From 8bd7430b5a210454e1554b813733827ac7ec1b24 Mon Sep 17 00:00:00 2001 From: Ilyas Moutawwakil <57442720+IlyasMoutawwakil@users.noreply.github.com> Date: Mon, 14 Oct 2024 14:17:35 +0200 Subject: [PATCH] intermediate env vars (#290) --- .github/workflows/security.yml | 32 ++++++++++++++------------------ 1 file changed, 14 insertions(+), 18 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index d105eac0..26839d4d 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -2,34 +2,30 @@ name: Security Checks on: push: - branches: - - main - pull_request: - branches: - - main - -concurrency: - cancel-in-progress: true - group: ${{ github.workflow }}-${{ github.ref }} permissions: contents: read jobs: - secrets: + trufflehog: runs-on: ubuntu-latest steps: - - name: Set up environment variables - shell: bash + - shell: bash run: | - if [ "${{ github.event_name }}" == "push" ]; then - echo "depth=$(($(jq length <<< '${{ toJson(github.event.commits) }}') + 2))" >> $GITHUB_ENV - echo "branch=${{ github.ref_name }}" >> $GITHUB_ENV + if [ "$EVENT_NAME" == "push" ]; then + echo "depth=$(($(jq length <<< $COMMITS)+2))" >> $GITHUB_ENV + echo "branch=$REF" >> $GITHUB_ENV fi - if [ "${{ github.event_name }}" == "pull_request" ]; then - echo "depth=$((${{ github.event.pull_request.commits }}+2))" >> $GITHUB_ENV - echo "branch=${{ github.event.pull_request.head.ref }}" >> $GITHUB_ENV + if [ "$EVENT_NAME" == "pull_request" ]; then + echo "depth=$(($PR_COMMITS+2))" >> $GITHUB_ENV + echo "branch=$PR_REF" >> $GITHUB_ENV fi + env: + REF: ${{ github.ref_name }} + COMMITS: ${{ tojson(github.event.commits) }} + EVENT_NAME: ${{ github.event_name }} + PR_REF: ${{ github.event.pull_request.head.ref }} + PR_COMMITS: ${{ github.event.pull_request.commits }} - name: Checkout code uses: actions/checkout@v4