workflows: Explicitly set minimal token permissions
This will allow us to set the default token permissions to restricted, and thus avoid accidentally introducing over-privileged new workflows.
This commit is contained in:
Martin Pitt
Martin Pitt
parent
3bc60dd9bb
commit
b60dd6f945
3 changed files with 9 additions and 0 deletions
3
.github/workflows/cockpit-lib-update.yml
vendored
3
.github/workflows/cockpit-lib-update.yml
vendored
|
|
@ -7,6 +7,9 @@ on:
|
|||
jobs:
|
||||
cockpit-lib-update:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
pull-requests: write
|
||||
contents: write
|
||||
steps:
|
||||
- name: Set up dependencies
|
||||
run: |
|
||||
|
|
|
|||
3
.github/workflows/npm-update-pf.yml
vendored
3
.github/workflows/npm-update-pf.yml
vendored
|
|
@ -7,6 +7,9 @@ on:
|
|||
jobs:
|
||||
npm-update:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
pull-requests: write
|
||||
contents: write
|
||||
steps:
|
||||
- name: Set up dependencies
|
||||
run: |
|
||||
|
|
|
|||
3
.github/workflows/npm-update.yml
vendored
3
.github/workflows/npm-update.yml
vendored
|
|
@ -7,6 +7,9 @@ on:
|
|||
jobs:
|
||||
npm-update:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
pull-requests: write
|
||||
contents: write
|
||||
steps:
|
||||
- name: Set up dependencies
|
||||
run: |
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue