commit | 34004d9d5b63c607af2635f7cadd404250b8cb53 | [log] [tgz] |
---|---|---|
author | Cole Arendt <cole.arendt@outlook.com> | Sat Jun 18 06:21:48 2022 -0400 |
committer | Cole Arendt <cole.arendt@outlook.com> | Sat Jun 18 06:24:07 2022 -0400 |
tree | 44902047a0c6a8b08bf8491bcfa36aaf39ff5196 | |
parent | 7358f174908243742c1e850f5dfa19e44e0583e8 [diff] |
set minimal permissions for each workflow
diff --git a/.github/workflows/chart-rebuild.yaml b/.github/workflows/chart-rebuild.yaml index 7cff622..37971b5 100644 --- a/.github/workflows/chart-rebuild.yaml +++ b/.github/workflows/chart-rebuild.yaml
@@ -3,6 +3,10 @@ on: workflow_dispatch: +permissions: + contents: write + pull-requests: write + jobs: rebuild: runs-on: ubuntu-latest
diff --git a/.github/workflows/chart-releaser.yaml b/.github/workflows/chart-releaser.yaml index 07a8f70..7d152f8 100644 --- a/.github/workflows/chart-releaser.yaml +++ b/.github/workflows/chart-releaser.yaml
@@ -5,6 +5,10 @@ branches: - main +permissions: + contents: read + deployments: write + jobs: release: runs-on: ubuntu-latest
diff --git a/.github/workflows/chart-test.yaml b/.github/workflows/chart-test.yaml index 248facb..9ba0d4f 100644 --- a/.github/workflows/chart-test.yaml +++ b/.github/workflows/chart-test.yaml
@@ -6,6 +6,11 @@ - main pull_request: +permissions: + checks: write + contents: read + statuses: write + jobs: lint: runs-on: ubuntu-latest