Request smuggling leading to endpoint restriction bypass in Gunicorn #20 #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dockerhub Release | |
| # Executed on direct push, or after Pull Request was completed during merge commit to main. | |
| # It will push the image to Dockerhub. | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| tests: | |
| uses: ./.github/workflows/test_docker.yml | |
| secrets: inherit | |
| push_dockerhub: | |
| needs: [tests] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| with: | |
| submodules: true | |
| token: ${{ secrets.CI_TOKEN }} | |
| - name: Check Branch | |
| run: | | |
| if [ "${{ github.event_name }}" == "pull_request" ]; then | |
| # Check if the pull request is from the main branch, other branches should not push to dockerhub | |
| if [ "${{ github.event.pull_request.head.ref }}" != "main" ]; then | |
| echo "Skipping workflow for pull request from a branch other than main." | |
| exit 78 | |
| fi | |
| fi | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v1 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v1 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v1 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: . # Path to the Dockerfile | |
| push: true | |
| platforms: linux/arm/v6,linux/arm/v8,linux/arm64,linux/amd64 | |
| tags: | | |
| zostaw/multiarch-home-page:latest | |
| zostaw/multiarch-home-page:${{ github.sha }} |