Make propagate_env_vars scan regex more secure

ba0c5264 · Victor Zagorodny · 8c3c865d · ba0c5264
Commit ba0c5264 authored Apr 29, 2019 by Victor Zagorodny
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

.gitlab/ci/reports.gitlab-ci.yml .gitlab/ci/reports.gitlab-ci.yml +2 -2

No files found.
--- a/.gitlab/ci/reports.gitlab-ci.yml
+++ b/.gitlab/ci/reports.gitlab-ci.yml
@@ -31,7 +31,7 @@ sast:
        CURRENT_ENV=$(printenv)

        for VAR_NAME; do
-          echo $CURRENT_ENV | grep $VAR_NAME > /dev/null && echo "--env $VAR_NAME "
+          echo $CURRENT_ENV | grep "${VAR_NAME}=" > /dev/null && echo "--env $VAR_NAME "
        done
      }
    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
@@ -75,7 +75,7 @@ dependency_scanning:
        CURRENT_ENV=$(printenv)

        for VAR_NAME; do
-          echo $CURRENT_ENV | grep $VAR_NAME > /dev/null && echo "--env $VAR_NAME "
+          echo $CURRENT_ENV | grep "${VAR_NAME}=" > /dev/null && echo "--env $VAR_NAME "
        done
      }
    - |