arduino/library-registry
1
0
Fork 0
mirror of https://github.com/arduino/library-registry.git synced 2025-07-05 21:21:14 +03:00
Code Activity

Delete diff artifact after use in "Manage PRs" workflow

Browse Source 
A workflow artifact is used to transfer the PR diff file from the `diff` job to the `parse` job. Once the artifact has
been downloaded by the `parse` job, it no longer serves any purpose.

It's possible the artifact might serve as a vector for exporting secrets from the workflow. Even though I don't have any
specific reasons to believe it is possible to cause secrets to be written to the artifact and the repository doesn't
currently have any secrets beyond `GITHUB_TOKEN`, nor need for any, it's still best to remove the unnecessary artifact.
This commit is contained in:
per1234
2021-04-28 21:29:26 -07:00
parent 60513e52a7
commit f678a3a457
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/manage-prs.yml vendored
View File

@ -109,6 +109,11 @@ jobs:
path: ${{ needs.diff.outputs.path }} path: ${{ needs.diff.outputs.path }}
name: ${{ needs.diff.outputs.artifact }} name: ${{ needs.diff.outputs.artifact }}
- name: Remove no longer needed artifact
uses: geekyeggo/delete-artifact@v1
with:
name: ${{ needs.diff.outputs.artifact }}
- name: Parse request - name: Parse request
id: parse-request id: parse-request
run: | run: |