Skip to content

Commit 4c4dfe2

Browse files
Turbo87Turbo87
committed
CI: Replace template expansions with regular shell variables
see https://woodruffw.github.io/zizmor/audits/#template-injection
1 parent 84cee75 commit 4c4dfe2

File tree

1 file changed

+7
-7
lines changed

1 file changed

+7
-7
lines changed

.github/workflows/ci.yml

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -124,7 +124,7 @@ jobs:
124124

125125
- uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5
126126

127-
- run: cargo install cargo-deny --vers ${{ env.CARGO_DENY_VERSION }}
127+
- run: cargo install cargo-deny --vers ${CARGO_DENY_VERSION}
128128
- run: cargo deny check
129129

130130
backend-test:
@@ -152,26 +152,26 @@ jobs:
152152
workspaces: '. -> ${{ env.CARGO_TARGET_DIR }}'
153153

154154
# Update `pg_dump` to the same version as the running PostgreSQL server
155-
- run: sudo /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -v ${{ env.POSTGRES_VERSION }} -i -p
155+
- run: sudo /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -v ${POSTGRES_VERSION} -i -p
156156
- run: sudo systemctl start postgresql.service
157157
- run: sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD 'postgres'"
158158

159159
# Create a working directory on /mnt, which is a larger temporary
160160
# filesystem than /, that we can then point our later commands to.
161161
- run: |
162-
sudo mkdir ${{ env.CARGO_TARGET_DIR }}
163-
sudo chown $(id -u):$(id -g) ${{ env.CARGO_TARGET_DIR }}
162+
sudo mkdir ${CARGO_TARGET_DIR}
163+
sudo chown $(id -u):$(id -g) ${CARGO_TARGET_DIR}
164164
165165
- run: cargo build --tests --workspace
166166
- run: cargo test --workspace
167167

168-
- run: curl -sL https://github.com/mozilla/grcov/releases/download/v${{ env.GRCOV_VERSION }}/grcov-x86_64-unknown-linux-gnu.tar.bz2 | tar xjf -
168+
- run: curl -sL https://github.com/mozilla/grcov/releases/download/v${GRCOV_VERSION}/grcov-x86_64-unknown-linux-gnu.tar.bz2 | tar xjf -
169169
- run: rustup component add llvm-tools
170-
- run: ./grcov . --binary-path ${{ env.CARGO_TARGET_DIR }}/debug/ -s . -t lcov --branch --ignore-not-existing --ignore "/*" --ignore "${{ env.CARGO_TARGET_DIR }}/debug/build/**" -o ${{ env.CARGO_TARGET_DIR }}/coverage.lcov
170+
- run: ./grcov . --binary-path ${CARGO_TARGET_DIR}/debug/ -s . -t lcov --branch --ignore-not-existing --ignore "/*" --ignore "${CARGO_TARGET_DIR}/debug/build/**" -o ${CARGO_TARGET_DIR}/coverage.lcov
171171

172172
- uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1
173173
with:
174-
files: ${{ env.CARGO_TARGET_DIR }}/coverage.lcov
174+
files: ${CARGO_TARGET_DIR}/coverage.lcov
175175
env:
176176
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
177177

0 commit comments

Comments
 (0)