ci: add minimum GitHub token permissions for workflows (#19138)

Signed-off-by: Ashish Kurmi <akurmi@stepsecurity.io>

Signed-off-by: Ashish Kurmi <akurmi@stepsecurity.io>
This commit is contained in:
Ashish Kurmi 2022-09-08 00:44:24 -07:00 committed by GitHub
parent 95a149d7c1
commit af46584f82
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 0 deletions

View file

@ -10,6 +10,9 @@ on:
paths: paths:
- .github/workflows/build-image.yml - .github/workflows/build-image.yml
- Dockerfile - Dockerfile
permissions:
contents: read
jobs: jobs:
build-image: build-image:
runs-on: ubuntu-latest runs-on: ubuntu-latest

View file

@ -9,6 +9,9 @@ on:
env: env:
RAILS_ENV: test RAILS_ENV: test
permissions:
contents: read
jobs: jobs:
check-i18n: check-i18n:
runs-on: ubuntu-latest runs-on: ubuntu-latest