Skip to content

Commit

Permalink
fix: use github.head_ref env var as trusted input
Browse files Browse the repository at this point in the history
  • Loading branch information
rlespinasse authored Feb 20, 2023
1 parent a362e5f commit 102b1a0
Showing 1 changed file with 10 additions and 14 deletions.
24 changes: 10 additions & 14 deletions action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ runs:
INPUT_SLUG_MAXLENGTH: ${{ inputs.slug-maxlength }}
INPUT_SHORT_LENGTH: ${{ inputs.short-length }}

# From Environment Variables
- uses: rlespinasse/[email protected]
with:
key: GITHUB_REPOSITORY
Expand All @@ -48,30 +49,25 @@ runs:
prefix: ${{ inputs.prefix }}
slug-maxlength: ${{ inputs.slug-maxlength }}

# Specific values
# From Specific values
- uses: rlespinasse/[email protected]
with:
key: GITHUB_EVENT_REF
value: ${{ github.event.ref }}
prefix: ${{ inputs.prefix }}
slug-maxlength: ${{ inputs.slug-maxlength }}

# Calculated values
- id: get-github-ref-name
run: |
refname="${{ github.head_ref || github.ref_name }}"
if [ -f "$GITHUB_OUTPUT" ]; then
echo "github-ref-name=${refname}" >> "$GITHUB_OUTPUT"
else
echo "::set-output name=github-ref-name::${refname}"
fi
shell: bash
- uses: rlespinasse/[email protected]
with:
key: GITHUB_REF_NAME
value: ${{ steps.get-github-ref-name.outputs.github-ref-name }}
# Related to https://github.com/rlespinasse/github-slug-action/issues/104
value: ${{ env.GITHUB_HEAD_REF_RAW || env.GITHUB_REF_NAME_RAW }}
prefix: ${{ inputs.prefix }}
slug-maxlength: ${{ inputs.slug-maxlength }}
env:
GITHUB_HEAD_REF_RAW: ${{ github.head_ref }}
GITHUB_REF_NAME_RAW: ${{ github.ref_name }}

# From Calculated values
- id: get-github-repository-owner-part
run: |
ownerpart=$(echo $GITHUB_REPOSITORY | cut -d/ -f1)
Expand Down Expand Up @@ -103,7 +99,7 @@ runs:
prefix: ${{ inputs.prefix }}
slug-maxlength: ${{ inputs.slug-maxlength }}

# Short
# From sha
- uses: rlespinasse/[email protected]
with:
name: GITHUB_SHA
Expand Down

0 comments on commit 102b1a0

Please sign in to comment.