diff options
author | Evgeny Vereshchagin <evvers@ya.ru> | 2021-11-13 22:34:04 +0000 |
---|---|---|
committer | Frantisek Sumsal <frantisek@sumsal.cz> | 2021-11-14 10:41:06 +0000 |
commit | e7a966915dde2c6f25a5e7a06a4a637b04b89781 (patch) | |
tree | 7f82043f1bde10262d0ddbec683410e58679d6fe /.github/workflows/unit_tests.yml | |
parent | 10b1c3cd24f5f95e6e72caebdd6896e2eaf8b853 (diff) | |
download | systemd-e7a966915dde2c6f25a5e7a06a4a637b04b89781.tar.gz |
ci: mimic the "restricted" mode
Judging by https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
it should be enough to grant the "read contents" permission to
most of our actions. The "read metadata" permission is set impliciclty
somewhere and can't be set via the "permissions" setting:
```
The workflow is not valid. .github/workflows/linter.yml (Line: 14, Col: 3): Unexpected value 'metadata'
```
Diffstat (limited to '.github/workflows/unit_tests.yml')
-rw-r--r-- | .github/workflows/unit_tests.yml | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/.github/workflows/unit_tests.yml b/.github/workflows/unit_tests.yml index 3f37fe866b..1458732d2b 100644 --- a/.github/workflows/unit_tests.yml +++ b/.github/workflows/unit_tests.yml @@ -9,7 +9,8 @@ on: - main - v[0-9]+-stable -permissions: read-all +permissions: + contents: read jobs: build: |