mirror/netbox-community-netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2024-05-10 07:54:54 +00:00
Code Activity

GitHub Workflows security hardening (#10456)

Browse Source 
* build: harden lock.yml permissions

Signed-off-by: Alex <aleksandrosansan@gmail.com>

* build: harden stale.yml permissions

Signed-off-by: Alex <aleksandrosansan@gmail.com>

* build: harden ci.yml permissions

Signed-off-by: Alex <aleksandrosansan@gmail.com>

Signed-off-by: Alex <aleksandrosansan@gmail.com>
This commit is contained in:
Alex
2022-09-29 18:41:33 +03:00
committed by GitHub
parent 3c32c09a5a
commit 4cb6984a65
3 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/ci.yml vendored
View File

@@ -1,5 +1,7 @@
name: CI name: CI
on: [push, pull_request] on: [push, pull_request]
permissions:
contents: read # to fetch code (actions/checkout)
jobs: jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest

5
.github/workflows/lock.yml vendored
View File

@@ -5,8 +5,13 @@ on:
schedule: schedule:
- cron: '0 3 * * *' - cron: '0 3 * * *'
permissions: {}
jobs: jobs:
lock: lock:
permissions:
issues: write # to lock issues (dessant/lock-threads)
pull-requests: write # to lock PRs (dessant/lock-threads)
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: dessant/lock-threads@v3 - uses: dessant/lock-threads@v3

5
.github/workflows/stale.yml vendored
View File

@@ -4,8 +4,13 @@ on:
schedule: schedule:
- cron: '0 4 * * *' - cron: '0 4 * * *'
permissions: {}
jobs: jobs:
stale: stale:
permissions:
issues: write # to close stale issues (actions/stale)
pull-requests: write # to close stale PRs (actions/stale)
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/stale@v5 - uses: actions/stale@v5