Elgato_dark/console
1
0
Fork 0
mirror of https://github.com/graphql-hive/console synced 2026-04-21 14:37:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

fix(security): fix for ci template injection in .github/workflows/build-and-dockerize.yaml (#7876)

Browse source 
Co-authored-by: aikido-autofix[bot] <119856028+aikido-autofix[bot]@users.noreply.github.com>
Co-authored-by: Laurin <laurinquast@googlemail.com>
This commit is contained in:
aikido-autofix[bot] 2026-03-18 19:23:07 +01:00 committed by GitHub
parent 3500825b12
commit f550eb3bed
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
.github/workflows/build-and-dockerize.yaml vendored
View file

@ -240,13 +240,17 @@ jobs:
- name: 'publish docker multiarch manifest (tag: latest)'
if: ${{ inputs.publishLatest }}
env:
TARGETS: ${{ inputs.targets }}
REGISTRY: ${{ inputs.registry }}
IMAGE_NAME: ${{ inputs.imageName }}
run: |
targets=$(docker buildx bake -f docker/docker.hcl --print "${{ inputs.targets }}" | jq -r '.group."${{ inputs.targets }}".targets[]')
targets=$(docker buildx bake -f docker/docker.hcl --print "$TARGETS" | jq -r '.group."'"$TARGETS"'".targets[]')
for target in $targets
do
echo "publishing multi-arch manifest for $target"
image_name="${{ inputs.registry }}/${{ inputs.imageName }}/$target:latest"
image_name="$REGISTRY/$IMAGE_NAME/$target:latest"
echo "image name: $image_name"
docker manifest create $image_name --amend "$image_name-arm64" --amend "$image_name-amd64"