GitHub ikufufuza zowukira zingapo zomwe owukira adakwanitsa kukumba cryptocurrency pa GitHub mitambo yamtambo pogwiritsa ntchito njira ya GitHub Actions kuyendetsa ma code awo. Kuyesera koyamba kugwiritsa ntchito GitHub Zochita zamigodi kuyambira Novembala chaka chatha.
GitHub Actions imalola opanga ma code kuti agwirizanitse zogwirira ntchito zosiyanasiyana mu GitHub. Mwachitsanzo, pogwiritsa ntchito GitHub Actions mutha kuyang'ana ndi kuyesa zina mukamachita, kapena kusintha makina atsopano. Kuti ayambe migodi, owukira amapanga foloko yankhokwe yomwe imagwiritsa ntchito GitHub Actions, onjezerani GitHub Zochita zatsopano pamakope awo, ndikutumiza pempho lachikoka kumalo oyambirira omwe akufuna kuti alowe m'malo omwe alipo a GitHub Actions ndi ".github/workflows" yatsopano. /ci.ymlβ chothandizira.
Pempho lachiwopsezo loyipa limapanga kuyesa kangapo kuti muthamangitse chowongolera chodziwika bwino cha GitHub Actions, chomwe pambuyo pa maola 72 chimasokonekera chifukwa chakutha, kulephera, ndikuyambiranso. Kuti aukire, wowukira amangofunika kupanga pempho kukoka - wogwirizira amadziyendetsa yekha popanda chitsimikiziro kapena kutengapo gawo kuchokera kwa omwe amasungirako zosungirako zoyambira, omwe angangosintha zochitika zokayikitsa ndikuyimitsa kale GitHub Actions.
Mu chogwirizira cha ci.yml chowonjezedwa ndi owukirawo, gawo la "run" lili ndi code yobisika (eval β$(echo 'YXB0IHVwZGF0ZSAtβ¦' | base64 -dβ), yomwe, ikaphedwa, imayesa kutsitsa ndikuyendetsa pulogalamu yamigodi. M'mitundu yoyambilira ya kuwukira kochokera m'malo osiyanasiyana, pulogalamu yotchedwa npm.exe idakwezedwa ku GitHub ndi GitLab ndikupangidwa kukhala fayilo ya ELF ya Alpine Linux (yomwe imagwiritsidwa ntchito pazithunzi za Docker). Njira zatsopano zowukira tsitsa XMRig miner kuchokera kumalo osungirako ntchito, omwe amapangidwa ndi chikwama cholowetsa ma adilesi ndi ma seva kuti atumize deta.
Source: opennet.ru