Fix security issue (#1884)

Signed-off-by: ZePan110 <ze.pan@intel.com>

Author: ZePan110

.github/workflows/_helm-e2e.yml

@@ -131,6 +131,18 @@ jobs:
           ref: ${{ steps.get-checkout-ref.outputs.CHECKOUT_REF }}
           fetch-depth: 0
 
+      - name: Validate Inputs
+        run: |
+          cd ${{ github.workspace }}
+          folders=($(find . -maxdepth 1 -type d ! -name ".*" -printf "%f\n" | tr '[:upper:]' '[:lower:]'))
+          echo "folders: ${folders[@]}"
+          echo "example: ${{ inputs.example }}"
+          example_lower=$(echo "${{ inputs.example }}" | tr '[:upper:]' '[:lower:]')
+          if [[ ! " ${folders[@]} " =~ " ${example_lower} " ]]; then
+            echo "Error: Input '${example_lower}' is not in the list of folders."
+            exit 1
+          fi
+
       - name: Set variables
         env:
           example: ${{ inputs.example }}

.github/workflows/pr-chart-e2e.yml

@@ -19,6 +19,9 @@ concurrency:
 jobs:
   job1:
     name: Get-Test-Matrix
+    permissions:
+      contents: read
+      pull-requests: read
     runs-on: ubuntu-latest
     outputs:
       run_matrix: ${{ steps.get-test-matrix.outputs.run_matrix }}