diff --git a/.github/workflows/ci-collector.yml b/.github/workflows/ci-collector.yml index 045144827d..17bc36bf4d 100644 --- a/.github/workflows/ci-collector.yml +++ b/.github/workflows/ci-collector.yml @@ -14,6 +14,9 @@ on: branches: - main +permissions: + contents: read + jobs: test: runs-on: ubuntu-latest diff --git a/.github/workflows/ci-nodejs.yml b/.github/workflows/ci-nodejs.yml index 73707f48b7..fe6bc7c6ac 100644 --- a/.github/workflows/ci-nodejs.yml +++ b/.github/workflows/ci-nodejs.yml @@ -14,6 +14,9 @@ on: branches: - main +permissions: + contents: read + jobs: build: runs-on: ubuntu-latest diff --git a/.github/workflows/ci-python.yml b/.github/workflows/ci-python.yml index 50e5a929a9..3cd9648579 100644 --- a/.github/workflows/ci-python.yml +++ b/.github/workflows/ci-python.yml @@ -20,6 +20,9 @@ env: # https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/.github/workflows/test.yml#L9 CORE_REPO_SHA: v1.19.0 +permissions: + contents: read + jobs: build: runs-on: ubuntu-latest diff --git a/.github/workflows/ci-shellcheck.yml b/.github/workflows/ci-shellcheck.yml index 834d93b864..dc0bf5bcb2 100644 --- a/.github/workflows/ci-shellcheck.yml +++ b/.github/workflows/ci-shellcheck.yml @@ -2,6 +2,9 @@ name: "Continuous Build (shellcheck)" on: [push, pull_request] +permissions: + contents: read + jobs: shellcheck: runs-on: ubuntu-latest diff --git a/.github/workflows/ci-terraform.yml b/.github/workflows/ci-terraform.yml index ae158b40fd..7e20857899 100644 --- a/.github/workflows/ci-terraform.yml +++ b/.github/workflows/ci-terraform.yml @@ -14,6 +14,9 @@ on: branches: - main +permissions: + contents: read + jobs: check-terraform-syntax: runs-on: ubuntu-latest diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e1dd5de486..41a1e9cf02 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -20,6 +20,9 @@ on: schedule: - cron: '37 10 * * 2' +permissions: + contents: read + jobs: analyze: name: Analyze