External-Mirrors/nextcloudpi
2
0
Fork 0
mirror of https://github.com/nextcloud/nextcloudpi.git synced 2026-01-10 15:12:01 -03:30
Code Issues Packages Projects Releases Wiki Activity

build-lxd.yml: Prevent code injection in GH workflow via malicious PR

Browse Source 
Signed-off-by: Tobias Knöppler <6317548+theCalcaholic@users.noreply.github.com>
This commit is contained in:
Tobias Knöppler 2024-05-09 13:55:01 +02:00
parent 66c1601e5a
commit 298404437d
No known key found for this signature in database
GPG Key ID: 3510056072886A8F
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.github/workflows/build-lxd.yml vendored
View File

@ -276,13 +276,15 @@ jobs:
# exit 1
# }
# - name: Update ncp
# env:
# HEAD_REF: "${{ github.head_ref }}"
# run: |
# set -ex
# BRANCH="${VERSION/refs\/heads\//}"
# BRANCH="${BRANCH/refs\/tags\//}"
# if [[ "$BRANCH" =~ "refs/pull/"* ]]
# then
# UPDATE_ARGS=("${{ github.head_ref }}" "$VERSION")
# UPDATE_ARGS=("${HEAD_REF}" "$VERSION")
# else
# UPDATE_ARGS=("$BRANCH")
# fi
@ -439,13 +441,15 @@ jobs:
}
- name: Update ncp
env:
HEAD_REF: "${{ github.head_ref }}"
run: |
set -ex
BRANCH="${VERSION/refs\/heads\//}"
BRANCH="${BRANCH/refs\/tags\//}"
if [[ "$BRANCH" =~ "refs/pull/"* ]]
then
UPDATE_ARGS=("${{ github.head_ref }}" "$VERSION")
UPDATE_ARGS=("${HEAD_REF}" "$VERSION")
else
UPDATE_ARGS=("$BRANCH")
fi