actions/hadolint-action
2
0
Fork 0
mirror of https://github.com/hadolint/hadolint-action.git synced 2026-05-15 06:35:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Use env to avoid script injection in CI workflow

Browse source
This commit is contained in:
Tim McCormack 2022-09-30 01:51:48 +00:00 committed by GitHub
parent eeab5ede16
commit 7ed611fb76
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.github/workflows/ci.yml vendored
View file

@ -78,8 +78,10 @@ jobs:
config: testdata/hadolint.yaml
- name: Run integration test 6 - verify results output parameter
env:
STEP_5_OUTPUT: ${{ steps.hadolint5.outputs.results }}
# This step will never fail, but will print out the results from step5
run: echo "${{ steps.hadolint5.outputs.results }}"
run: echo "$STEP_5_OUTPUT"
#- name: Run integration test 6 - output to file
# # This step will never fail, but will print out rule violations.