Skip to content

Commit

Permalink
Use an intermediate env variable in GH workflow
Browse files Browse the repository at this point in the history 
> For inline scripts, the preferred approach to handling untrusted input
is to set the value of the expression to an intermediate environment
variable.

Source: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable

Signed-off-by: Christian Haudum <[email protected]>
  • Loading branch information
@chaudum
chaudum committed May 7, 2024
1 parent db7c05c commit 3243559
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion .github/workflows/operator-check-prepare-release-commit.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,9 @@ jobs:
steps:
- name: Extract release version
id: pr_semver
env:
PR_TITLE: ${{ github.event.pull_request.title }}
run: |
PR_TITLE="${{ github.event.pull_request.title }}"
SEMVER=$(echo "$PR_TITLE" | sed -n 's/^chore( operator): community release \([0-9]\+\.[0-9]\+\.[0-9]\+\)$/\1/p')
echo "semver=$SEMVER" >> $GITHUB_OUTPUT
Expand Down

0 comments on commit 3243559

Please sign in to comment.