From 9040db3d4637e6f5daf5bf43c22644026cb4a91b Mon Sep 17 00:00:00 2001 From: James Petersen Date: Tue, 10 Dec 2024 11:36:28 -0700 Subject: [PATCH] chore: avoid script injections Signed-off-by: James Petersen --- .github/workflows/helm-test.yaml | 14 +++++++++++--- ...elease-artifacts.yml => release-artifacts.yaml} | 0 2 files changed, 11 insertions(+), 3 deletions(-) rename .github/workflows/{release-artifacts.yml => release-artifacts.yaml} (100%) diff --git a/.github/workflows/helm-test.yaml b/.github/workflows/helm-test.yaml index 8e465a5..70f0499 100644 --- a/.github/workflows/helm-test.yaml +++ b/.github/workflows/helm-test.yaml @@ -33,14 +33,19 @@ jobs: - name: Run chart-testing (list-changed) id: list-changed run: | - changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) + changed=$(ct list-changed --target-branch ${DEFAULT_BRANCH}) if [[ -n "$changed" ]]; then echo "changed=true" >> "$GITHUB_OUTPUT" fi + env: + DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} - name: Run chart-testing (lint) if: steps.list-changed.outputs.changed == 'true' - run: ct lint --target-branch ${{ github.event.repository.default_branch }} + run: | + ct lint --target-branch ${DEFAULT_BRANCH} + env: + DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} - name: Check README diff if: steps.list-changed.outputs.changed == 'true' @@ -58,4 +63,7 @@ jobs: - name: Run chart-testing (install) if: steps.list-changed.outputs.changed == 'true' - run: ct install --target-branch ${{ github.event.repository.default_branch }} + run: | + ct install --target-branch ${DEFAULT_BRANCH} + env: + DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} diff --git a/.github/workflows/release-artifacts.yml b/.github/workflows/release-artifacts.yaml similarity index 100% rename from .github/workflows/release-artifacts.yml rename to .github/workflows/release-artifacts.yaml