From: Diogo Teles Sant'Anna <redacted>
Date: Mon, 12 Aug 2024 16:28:23 +0000 (-0300)
Subject: ci : fix github workflow vulnerable to script injection (#9008)
X-Git-Tag: upstream/0.0.4488~908
X-Git-Url: https://git.djapps.eu/?a=commitdiff_plain;h=fc4ca27b25464a11b3b86c9dbb5b6ed6065965c2;p=pkg%2Fggml%2Fsources%2Fllama.cpp

ci : fix github workflow vulnerable to script injection (#9008)

Signed-off-by: Diogo Teles Sant'Anna <redacted>
---

diff --git a/.github/workflows/bench.yml b/.github/workflows/bench.yml
index eb69b82c..56d22bc0 100644
--- a/.github/workflows/bench.yml
+++ b/.github/workflows/bench.yml
@@ -129,6 +129,8 @@ jobs:
 
       - name: Server bench
         id: server_bench
+        env:
+            HEAD_REF: ${{ github.head_ref || github.ref_name }}
         run: |
           set -eux
 
@@ -137,7 +139,7 @@ jobs:
           python bench.py \
               --runner-label ${{ env.RUNNER_LABEL }} \
               --name ${{ github.job }} \
-              --branch ${{ github.head_ref || github.ref_name }} \
+              --branch $HEAD_REF \
               --commit ${{ github.event.inputs.sha || github.event.pull_request.head.sha || github.sha }} \
               --scenario script.js \
               --duration ${{ github.event.inputs.duration || env.DURATION }} \