Add Permissions to github Workflows

Improve GITHUB_TOKEN permissions in the workflows.

Signed-off-by: Soule BA <bah.soule@gmail.com>
This commit is contained in:
Soule BA 2022-01-20 16:35:43 +01:00
parent b6eeb141f2
commit f1327dca09
No known key found for this signature in database
GPG Key ID: 4D40965192802994
5 changed files with 19 additions and 0 deletions

View File

@ -3,6 +3,10 @@ on:
pull_request:
branches:
- main
permissions:
contents: read # for actions/checkout to fetch code
jobs:
Fuzzing:
runs-on: ubuntu-latest

View File

@ -6,6 +6,9 @@ on:
branches:
- main
permissions:
contents: read # for actions/checkout to fetch code
jobs:
kind:
runs-on: ubuntu-latest

View File

@ -7,6 +7,9 @@ on:
env:
REPOSITORY: ${{ github.repository }}
permissions:
contents: read # for actions/checkout to fetch code
jobs:
build:
runs-on: ubuntu-latest

View File

@ -6,6 +6,11 @@ on:
issue_comment:
types: [created]
permissions:
contents: read # for actions/checkout to fetch code
pull-requests: read
repository-projects: write
jobs:
rebase:
if: github.event.issue.pull_request != '' && contains(github.event.comment.body, '/rebase') && (github.event.comment.author_association == 'CONTRIBUTOR' || github.event.comment.author_association == 'MEMBER' || github.event.comment.author_association == 'OWNER')

View File

@ -8,6 +8,10 @@ on:
schedule:
- cron: '18 10 * * 3'
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for codeQL to write security events
jobs:
fossa:
name: FOSSA