ci : fix github workflow vulnerable to script injection (#9008)

Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
This commit is contained in:
Diogo Teles Sant'Anna 2024-08-12 13:28:23 -03:00 committed by GitHub
parent 1f67436c5e
commit fc4ca27b25
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -129,6 +129,8 @@ jobs:
- name: Server bench
id: server_bench
env:
HEAD_REF: ${{ github.head_ref || github.ref_name }}
run: |
set -eux
@ -137,7 +139,7 @@ jobs:
python bench.py \
--runner-label ${{ env.RUNNER_LABEL }} \
--name ${{ github.job }} \
--branch ${{ github.head_ref || github.ref_name }} \
--branch $HEAD_REF \
--commit ${{ github.event.inputs.sha || github.event.pull_request.head.sha || github.sha }} \
--scenario script.js \
--duration ${{ github.event.inputs.duration || env.DURATION }} \