ci: add minimum GitHub token permissions for workflows (#8169)
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
This commit is contained in:
Varun Sharma
3
.github/workflows/dependabot-merge.yml
vendored
3
.github/workflows/dependabot-merge.yml
vendored
@@ -4,6 +4,9 @@ on:
|
|||||||
pull_request_target:
|
pull_request_target:
|
||||||
branches: [ master, next ]
|
branches: [ master, next ]
|
||||||
|
|
||||||
|
permissions:
|
||||||
|
contents: read
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
merge-me:
|
merge-me:
|
||||||
name: Merge me!
|
name: Merge me!
|
||||||
|
|||||||
3
.github/workflows/docker-image-check.yml
vendored
3
.github/workflows/docker-image-check.yml
vendored
@@ -5,6 +5,9 @@ on:
|
|||||||
schedule:
|
schedule:
|
||||||
- cron: '30 4 * * *'
|
- cron: '30 4 * * *'
|
||||||
|
|
||||||
|
permissions:
|
||||||
|
contents: read
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build:
|
build:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|||||||
3
.github/workflows/nodejs.yml
vendored
3
.github/workflows/nodejs.yml
vendored
@@ -12,6 +12,9 @@ on:
|
|||||||
env:
|
env:
|
||||||
CYPRESS_CACHE_FOLDER: cypress/cache
|
CYPRESS_CACHE_FOLDER: cypress/cache
|
||||||
|
|
||||||
|
permissions:
|
||||||
|
contents: read
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build:
|
build:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|||||||
Reference in New Issue
Block a user