Skip to content

Commit 05eb3c3

Browse files
opentelemetrybototelbot[bot]
opentelemetrybot
and
otelbot[bot]
authored
Add minimum token permissions for all github workflow files (#526)
Co-authored-by: otelbot <[email protected]>
1 parent 29d768b commit 05eb3c3

File tree

5 files changed

+59
-0
lines changed

5 files changed

+59
-0
lines changed

.github/workflows/elixir.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,9 @@ on:
1010
branches:
1111
- "main"
1212

13+
permissions:
14+
contents: read
15+
1316
concurrency:
1417
group: ci-${{ github.head_ref || github.run_id }}-elixir
1518
cancel-in-progress: true

.github/workflows/erlang.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,9 @@ on:
1010
branches:
1111
- "main"
1212

13+
permissions:
14+
contents: read
15+
1316
concurrency:
1417
group: ci-${{ github.head_ref || github.run_id }}-erlang
1518
cancel-in-progress: true

.github/workflows/labeler.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,13 @@
11
name: "Pull Request Labeler"
22
on: [pull_request_target]
33

4+
permissions:
5+
contents: read
6+
47
jobs:
58
triage:
9+
permissions:
10+
pull-requests: write # required for labeling pull requests
611
runs-on: ubuntu-24.04
712
steps:
813
- uses: actions/labeler@v4

.github/workflows/publish-mix-hex-release.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,9 @@ on:
4949
- prep
5050
- publish
5151

52+
permissions:
53+
contents: read
54+
5255
jobs:
5356
config:
5457
runs-on: ubuntu-latest

.github/workflows/release-drafter.yml

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,8 +6,13 @@ on:
66
branches:
77
- main
88

9+
permissions:
10+
contents: read
11+
912
jobs:
1013
opentelemetry-aws-xray-release:
14+
permissions:
15+
contents: write # required for creating draft releases
1116
name: '[opentelemetry-aws-xray-release] Draft release'
1217
runs-on: ubuntu-24.04
1318
steps:
@@ -18,6 +23,8 @@ jobs:
1823
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
1924

2025
opentelemetry-broadway-release:
26+
permissions:
27+
contents: write # required for creating draft releases
2128
name: '[opentelemetry-broadway-release] Draft release'
2229
runs-on: ubuntu-24.04
2330
steps:
@@ -28,6 +35,8 @@ jobs:
2835
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
2936

3037
opentelemetry-cowboy-release:
38+
permissions:
39+
contents: write # required for creating draft releases
3140
name: '[opentelemetry-cowboy-release] Draft release'
3241
runs-on: ubuntu-24.04
3342
steps:
@@ -38,6 +47,8 @@ jobs:
3847
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
3948

4049
opentelemetry-dataloader-release:
50+
permissions:
51+
contents: write # required for creating draft releases
4152
name: '[opentelemetry-dataloader-release] Draft release'
4253
runs-on: ubuntu-24.04
4354
steps:
@@ -48,6 +59,8 @@ jobs:
4859
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
4960

5061
opentelemetry-ecto-release:
62+
permissions:
63+
contents: write # required for creating draft releases
5164
name: '[opentelemetry-ecto-release] Draft release'
5265
runs-on: ubuntu-24.04
5366
steps:
@@ -58,6 +71,8 @@ jobs:
5871
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
5972

6073
opentelemetry-elli-release:
74+
permissions:
75+
contents: write # required for creating draft releases
6176
name: '[opentelemetry-elli-release] Draft release'
6277
runs-on: ubuntu-24.04
6378
steps:
@@ -68,6 +83,8 @@ jobs:
6883
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
6984

7085
opentelemetry-finch-release:
86+
permissions:
87+
contents: write # required for creating draft releases
7188
name: '[opentelemetry-finch-release] Draft release'
7289
runs-on: ubuntu-24.04
7390
steps:
@@ -78,6 +95,8 @@ jobs:
7895
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
7996

8097
opentelemetry-grpcbox-release:
98+
permissions:
99+
contents: write # required for creating draft releases
81100
name: '[opentelemetry-grpcbox-release] Draft release'
82101
runs-on: ubuntu-24.04
83102
steps:
@@ -88,6 +107,8 @@ jobs:
88107
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
89108

90109
opentelemetry-httpoison-release:
110+
permissions:
111+
contents: write # required for creating draft releases
91112
name: '[opentelemetry-httpoison-release] Draft release'
92113
runs-on: ubuntu-24.04
93114
steps:
@@ -98,6 +119,8 @@ jobs:
98119
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
99120

100121
opentelemetry-nebulex-release:
122+
permissions:
123+
contents: write # required for creating draft releases
101124
name: '[opentelemetry-nebulex-release] Draft release'
102125
runs-on: ubuntu-24.04
103126
steps:
@@ -108,6 +131,8 @@ jobs:
108131
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
109132

110133
opentelemetry-oban-release:
134+
permissions:
135+
contents: write # required for creating draft releases
111136
name: '[opentelemetry-oban-release] Draft release'
112137
runs-on: ubuntu-24.04
113138
steps:
@@ -118,6 +143,8 @@ jobs:
118143
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
119144

120145
opentelemetry-phoenix-release:
146+
permissions:
147+
contents: write # required for creating draft releases
121148
name: '[opentelemetry-phoenix-release] Draft release'
122149
runs-on: ubuntu-24.04
123150
steps:
@@ -128,6 +155,8 @@ jobs:
128155
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
129156

130157
opentelemetry-bandit-release:
158+
permissions:
159+
contents: write # required for creating draft releases
131160
name: '[opentelemetry-bandit-release] Draft release'
132161
runs-on: ubuntu-24.04
133162
steps:
@@ -138,6 +167,8 @@ jobs:
138167
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
139168

140169
opentelemetry-process-propagator-release:
170+
permissions:
171+
contents: write # required for creating draft releases
141172
name: '[opentelemetry-process-propagator-release] Draft release'
142173
runs-on: ubuntu-24.04
143174
steps:
@@ -148,6 +179,8 @@ jobs:
148179
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
149180

150181
opentelemetry-redix-release:
182+
permissions:
183+
contents: write # required for creating draft releases
151184
name: '[opentelemetry-redix-release] Draft release'
152185
runs-on: ubuntu-24.04
153186
steps:
@@ -158,6 +191,8 @@ jobs:
158191
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
159192

160193
opentelemetry-req-release:
194+
permissions:
195+
contents: write # required for creating draft releases
161196
name: '[opentelemetry-req-release] Draft release'
162197
runs-on: ubuntu-24.04
163198
steps:
@@ -168,6 +203,8 @@ jobs:
168203
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
169204

170205
opentelemetry-telemetry-release:
206+
permissions:
207+
contents: write # required for creating draft releases
171208
name: '[opentelemetry-telemetry-release] Draft release'
172209
runs-on: ubuntu-24.04
173210
steps:
@@ -178,6 +215,8 @@ jobs:
178215
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
179216

180217
opentelemetry-tesla-release:
218+
permissions:
219+
contents: write # required for creating draft releases
181220
name: '[opentelemetry-tesla-release] Draft release'
182221
runs-on: ubuntu-24.04
183222
steps:
@@ -188,6 +227,8 @@ jobs:
188227
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
189228

190229
opentelemetry-xandra-release:
230+
permissions:
231+
contents: write # required for creating draft releases
191232
name: '[opentelemetry-xandra-release] Draft release'
192233
runs-on: ubuntu-24.04
193234
steps:
@@ -198,6 +239,8 @@ jobs:
198239
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
199240

200241
otel-http-release:
242+
permissions:
243+
contents: write # required for creating draft releases
201244
name: '[otel-http-release] Draft release'
202245
runs-on: ubuntu-24.04
203246
steps:
@@ -208,6 +251,8 @@ jobs:
208251
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
209252

210253
opentelemetry-commanded-release:
254+
permissions:
255+
contents: write # required for creating draft releases
211256
name: '[opentelemetry-commanded-release] Draft release'
212257
runs-on: ubuntu-24.04
213258
steps:

0 commit comments

Comments
 (0)