admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(ci): restrict permissions to read actions+contents

Browse Source
This commit is contained in:
Quentin McGaw
2022-05-29 17:11:26 +00:00
parent 08553bc90b
commit 4414366370
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/ci.yml vendored
View File

@@ -33,6 +33,9 @@ on:
jobs: jobs:
verify: verify:
runs-on: ubuntu-latest runs-on: ubuntu-latest
permissions:
actions: read
contents: read
env: env:
DOCKER_BUILDKIT: "1" DOCKER_BUILDKIT: "1"
steps: steps:
@@ -84,6 +87,9 @@ jobs:
(github.event_name == 'pull_request' && github.actor != 'dependabot[bot]') (github.event_name == 'pull_request' && github.actor != 'dependabot[bot]')
) )
needs: [verify] needs: [verify]
permissions:
actions: read
contents: read
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3