Skip to content

Commit 2137d79

Browse files
ActoryOuActoryOu
authored
Follow Security Guide to update YAML files. (#173)
1 parent ad6185c commit 2137d79

File tree

1 file changed

+16
-5
lines changed

1 file changed

+16
-5
lines changed

.github/workflows/release.yml

+16-5
Original file line numberDiff line numberDiff line change
@@ -24,17 +24,22 @@ jobs:
2424
git config --global user.name ${{ github.actor }}
2525
git config --global user.email ${{ github.actor }}@users.noreply.github.com
2626
- name: create a new branch that references commit id
27-
run: git checkout -b ${{ github.event.inputs.version_number }} ${{ github.event.inputs.commit_id }}
27+
env:
28+
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
29+
COMMIT_ID: ${{ github.event.inputs.commit_id }}
30+
run: git checkout -b "$VERSION_NUMBER" "$COMMIT_ID"
2831
- name: Generate SBOM
2932
uses: FreeRTOS/CI-CD-Github-Actions/sbom-generator@main
3033
with:
3134
repo_path: ./
3235
source_path: ./source
3336
- name: commit SBOM file
37+
env:
38+
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
3439
run: |
3540
git add .
3641
git commit -m 'Update SBOM'
37-
git push -u origin ${{ github.event.inputs.version_number }}
42+
git push -u origin "$VERSION_NUMBER"
3843
- name: Tag Commit and Push to remote
3944
env:
4045
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
@@ -68,8 +73,10 @@ jobs:
6873
cd coreJSON
6974
git submodule update --init --checkout --recursive
7075
- name: Create ZIP
76+
env:
77+
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
7178
run: |
72-
zip -r coreJSON-${{ github.event.inputs.version_number }}.zip coreJSON -x "*.git*"
79+
zip -r coreJSON-"$VERSION_NUMBER".zip coreJSON -x "*.git*"
7380
ls ./
7481
- name: Validate created ZIP
7582
env:
@@ -83,8 +90,10 @@ jobs:
8390
diff -r -x "*.git*" coreJSON-"$VERSION_NUMBER"/coreJSON/ ../coreJSON/
8491
cd ../
8592
- name: Build
93+
env:
94+
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
8695
run: |
87-
cd zip-check/coreJSON-${{ github.event.inputs.version_number }}/coreJSON
96+
cd zip-check/coreJSON-"$VERSION_NUMBER"/coreJSON
8897
sudo apt-get install -y lcov
8998
cmake -S test -B build/ \
9099
-G "Unix Makefiles" \
@@ -93,8 +102,10 @@ jobs:
93102
-DCMAKE_C_FLAGS='--coverage -Wall -Wextra -Werror'
94103
make -C build/ all
95104
- name: Test
105+
env:
106+
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
96107
run: |
97-
cd zip-check/coreJSON-${{ github.event.inputs.version_number }}/coreJSON/build/
108+
cd zip-check/coreJSON-"$VERSION_NUMBER"/coreJSON/build/
98109
ctest -E system --output-on-failure
99110
cd ..
100111
- name: Create artifact of ZIP

0 commit comments

Comments
 (0)