From 5726c3a45f35430585d898ab236f22ef3626f502 Mon Sep 17 00:00:00 2001 From: Angela P Wen Date: Fri, 4 Apr 2025 14:30:44 +0200 Subject: [PATCH] Refactoring: Properly double-quote variables --- images/macos/scripts/build/install-codeql-bundle.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/images/macos/scripts/build/install-codeql-bundle.sh b/images/macos/scripts/build/install-codeql-bundle.sh index 5e8b5862a..4df220ba5 100644 --- a/images/macos/scripts/build/install-codeql-bundle.sh +++ b/images/macos/scripts/build/install-codeql-bundle.sh @@ -23,6 +23,7 @@ fi # Retrieve the CLI version of the latest CodeQL bundle. defaults_json_path=$(download_with_retry "https://raw.githubusercontent.com/github/codeql-action/$codeql_action_latest_major_version/src/defaults.json") +bundle_version=$(jq -r '.cliVersion' "$defaults_json_path") bundle_tag_name="codeql-bundle-v$bundle_version" echo "Downloading CodeQL bundle $bundle_version..." @@ -31,16 +32,16 @@ echo "Downloading CodeQL bundle $bundle_version..." archive_path=$(download_with_retry "https://github.com/github/codeql-action/releases/download/$bundle_tag_name/codeql-bundle.tar.gz") codeql_toolcache_path=$AGENT_TOOLSDIRECTORY/CodeQL/$bundle_version/x64 -mkdir -p $codeql_toolcache_path +mkdir -p "$codeql_toolcache_path" echo "Unpacking the downloaded CodeQL bundle archive..." -tar -xzf $archive_path -C $codeql_toolcache_path +tar -xzf "$archive_path" -C "$codeql_toolcache_path" # Touch a file to indicate to the CodeQL Action that this bundle shipped with the toolcache. This is # to support overriding the CodeQL version specified in defaults.json on GitHub Enterprise. -touch $codeql_toolcache_path/pinned-version +touch "$codeql_toolcache_path/pinned-version" # Touch a file to indicate to the toolcache that setting up CodeQL is complete. -touch $codeql_toolcache_path.complete +touch "$codeql_toolcache_path.complete" invoke_tests "Common" "CodeQL Bundle"