Skip to content

Commit

Permalink
reduce default workflow permissions
Browse files Browse the repository at this point in the history
  • Loading branch information
phyrog committed Apr 1, 2024
1 parent c58f03d commit 2d36b9e
Show file tree
Hide file tree
Showing 6 changed files with 18 additions and 0 deletions.
3 changes: 3 additions & 0 deletions .github/workflows/container-image.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
name: Build container image

permissions:
contents: read

on:
workflow_call:
inputs:
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/helm-chart-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@
# of the `charts` directory.
name: Release helm chart

permissions:
contents: read

on:
push:
branches:
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/installer-build.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
name: Build installer image, sign it, and generate SBOMs

permissions:
contents: read

on:
workflow_call:
outputs:
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/manager-build.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
name: Build manager image, sign it, and generate SBOMs

permissions:
contents: read

on:
workflow_call:
outputs:
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/sbom.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
name: Generate SBOMs

permissions:
contents: read

on:
workflow_call:
inputs:
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/sign-image.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
name: Sign image

permissions:
contents: read

on:
workflow_call:
inputs:
Expand Down

0 comments on commit 2d36b9e

Please sign in to comment.