Set least privileged token permission for GitHub Actions (#3155)

Signed-off-by: Ashish Kurmi <akurmi@stepsecurity.io>
This commit is contained in:
Ashish Kurmi 2022-10-31 00:46:46 -07:00 committed by GitHub
parent e5af37bc8c
commit da51adc276
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 12 additions and 0 deletions

View File

@ -9,6 +9,9 @@ on:
description: 'Image tag' description: 'Image tag'
required: true required: true
default: 'test' default: 'test'
permissions:
contents: read
jobs: jobs:
image: image:
name: Build Image from Dockerfile and binaries name: Build Image from Dockerfile and binaries

View File

@ -3,6 +3,9 @@ name: goreleaser
on: on:
workflow_dispatch: workflow_dispatch:
permissions:
contents: read
jobs: jobs:
goreleaser: goreleaser:
runs-on: ubuntu-latest runs-on: ubuntu-latest

View File

@ -8,8 +8,14 @@ on:
description: 'In debug mod' description: 'In debug mod'
required: false required: false
default: 'false' default: 'false'
permissions:
contents: read
jobs: jobs:
stale: stale:
permissions:
issues: write # for actions/stale to close stale issues
pull-requests: write # for actions/stale to close stale PRs
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/stale@v6 - uses: actions/stale@v6