fix(ci): potential security vulnerabilities
This commit is contained in:
Simon Lecoq
8
.github/workflows/ci.yml
vendored
8
.github/workflows/ci.yml
vendored
@@ -184,9 +184,13 @@ jobs:
|
|||||||
- name: Pull docker image (master)
|
- name: Pull docker image (master)
|
||||||
run: docker pull ghcr.io/lowlighter/metrics:master
|
run: docker pull ghcr.io/lowlighter/metrics:master
|
||||||
- name: Tag docker image (release)
|
- name: Tag docker image (release)
|
||||||
run: docker tag ghcr.io/lowlighter/metrics:master ghcr.io/lowlighter/metrics:$(echo '${{ github.event.head_commit.message }}' | grep -Po 'v\d+[.]\d+')
|
env:
|
||||||
|
GITHUB_COMMIT_MESSAGE: ${{ github.event.head_commit.message }}
|
||||||
|
run: docker tag ghcr.io/lowlighter/metrics:master ghcr.io/lowlighter/metrics:$(echo $GITHUB_COMMIT_MESSAGE | grep -Po 'v\d+[.]\d+')
|
||||||
- name: Publish release to GitHub registry
|
- name: Publish release to GitHub registry
|
||||||
run: docker push ghcr.io/lowlighter/metrics:$(echo '${{ github.event.head_commit.message }}' | grep -Po 'v\d+[.]\d+')
|
env:
|
||||||
|
GITHUB_COMMIT_MESSAGE: ${{ github.event.head_commit.message }}
|
||||||
|
run: docker push ghcr.io/lowlighter/metrics:$(echo $GITHUB_COMMIT_MESSAGE | grep -Po 'v\d+[.]\d+')
|
||||||
- name: Tag docker image (latest)
|
- name: Tag docker image (latest)
|
||||||
run: docker tag ghcr.io/lowlighter/metrics:master ghcr.io/lowlighter/metrics:latest
|
run: docker tag ghcr.io/lowlighter/metrics:master ghcr.io/lowlighter/metrics:latest
|
||||||
- name: Publish latest to GitHub registry
|
- name: Publish latest to GitHub registry
|
||||||
|
|||||||
8
.github/workflows/test.yml
vendored
8
.github/workflows/test.yml
vendored
@@ -43,9 +43,13 @@ jobs:
|
|||||||
mkdir -v -p /home/runner/.cache/dprint/cache
|
mkdir -v -p /home/runner/.cache/dprint/cache
|
||||||
npx dprint fmt --config .github/config/dprint.json
|
npx dprint fmt --config .github/config/dprint.json
|
||||||
- name: Build lowlighter/metrics:${{ github.head_ref || 'master' }}
|
- name: Build lowlighter/metrics:${{ github.head_ref || 'master' }}
|
||||||
run: docker build -t lowlighter/metrics:$(echo ${{ github.head_ref || 'master' }} | sed 's/\//-/g') .
|
env:
|
||||||
|
GIT_REF: ${{ github.head_ref || 'master' }}
|
||||||
|
run: docker build -t lowlighter/metrics:$(echo $GIT_REF | sed 's/[^a-z]/-/g') .
|
||||||
- name: Run tests
|
- name: Run tests
|
||||||
run: docker run --rm --entrypoint="" lowlighter/metrics:$(echo ${{ github.head_ref || 'master' }} | sed 's/\//-/g') npm run test-metrics
|
env:
|
||||||
|
GIT_REF: ${{ github.head_ref || 'master' }}
|
||||||
|
run: docker run --rm --entrypoint="" lowlighter/metrics:$(echo $GIT_REF | sed 's/[^a-z]/-/g') npm run test-metrics
|
||||||
|
|
||||||
# Run CodeQL on branch
|
# Run CodeQL on branch
|
||||||
analyze:
|
analyze:
|
||||||
|
|||||||
Reference in New Issue
Block a user