Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@

name: Build

permissions:
contents: read

on:
pull_request:
types:
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/changelogs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@
# SPDX-License-Identifier: Apache-2.0
name: Changelogs

permissions:
contents: read

Check notice

Code scanning / SonarCloud

Read permissions should be defined at the job level Low

Move this read permission from workflow level to job level. See more on SonarQube Cloud

Check warning on line 7 in .github/workflows/changelogs.yml

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Move this read permission from workflow level to job level.

See more on https://sonarcloud.io/project/issues?id=uyuni-project_uyuni-tools&issues=AZ4BievVllEXtoPR50po&open=AZ4BievVllEXtoPR50po&pullRequest=784
pull-requests: write

Check notice

Code scanning / SonarCloud

Write permissions should be defined at the job level Low

Move this write permission from workflow level to job level. See more on SonarQube Cloud

Check warning on line 8 in .github/workflows/changelogs.yml

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Move this write permission from workflow level to job level.

See more on https://sonarcloud.io/project/issues?id=uyuni-project_uyuni-tools&issues=AZ4BievVllEXtoPR50pp&open=AZ4BievVllEXtoPR50pp&pullRequest=784

on:
push:
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/git-checks.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,9 @@

name: Git Checks

permissions:
contents: read

on: [pull_request]

jobs:
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/mingo_build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@

name: Build with oldest go

permissions:
contents: read

on:
pull_request:
types:
Expand Down
10 changes: 6 additions & 4 deletions .github/workflows/prebuilt_devcontainer.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,12 @@
# SPDX-License-Identifier: Apache-2.0

name: 'pre-built devcontainer'

permissions:
contents: read
id-token: write
packages: write

on:
push:
branches:
Expand All @@ -11,10 +17,6 @@ on:
jobs:
devcontainer-build-and-push:
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
packages: write
steps:
- name: Checkout
id: checkout
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/reuse.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@

name: REUSE Compliance Check

permissions:
contents: read

on:
push:
branches:
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/vulncheck.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@

name: Vulnerability check

permissions:
contents: read

on:
pull_request:
types:
Expand Down
Loading