diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index eb390ac..a58931d 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -101,7 +101,7 @@ jobs: const docker = { image:{ name:opt.dot.image, - arch:(opt.dot.arch || 'linux/amd64,linux/arm64'), + arch:(opt.input?.etc?.arch || opt.dot?.arch || 'linux/amd64,linux/arm64'), prefix:((opt.input?.etc?.semverprefix) ? `${opt.input?.etc?.semverprefix}-` : ''), suffix:((opt.input?.etc?.semversuffix) ? `-${opt.input?.etc?.semversuffix}` : ''), description:(opt.dot?.readme?.description || ''), @@ -287,21 +287,8 @@ jobs: # RELEASE - - name: github / release / log - continue-on-error: true - id: git-log - run: | - LOCAL_LAST_TAG=$(git describe --abbrev=0 --tags `git rev-list --tags --skip=1 --max-count=1`) - echo "using last tag: ${LOCAL_LAST_TAG}" - LOCAL_COMMITS=$(git log ${LOCAL_LAST_TAG}..HEAD --oneline) - - EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) - echo "commits<<${EOF}" >> ${GITHUB_OUTPUT} - echo "${LOCAL_COMMITS}" >> ${GITHUB_OUTPUT} - echo "${EOF}" >> ${GITHUB_OUTPUT} - - name: github / release / markdown - if: env.WORKFLOW_CREATE_RELEASE == 'true' && steps.git-log.outcome == 'success' + if: env.WORKFLOW_CREATE_RELEASE == 'true' id: git-release uses: 11notes/action-docker-release@v1 # WHY IS THIS ACTION NOT SHA256 PINNED? SECURITY MUCH?!?!?! @@ -310,8 +297,6 @@ jobs: # in the repo. This code is not modified and can't be modified by this action. # It does create the markdown for the release, which could be abused, but to what # extend? Adding a link to a malicious repo? - with: - git_log: ${{ steps.git-log.outputs.commits }} - name: github / release / create if: env.WORKFLOW_CREATE_RELEASE == 'true' && steps.git-release.outcome == 'success' @@ -419,7 +404,7 @@ jobs: if [ -f LICENSE ]; then git add LICENSE fi - git commit -m "github-actions[bot]: update README.md" + git commit -m "auto update README.md" git push origin HEAD:master