fix(security): template in .github/workflows/build-and-dockerize.yaml (#7860)

Co-authored-by: aikido-autofix[bot] <119856028+aikido-autofix[bot]@users.noreply.github.com>
2026-04-21 14:37:17 +00:00 · 2026-03-17 17:02:59 +02:00 · 2026-03-17 17:02:59 +02:00 · 0cadd16911
commit 0cadd16911
parent 409fe5fe93
1 changed files with 7 additions and 2 deletions
--- a/.github/workflows/build-and-dockerize.yaml
+++ b/.github/workflows/build-and-dockerize.yaml
@ -220,13 +220,18 @@ jobs:
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: 'publish docker multiarch manifest (tag: ${{ inputs.imageTag }})'
+        env:
+          TARGETS: ${{ inputs.targets }}
+          REGISTRY: ${{ inputs.registry }}
+          IMAGE_NAME: ${{ inputs.imageName }}
+          IMAGE_TAG: ${{ inputs.imageTag }}
        run: |
-          targets=$(docker buildx bake -f docker/docker.hcl --print "${{ inputs.targets }}" | jq -r '.group."${{ inputs.targets }}".targets[]')
+          targets=$(docker buildx bake -f docker/docker.hcl --print "$TARGETS" | jq -r '.group."'"$TARGETS"'".targets[]')

          for target in $targets
          do
              echo "publishing multi-arch manifest for $target"
-              image_name="${{ inputs.registry }}/${{ inputs.imageName }}/$target:${{ inputs.imageTag }}"
+              image_name="$REGISTRY/$IMAGE_NAME/$target:$IMAGE_TAG"
              echo "image name: $image_name"

              docker manifest create $image_name --amend "$image_name-arm64" --amend "$image_name-amd64"