ci: add minimum GitHub token permissions for workflows
Signed-off-by: Ashish Kurmi <akurmi@stepsecurity.io>
This commit is contained in:
parent
0d8c8ba71b
commit
d9386c68a9
2 changed files with 9 additions and 0 deletions
6
.github/workflows/lock.yaml
vendored
6
.github/workflows/lock.yaml
vendored
|
|
@ -7,8 +7,14 @@ on:
|
|||
schedule:
|
||||
- cron: '0 0 * * *'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
lock:
|
||||
permissions:
|
||||
issues: write # for dessant/lock-threads to lock issues
|
||||
pull-requests: write # for dessant/lock-threads to lock PRs
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: dessant/lock-threads@v3
|
||||
|
|
|
|||
3
.github/workflows/tests.yaml
vendored
3
.github/workflows/tests.yaml
vendored
|
|
@ -16,6 +16,9 @@ on:
|
|||
- 'docs/**'
|
||||
- '*.md'
|
||||
- '*.rst'
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
tests:
|
||||
name: ${{ matrix.name }}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue