Skip to content

Commit 92a4eff

Browse files
rgacognergacogne
committed
ci: Fix issues reported by zizmor
1 parent 4587253 commit 92a4eff

14 files changed

+221
-140
lines changed

.github/workflows/build-and-test-all.yml

Lines changed: 47 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,7 @@ env:
3232
LLVM_PROFILE_FILE: "/tmp/code-%p.profraw"
3333
OPTIMIZATIONS: yes
3434
INV_CMD: ". ${REPO_HOME}/.venv/bin/activate && inv"
35+
BRANCH_NAME: ${{ inputs.branch-name || github.ref_name }}
3536

3637
jobs:
3738
get-runner-container-image:
@@ -43,11 +44,12 @@ jobs:
4344
env:
4445
DEFAULT_RUNNER_DOCKER_IMAGE: base-pdns-ci-image/debian-12-pdns-base
4546
DEFAULT_IMAGE_TAG: master # update when backporting, e.g. auth-4.9.x
47+
DOCKER_IMAGE: ${{ inputs.runner-docker-image-name || env.DEFAULT_RUNNER_DOCKER_IMAGE }}
4648
steps:
4749
- id: get-runner-image
4850
run: |
49-
echo "image-id=ghcr.io/powerdns/${{ inputs.runner-docker-image-name || env.DEFAULT_RUNNER_DOCKER_IMAGE }}" >> "$GITHUB_OUTPUT"
50-
echo "tag=${{ env.DEFAULT_IMAGE_TAG }}" >> "$GITHUB_OUTPUT"
51+
echo "image-id=ghcr.io/powerdns/$DOCKER_IMAGE" >> "$GITHUB_OUTPUT"
52+
echo "tag=$DEFAULT_IMAGE_TAG" >> "$GITHUB_OUTPUT"
5153
5254
build-auth:
5355
name: build auth (${{ matrix.builder }})
@@ -74,6 +76,7 @@ jobs:
7476
fetch-depth: 5
7577
submodules: recursive
7678
ref: ${{ inputs.branch-name }}
79+
persist-credentials: false
7780
- name: get timestamp for cache
7881
id: get-stamp
7982
run: |
@@ -114,7 +117,7 @@ jobs:
114117
working-directory: ./pdns-${{ env.BUILDER_VERSION }}/pdns
115118
- name: Coveralls Parallel auth unit
116119
if: ${{ env.COVERAGE == 'yes' && matrix.builder != 'meson' }}
117-
uses: coverallsapp/github-action@v2
120+
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b
118121
with:
119122
flag-name: auth-unit-${{ env.SANITIZERS }}
120123
path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
@@ -124,7 +127,7 @@ jobs:
124127
- run: ${{ env.INV_CMD }} ci-auth-install ${{ matrix.builder == 'meson' && '--meson' || '' }}
125128
- run: ccache -s
126129
- if: ${{ matrix.builder != 'meson' }}
127-
run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
130+
run: echo "normalized-branch-name=$BRANCH_NAME" | tr "/" "-" >> "$GITHUB_ENV"
128131
- if: ${{ matrix.builder != 'meson' }}
129132
name: Store the binaries
130133
uses: actions/upload-artifact@v4 # this takes 30 seconds, maybe we want to tar
@@ -165,6 +168,7 @@ jobs:
165168
fetch-depth: 5
166169
submodules: recursive
167170
ref: ${{ inputs.branch-name }}
171+
persist-credentials: false
168172
- name: get timestamp for cache
169173
id: get-stamp
170174
run: |
@@ -186,7 +190,7 @@ jobs:
186190
working-directory: .
187191
- run: ${{ env.INV_CMD }} install-rec-build-deps
188192
working-directory: ./pdns/recursordist/
189-
- run: ${{ env.INV_CMD }} ci-install-rust ${{ env.REPO_HOME }}
193+
- run: ${{ env.INV_CMD }} ci-install-rust ${REPO_HOME}
190194
working-directory: ./pdns/recursordist/
191195
- run: ${{ env.INV_CMD }} ci-autoconf ${{ matrix.builder == 'meson' && '--meson' || '' }}
192196
working-directory: ./pdns/recursordist/
@@ -198,7 +202,7 @@ jobs:
198202
if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' && matrix.builder != 'meson' }}
199203
- name: Coveralls Parallel rec unit
200204
if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' && matrix.builder != 'meson' }}
201-
uses: coverallsapp/github-action@v2
205+
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b
202206
with:
203207
flag-name: rec-unit-${{ matrix.features }}-${{ matrix.sanitizers }}
204208
path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
@@ -208,7 +212,7 @@ jobs:
208212
- run: ${{ env.INV_CMD }} ci-rec-install ${{ matrix.builder == 'meson' && '--meson' || '' }}
209213
- run: ccache -s
210214
- if: ${{ matrix.builder != 'meson' }}
211-
run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
215+
run: echo "normalized-branch-name=$BRANCH_NAME" | tr "/" "-" >> "$GITHUB_ENV"
212216
- if: ${{ matrix.builder != 'meson' }}
213217
name: Store the binaries
214218
uses: actions/upload-artifact@v4 # this takes 30 seconds, maybe we want to tar
@@ -252,6 +256,7 @@ jobs:
252256
fetch-depth: 5
253257
submodules: recursive
254258
ref: ${{ inputs.branch-name }}
259+
persist-credentials: false
255260
- name: get timestamp for cache
256261
id: get-stamp
257262
run: |
@@ -275,9 +280,9 @@ jobs:
275280
working-directory: .
276281
- run: ${{ env.INV_CMD }} install-lld-linker-if-needed
277282
working-directory: ./pdns/dnsdistdist/
278-
- run: ${{ env.INV_CMD }} ci-install-rust ${{ env.REPO_HOME }}
283+
- run: ${{ env.INV_CMD }} ci-install-rust ${REPO_HOME}
279284
working-directory: ./pdns/dnsdistdist/
280-
- run: ${{ env.INV_CMD }} ci-build-and-install-quiche ${{ env.REPO_HOME }}
285+
- run: ${{ env.INV_CMD }} ci-build-and-install-quiche ${REPO_HOME}
281286
working-directory: ./pdns/dnsdistdist/
282287
- run: ${{ env.INV_CMD }} ci-autoconf
283288
if: ${{ matrix.builder == 'autotools' }}
@@ -295,7 +300,7 @@ jobs:
295300
if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' && matrix.builder == 'autotools'}}
296301
- name: Coveralls Parallel dnsdist unit
297302
if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' && matrix.builder == 'autotools' }}
298-
uses: coverallsapp/github-action@v2
303+
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b
299304
with:
300305
flag-name: dnsdist-unit-${{ matrix.features }}-${{ matrix.sanitizers }}
301306
path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
@@ -305,7 +310,7 @@ jobs:
305310
- run: ${{ env.INV_CMD }} ci-make-install
306311
if: ${{ matrix.builder == 'autotools' }}
307312
- run: ccache -s
308-
- run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
313+
- run: echo "normalized-branch-name=$BRANCH_NAME" | tr "/" "-" >> "$GITHUB_ENV"
309314
- name: Store the binaries
310315
if: ${{ matrix.builder == 'autotools' }}
311316
uses: actions/upload-artifact@v4 # this takes 30 seconds, maybe we want to tar
@@ -358,7 +363,8 @@ jobs:
358363
fetch-depth: 5
359364
submodules: recursive
360365
ref: ${{ inputs.branch-name }}
361-
- run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
366+
persist-credentials: false
367+
- run: echo "normalized-branch-name=$BRANCH_NAME" | tr "/" "-" >> "$GITHUB_ENV"
362368
- name: Fetch the binaries
363369
uses: actions/download-artifact@v4
364370
with:
@@ -376,7 +382,7 @@ jobs:
376382
if: ${{ env.COVERAGE == 'yes' }}
377383
- name: Coveralls Parallel auth API ${{ matrix.backend }}
378384
if: ${{ env.COVERAGE == 'yes' }}
379-
uses: coverallsapp/github-action@v2
385+
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b
380386
with:
381387
flag-name: auth-api-${{ matrix.backend }}
382388
path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
@@ -489,7 +495,8 @@ jobs:
489495
fetch-depth: 5
490496
submodules: recursive
491497
ref: ${{ inputs.branch-name }}
492-
- run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
498+
persist-credentials: false
499+
- run: echo "normalized-branch-name=$BRANCH_NAME" | tr "/" "-" >> "$GITHUB_ENV"
493500
- name: Fetch the binaries
494501
uses: actions/download-artifact@v4
495502
with:
@@ -507,7 +514,7 @@ jobs:
507514
if: ${{ env.COVERAGE == 'yes' }}
508515
- name: Coveralls Parallel auth backend ${{ matrix.backend }}
509516
if: ${{ env.COVERAGE == 'yes' }}
510-
uses: coverallsapp/github-action@v2
517+
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b
511518
with:
512519
flag-name: auth-backend-${{ matrix.backend }}
513520
path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
@@ -532,7 +539,8 @@ jobs:
532539
fetch-depth: 5
533540
submodules: recursive
534541
ref: ${{ inputs.branch-name }}
535-
- run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
542+
persist-credentials: false
543+
- run: echo "normalized-branch-name=$BRANCH_NAME" | tr "/" "-" >> "$GITHUB_ENV"
536544
- name: Fetch the binaries
537545
uses: actions/download-artifact@v4
538546
with:
@@ -549,7 +557,7 @@ jobs:
549557
if: ${{ env.COVERAGE == 'yes' }}
550558
- name: Coveralls Parallel ixfrdist
551559
if: ${{ env.COVERAGE == 'yes' }}
552-
uses: coverallsapp/github-action@v2
560+
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b
553561
with:
554562
flag-name: ixfrdist
555563
path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
@@ -581,7 +589,8 @@ jobs:
581589
fetch-depth: 5
582590
submodules: recursive
583591
ref: ${{ inputs.branch-name }}
584-
- run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
592+
persist-credentials: false
593+
- run: echo "normalized-branch-name=$BRANCH_NAME" | tr "/" "-" >> "$GITHUB_ENV"
585594
- name: Fetch the binaries
586595
uses: actions/download-artifact@v4
587596
with:
@@ -600,7 +609,7 @@ jobs:
600609
if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
601610
- name: Coveralls Parallel recursor API
602611
if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
603-
uses: coverallsapp/github-action@v2
612+
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b
604613
with:
605614
flag-name: rec-api-full-${{ matrix.sanitizers }}
606615
path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
@@ -634,7 +643,8 @@ jobs:
634643
fetch-depth: 5
635644
submodules: recursive
636645
ref: ${{ inputs.branch-name }}
637-
- run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
646+
persist-credentials: false
647+
- run: echo "normalized-branch-name=$BRANCH_NAME" | tr "/" "-" >> "$GITHUB_ENV"
638648
- name: Fetch the binaries
639649
uses: actions/download-artifact@v4
640650
with:
@@ -653,7 +663,7 @@ jobs:
653663
if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
654664
- name: Coveralls Parallel recursor regression
655665
if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
656-
uses: coverallsapp/github-action@v2
666+
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b
657667
with:
658668
flag-name: rec-regression-full-${{ matrix.sanitizers }}
659669
path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
@@ -688,7 +698,8 @@ jobs:
688698
fetch-depth: 5
689699
submodules: recursive
690700
ref: ${{ inputs.branch-name }}
691-
- run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
701+
persist-credentials: false
702+
- run: echo "normalized-branch-name=$BRANCH_NAME" | tr "/" "-" >> "$GITHUB_ENV"
692703
- name: Fetch the binaries
693704
uses: actions/download-artifact@v4
694705
with:
@@ -705,7 +716,7 @@ jobs:
705716
if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
706717
- name: Coveralls Parallel recursor bulk
707718
if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
708-
uses: coverallsapp/github-action@v2
719+
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b
709720
with:
710721
flag-name: rec-regression-bulk-full-${{ matrix.sanitizers }}
711722
path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
@@ -733,7 +744,8 @@ jobs:
733744
fetch-depth: 5
734745
submodules: recursive
735746
ref: ${{ inputs.branch-name }}
736-
- run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
747+
persist-credentials: false
748+
- run: echo "normalized-branch-name=$BRANCH_NAME" | tr "/" "-" >> "$GITHUB_ENV"
737749
- name: Fetch the binaries
738750
uses: actions/download-artifact@v4
739751
with:
@@ -755,7 +767,7 @@ jobs:
755767
# if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
756768
#- name: Coveralls Parallel recursor bulk
757769
# if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
758-
# uses: coverallsapp/github-action@v2
770+
# uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b
759771
# with:
760772
# flag-name: rec-regression-bulk-full-${{ matrix.sanitizers }}
761773
# path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
@@ -793,7 +805,8 @@ jobs:
793805
fetch-depth: 5
794806
submodules: recursive
795807
ref: ${{ inputs.branch-name }}
796-
- run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
808+
persist-credentials: false
809+
- run: echo "normalized-branch-name=$BRANCH_NAME" | tr "/" "-" >> "$GITHUB_ENV"
797810
- name: Fetch the binaries
798811
uses: actions/download-artifact@v4
799812
with:
@@ -810,7 +823,7 @@ jobs:
810823
if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
811824
- name: Coveralls Parallel dnsdist regression
812825
if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
813-
uses: coverallsapp/github-action@v2
826+
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b
814827
with:
815828
flag-name: dnsdist-regression-full-${{ matrix.sanitizers }}
816829
path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
@@ -830,6 +843,7 @@ jobs:
830843
fetch-depth: 5
831844
submodules: recursive
832845
ref: ${{ inputs.branch-name }}
846+
persist-credentials: false
833847
- name: install pip build dependencies
834848
run: |
835849
python3 -m venv ${REPO_HOME}/.venv
@@ -853,26 +867,29 @@ jobs:
853867
- test-recursor-ubicloud-bulk
854868
if: success() || failure()
855869
runs-on: ubuntu-24.04
870+
env:
871+
NEEDS: ${{ toJSON(needs) }}
856872
steps:
857873
- name: Coveralls Parallel Finished
858874
if: ${{ env.COVERAGE == 'yes' }}
859-
uses: coverallsapp/github-action@v2
875+
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b
860876
with:
861877
parallel-finished: true
862878
fail-on-error: false
863879
- name: Install jq and jc
864880
run: "sudo apt-get update && sudo apt-get install jq jc"
865881
- name: Fail job if any of the previous jobs failed
866-
run: "for i in `echo '${{ toJSON(needs) }}' | jq -r '.[].result'`; do if [[ $i == 'failure' ]]; then echo '${{ toJSON(needs) }}'; exit 1; fi; done;"
882+
run: "for i in `echo ${NEEDS} | jq -r '.[].result'`; do if [[ $i == 'failure' ]]; then echo ${NEEDS}; exit 1; fi; done;"
867883
- uses: actions/checkout@v4
868884
with:
869885
fetch-depth: 5
870886
submodules: recursive
871887
ref: ${{ inputs.branch-name }}
888+
persist-credentials: false
872889
- name: Get list of jobs in the workflow
873890
run: "cat .github/workflows/build-and-test-all.yml | jc --yaml | jq -rS '.[].jobs | keys | .[]' | grep -vE 'collect|get-runner-container-image' | tee /tmp/workflow-jobs-list.yml"
874891
- name: Get list of prerequisite jobs
875-
run: "echo '${{ toJSON(needs) }}' | jq -rS 'keys | .[]' | tee /tmp/workflow-needs-list.yml"
892+
run: "echo ${NEEDS} | jq -rS 'keys | .[]' | tee /tmp/workflow-needs-list.yml"
876893
- name: Fail if there is a job missing on the needs list
877894
run: "if ! diff -q /tmp/workflow-jobs-list.yml /tmp/workflow-needs-list.yml; then exit 1; fi"
878895

.github/workflows/build-docker-images-dispatch.yml

Lines changed: 14 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -43,28 +43,31 @@ jobs:
4343
image-tag: ${{ steps.get-image-tag.outputs.tag }}
4444
image-name: ${{ steps.get-image-metadata.outputs.name }}
4545
image-description: ${{ steps.get-image-metadata.outputs.description }}
46+
env:
47+
INPUT_REF: ${{ inputs.ref }}
48+
PRODUCT: ${{ inputs.product }}
4649
steps:
4750
- run: |
48-
echo '${{ inputs.ref }}' | egrep -qq '^auth-.*|^rec-.*|^dnsdist-.*' && tag=$(echo '${{ inputs.ref }}' | cut -d '-' -f 2-)
51+
echo "${INPUT_REF}" | egrep -qq '^auth-.*|^rec-.*|^dnsdist-.*' && tag=$(echo "${INPUT_REF}" | cut -d '-' -f 2-)
4952
echo "tag=$tag" >> $GITHUB_OUTPUT
5053
id: get-image-tag
5154
- run: |
52-
if $(echo '${{ inputs.ref }}' | egrep -qq '^auth-.*|^rec-.*|^dnsdist-.*'); then
53-
echo "version=$(echo '${{ inputs.ref }}' | cut -d '-' -f 2 | awk -F'.' '{print $1$2}')" >> $GITHUB_ENV
54-
echo "branch=$(echo '${{ inputs.ref }}' | cut -d '-' -f 2- | awk -F'.' '{print "v"$1"."$2".x"}')" >> $GITHUB_ENV
55+
if $(echo "${INPUT_REF}" | egrep -qq '^auth-.*|^rec-.*|^dnsdist-.*'); then
56+
echo "version=$(echo "${INPUT_REF}" | cut -d '-' -f 2 | awk -F'.' '{print $1$2}')" >> $GITHUB_ENV
57+
echo "branch=$(echo "${INPUT_REF}" | cut -d '-' -f 2- | awk -F'.' '{print "v"$1"."$2".x"}')" >> $GITHUB_ENV
5558
else
56-
echo "version=$(echo '${{ inputs.ref }}' | tr '/' '-')" >> $GITHUB_ENV
57-
echo "branch=${{ inputs.ref }}" >> $GITHUB_ENV
59+
echo "version=$(echo "${INPUT_REF}" | tr '/' '-')" >> $GITHUB_ENV
60+
echo "branch=${INPUT_REF}" >> $GITHUB_ENV
5861
fi
5962
- run: |
60-
if $(echo '${{ inputs.product }}'| grep -qq auth); then
61-
echo '${{ inputs.ref }}' | egrep -qq '^auth-.*' && description='PowerDNS Authoritative Server '$branch || description='EXPERIMENTAL pdns auth image'
63+
if $(echo "$PRODUCT"| grep -qq auth); then
64+
echo "${INPUT_REF}" | egrep -qq '^auth-.*' && description='PowerDNS Authoritative Server '$branch || description='EXPERIMENTAL pdns auth image'
6265
echo "name=pdns-auth-$version" >> $GITHUB_OUTPUT
63-
elif (echo '${{ inputs.product }}'| grep -qq recursor); then
64-
echo '${{ inputs.ref }}' | egrep -qq '^rec-.*' && description='PowerDNS Recursor '$branch || description='EXPERIMENTAL pdns recursor image'
66+
elif (echo "$PRODUCT"| grep -qq recursor); then
67+
echo "${INPUT_REF}" | egrep -qq '^rec-.*' && description='PowerDNS Recursor '$branch || description='EXPERIMENTAL pdns recursor image'
6568
echo "name=pdns-recursor-$version" >> $GITHUB_OUTPUT
6669
else
67-
echo '${{ inputs.ref }}' | egrep -qq '^dnsdist-.*' && description='PowerDNS DNSDist '$branch || description='EXPERIMENTAL dnsdist image'
70+
echo "${INPUT_REF}" | egrep -qq '^dnsdist-.*' && description='PowerDNS DNSDist '$branch || description='EXPERIMENTAL dnsdist image'
6871
echo "name=dnsdist-$version" >> $GITHUB_OUTPUT
6972
fi
7073
echo "description=$description" >> $GITHUB_OUTPUT

.github/workflows/build-docker-images-tags.yml

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -13,18 +13,20 @@ permissions:
1313
contents: read
1414

1515
jobs:
16+
env:
17+
REF_NAME: ${{ github.ref_name }}
1618
prepare:
1719
runs-on: ubuntu-24.04
1820
outputs:
1921
image-name-suffix: ${{ steps.get-image-version.outputs.version }}
2022
image-tag: ${{ steps.get-image-tag.outputs.tag }}
2123
image-description-suffix: ${{ steps.get-image-description.outputs.description }}
2224
steps:
23-
- run: echo "version=$(echo '${{ github.ref_name }}' | cut -d '-' -f 2 | awk -F'.' '{print $1$2}')" >> $GITHUB_OUTPUT
25+
- run: echo "version=$(echo "${REF_NAME}" | cut -d '-' -f 2 | awk -F'.' '{print $1$2}')" >> $GITHUB_OUTPUT
2426
id: get-image-version
25-
- run: echo "tag=$(echo '${{ github.ref_name }}' | cut -d '-' -f 2-)" >> $GITHUB_OUTPUT
27+
- run: echo "tag=$(echo "${REF_NAME}" | cut -d '-' -f 2-)" >> $GITHUB_OUTPUT
2628
id: get-image-tag
27-
- run: echo "description=$(echo '${{ github.ref_name }}' | cut -d '-' -f 2- | awk -F'.' '{print "v"$1"."$2".x"}')" >> $GITHUB_OUTPUT
29+
- run: echo "description=$(echo "${REF_NAME}" | cut -d '-' -f 2- | awk -F'.' '{print "v"$1"."$2".x"}')" >> $GITHUB_OUTPUT
2830
id: get-image-description
2931

3032
call-build-image-auth:

0 commit comments

Comments
 (0)