mirror of
https://github.com/bitwarden/server.git
synced 2024-11-24 12:35:25 +01:00
Replace github.ref with GITHUB_REF in build.yml scripts (#4857)
Data should be separated from code where possible to avoid injection (CWE-78). * https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#understanding-the-risk-of-script-injections * https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables
This commit is contained in:
parent
d6cd73cfcc
commit
1fb366d42b
6
.github/workflows/build.yml
vendored
6
.github/workflows/build.yml
vendored
@ -311,7 +311,7 @@ jobs:
|
||||
github.ref == 'refs/heads/hotfix-rc'
|
||||
run: |
|
||||
# Set proper setup image based on branch
|
||||
case "${{ github.ref }}" in
|
||||
case "$GITHUB_REF" in
|
||||
"refs/heads/main")
|
||||
SETUP_IMAGE="$_AZ_REGISTRY/setup:dev"
|
||||
;;
|
||||
@ -528,9 +528,9 @@ jobs:
|
||||
workflow_id: 'build-unified.yml',
|
||||
ref: 'main',
|
||||
inputs: {
|
||||
server_branch: '${{ github.ref }}'
|
||||
server_branch: process.env.GITHUB_REF
|
||||
}
|
||||
})
|
||||
});
|
||||
|
||||
trigger-k8s-deploy:
|
||||
name: Trigger k8s deploy
|
||||
|
Loading…
Reference in New Issue
Block a user