Add Permissions to github Workflows

souleb · souleb · commit 53fa1f9e3ef1 · 2022-01-20T18:01:49.000+01:00
Imrove GITHUB_TOKEN permissions in the workflows.

Signed-off-by: Soule BA &lt;soule@weave.works&gt;
diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml
@@ -6,6 +6,9 @@ on:
     branches:
       - main
 
+permissions:
+  contents: read # for actions/checkout to fetch code
+
 jobs:
 
   kind-linux-amd64:
diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
@@ -7,6 +7,9 @@ on:
 env:
   REPOSITORY: ${{ github.repository }}
 
+permissions:
+  contents: read # for actions/checkout to fetch code
+
 jobs:
   build:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/scan.yaml b/.github/workflows/scan.yaml
@@ -8,6 +8,10 @@ on:
   schedule:
     - cron: '18 10 * * 3'
 
+permissions:
+  contents: read # for actions/checkout to fetch code
+  security-events: write # for codeQL to write security events
+
 jobs:
   fossa:
     name: FOSSA
