LoginSignup

Why not login to Qiita and try out its useful features?

We'll deliver articles that match you.

You can read useful information later.

LoginSign up
51
20

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 3 years have passed since last update.

@shonansurvivors(Takashi Yamahara)

【GitHub Actions】set-envとadd-pathが非推奨になったので対応する

Last updated at Posted at 2020-10-14

何があったか

GitHub Actionsで使用できるコマンドのset-envadd-pathについて脆弱性(CVE-2020-15228)が見つかり、現在非推奨となっています。

なお、これら非推奨コマンドを使用しているとActionsの実行結果に以下のような警告が表示されるようになりました。

warning

対応方法

1. set-env

echo "{name}={value}" >> $GITHUB_ENVというかたちで、$GITHUB_ENVに書き込みます。

修正前
    steps:
      - name: set env for prod
        if: github.ref == 'refs/heads/main'
        env:
          AWS_ACCOUNT_ID: 123456789012
          S3_BUCKET_NAME: deploy-prod
        run: |
          echo "::set-env name=AWS_ACCOUNT_ID::${AWS_ACCOUNT_ID}"
          echo "::set-env name=S3_BUCKET_NAME::${S3_BUCKET_NAME}"
修正後
    # 略
        run: |
          echo "AWS_ACCOUNT_ID=${AWS_ACCOUNT_ID}" >> $GITHUB_ENV 
          echo "S3_BUCKET_NAME=${S3_BUCKET_NAME}" >> $GITHUB_ENV

2. add-path

echo "{path}" >> $GITHUB_PATHというかたちで、$GITHUB_PATHに書き込みます。

修正前
      - name: setup reviewdog
        run: |
          mkdir -p $HOME/bin && curl -sfL https://raw.githubusercontent.com/reviewdog/reviewdog/master/install.sh| sh -s -- -b $HOME/bin
          echo ::add-path::$HOME/bin
修正後
          # 略
          echo "$HOME/bin" >> $GITHUB_PATH

参考

51
20
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
51
20

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?