summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAshish Kurmi <100655670+boahc077@users.noreply.github.com>2022-11-06 01:01:36 -0700
committerGitHub <noreply@github.com>2022-11-06 08:01:36 +0000
commit6efd1b3bb1217841269e67930cba33992fb96930 (patch)
tree6b91b310efe0a55a333ec89a7afd5dd6a7c2823f
parent087f126cf4c8750424b26f177aa7f426be806b7f (diff)
ci: set least privilged token for github actions for lint workflow (#5179)
* ci: set least privilged token for github actions Signed-off-by: Ashish Kurmi <akurmi@stepsecurity.io> * ci:reverting github actions permissions for all but lint workflow Signed-off-by: Ashish Kurmi <akurmi@stepsecurity.io>
-rw-r--r--.github/workflows/lint.yml6
1 files changed, 6 insertions, 0 deletions
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index d437d7b..c8580d3 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -10,9 +10,15 @@ on:
- master
- 2.*
+permissions:
+ contents: read
+
jobs:
# From https://github.com/golangci/golangci-lint-action
golangci:
+ permissions:
+ contents: read # for actions/checkout to fetch code
+ pull-requests: read # for golangci/golangci-lint-action to fetch pull requests
name: lint
strategy:
matrix: