Skip to content

Commit f3ad7d6

Browse files
authored
Merge pull request #1089 from varunsh-coder/token-perms
ci: add GitHub token permissions for workflows
2 parents 685ed6e + af962d5 commit f3ad7d6

File tree

9 files changed

+32
-0
lines changed

9 files changed

+32
-0
lines changed

.github/workflows/ci.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,9 @@ on:
1111
env:
1212
GO_VERSION: 1.18.3
1313
K8S_VERSION: 1.24.2
14+
permissions:
15+
contents: read
16+
1417
jobs:
1518

1619
docs:
@@ -37,6 +40,9 @@ jobs:
3740
mv _build/html/* $HOME/output/
3841
3942
golangci:
43+
permissions:
44+
contents: read # for actions/checkout to fetch code
45+
pull-requests: read # for golangci/golangci-lint-action to fetch pull requests
4046
name: lint
4147
runs-on: ubuntu-latest
4248
steps:

.github/workflows/e2e-dlb.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,9 @@ on:
1111
env:
1212
IMAGES: 'intel-dlb-plugin dlb-libdlb-demo'
1313

14+
permissions:
15+
contents: read
16+
1417
jobs:
1518
e2e-dlb:
1619
name: e2e-dlb

.github/workflows/e2e-dsa.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,9 @@ on:
1111
env:
1212
IMAGES: 'intel-dsa-plugin intel-idxd-config-initcontainer accel-config-demo'
1313

14+
permissions:
15+
contents: read
16+
1417
jobs:
1518
e2e-dsa:
1619
name: e2e-dsa

.github/workflows/e2e-fpga.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,9 @@ on:
1111
env:
1212
IMAGES: 'intel-fpga-plugin intel-fpga-initcontainer intel-fpga-admissionwebhook opae-nlb-demo'
1313

14+
permissions:
15+
contents: read
16+
1417
jobs:
1518
e2e-fpga:
1619
name: e2e-fpga

.github/workflows/e2e-gpu.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,9 @@ on:
1111
env:
1212
IMAGES: 'intel-gpu-plugin intel-gpu-initcontainer'
1313

14+
permissions:
15+
contents: read
16+
1417
jobs:
1518
e2e-gpu:
1619
name: e2e-gpu

.github/workflows/e2e-iaa.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,9 @@ on:
1111
env:
1212
IMAGES: 'intel-iaa-plugin intel-idxd-config-initcontainer accel-config-demo'
1313

14+
permissions:
15+
contents: read
16+
1417
jobs:
1518
e2e-iaa:
1619
name: e2e-iaa

.github/workflows/e2e-qat.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,9 @@ on:
1111
env:
1212
IMAGES: 'intel-qat-plugin intel-qat-initcontainer crypto-perf'
1313

14+
permissions:
15+
contents: read
16+
1417
jobs:
1518
e2e-qat:
1619
name: e2e-qat

.github/workflows/e2e-sgx.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,9 @@ on:
1111
env:
1212
IMAGES: 'intel-sgx-plugin intel-sgx-initcontainer intel-sgx-admissionwebhook'
1313

14+
permissions:
15+
contents: read
16+
1417
jobs:
1518
e2e-sgx:
1619
name: e2e-sgx

.github/workflows/publish.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,9 +8,14 @@ on:
88
- release-0.23
99
- release-0.24
1010

11+
permissions:
12+
contents: read
13+
1114
jobs:
1215
build:
1316

17+
permissions:
18+
contents: write # for Git to git push
1419
runs-on: ubuntu-latest
1520

1621
steps:

0 commit comments

Comments
 (0)