Skip to content

Commit 5177d51

Browse files
karmada-botkarmada-bot
authored
Merge pull request #5059 from aditya7302/ci-image-scanning-token-permission
Define top level Permission for ci-image-scanning workflow
2 parents 5e8152a + c437a18 commit 5177d51

File tree

1 file changed

+5
-0
lines changed

1 file changed

+5
-0
lines changed

.github/workflows/ci-image-scanning.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,11 @@ on:
55
# for PRs initiated by Dependabot.
66
branches-ignore:
77
- 'dependabot/**'
8+
9+
permissions:
10+
contents: read # for actions/checkout to fetch code
11+
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
12+
813
jobs:
914
use-trivy-to-scan-image:
1015
name: image-scanning

0 commit comments

Comments
 (0)