions-workflows/.github/workflows/controller-draft-release.yml@main
         with:
-          organization: ${{ github.event.repository.owner.login }}
-          repository: ${{ github.event.repository.name }}
-          version: ${{ github.event.release.tag_name }}
+          ref: ${{ github.sha }}
         secrets:
-          ecr-region: ${{ secrets.ecr-region }}
-          ecr-iam-role: ${{ secrets.ecr-iam-role }}
-          registry: ${{ secrets.registry }}
-          secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
+          github-private-actions-pat: $\{\{ secrets.github-private-actions-pat \}\}
+
   ```
 
 on:
   workflow_call:
+    inputs:
+      ref:
+        description: "The release target, i.e. branch or commit it should point to"
+        required: false
+        default: ${{ github.sha }}
+        type: string
+
     secrets:
       github-private-actions-pat:
         description: "Github PAT allow to create release"
@@ -42,5 +45,6 @@ jobs:
           publish: false
           prerelease: false
           config-name: configs/draft-release.yml
+          commitish: ${{ github.sha }}
         env:
           GITHUB_TOKEN: ${{ secrets.github-private-actions-pat }}

.github/workflows/controller-hotfix-reintegrate.yml

@@ -15,10 +15,10 @@ name: |-
       do:
         uses: cloudposse/github-action-workflows/.github/workflows/controller-hotfix-reintegrate.yml@main
         with:
-          ref: ${{ github.ref }}
+          ref: $\{\{ github.ref \}\}
           target_branch: main
         secrets:
-          github-private-actions-pat: ${{ secrets.github-private-actions-pat }}
+          github-private-actions-pat: $\{\{ secrets.github-private-actions-pat \}\}
   ```
 
 on:

.github/workflows/controller-hotfix-release-branch.yml

@@ -15,7 +15,7 @@ name: |-
       do:
         uses: cloudposse/github-action-workflows/.github/workflows/controller-hotfix-release-branch.yml@main
         with:
-          version: ${{ github.event.release.tag_name }}
+          version: $\{\{ github.event.release.tag_name \}\}
   ```  
 
 on:

.github/workflows/controller-hotfix-release.yml

@@ -14,7 +14,7 @@ name: |-
       do:
         uses: cloudposse/github-action-workflows/.github/workflows/controller-hotfix-release.yml@main
         with:
-          ref: ${{ github.ref }}
+          ref: $\{\{ github.ref \}\}
   ```
 
 on:

README.md

@@ -590,20 +590,22 @@ Create or update draft release
 
   jobs:
     do:
-      uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-verify.yml@main
+      uses:  cloudposse/github-actions-workflows/.github/workflows/controller-draft-release.yml@main
       with:
-        organization: ${{ github.event.repository.owner.login }}
-        repository: ${{ github.event.repository.name }}
-        version: ${{ github.event.release.tag_name }}
+        ref: ${{ github.sha }}
       secrets:
-        ecr-region: ${{ secrets.ecr-region }}
-        ecr-iam-role: ${{ secrets.ecr-iam-role }}
-        registry: ${{ secrets.registry }}
-        secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
+        github-private-actions-pat: ${{ secrets.github-private-actions-pat }}
+
 ```
 
 
 
+### Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|----------|
+| ref | The release target, i.e. branch or commit it should point to | string | ${{ github.sha }} | false |
+
 
 
 ### Secrets

docs/github-actions-reusable-workflows.md

@@ -516,20 +516,22 @@ Create or update draft release
 
   jobs:
     do:
-      uses: cloudposse/github-actions-workflows/.github/workflows/ci-dockerized-app-verify.yml@main
+      uses:  cloudposse/github-actions-workflows/.github/workflows/controller-draft-release.yml@main
       with:
-        organization: ${{ github.event.repository.owner.login }}
-        repository: ${{ github.event.repository.name }}
-        version: ${{ github.event.release.tag_name }}
+        ref: ${{ github.sha }}
       secrets:
-        ecr-region: ${{ secrets.ecr-region }}
-        ecr-iam-role: ${{ secrets.ecr-iam-role }}
-        registry: ${{ secrets.registry }}
-        secret-outputs-passphrase: ${{ secrets.secret-outputs-passphrase }}
+        github-private-actions-pat: ${{ secrets.github-private-actions-pat }}
+
 ```
 
 
 
+### Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|----------|
+| ref | The release target, i.e. branch or commit it should point to | string | ${{ github.sha }} | false |
+
 
 
 ### Secrets