diff --git a/.github/workflows/boost_log.yml b/.github/workflows/boost_log.yml index 9221939df..ac1b469f0 100644 --- a/.github/workflows/boost_log.yml +++ b/.github/workflows/boost_log.yml @@ -13,6 +13,9 @@ on: - 'instrumentation/boost_log/**' - '.github/workflows/boost_log.yml' +permissions: + contents: read + jobs: cmake_linux: name: CMake Linux diff --git a/.github/workflows/fluentd.yml b/.github/workflows/fluentd.yml index 804c733d5..7beaa5ae6 100644 --- a/.github/workflows/fluentd.yml +++ b/.github/workflows/fluentd.yml @@ -13,8 +13,11 @@ on: branches: [main] paths: - "exporters/fluentd/**" - - ".github/workflows/fluentd.yml" - + - ".github/workflows/fluentd.yml" + +permissions: + contents: read + jobs: cmake_linux: name: CMake Linux diff --git a/.github/workflows/geneva_metrics.yml b/.github/workflows/geneva_metrics.yml index de4bb2db2..41e38d2b2 100644 --- a/.github/workflows/geneva_metrics.yml +++ b/.github/workflows/geneva_metrics.yml @@ -8,9 +8,11 @@ on: - ".github/workflows/geneva_metrics.yml" pull_request: branches: [main] - paths: - - "exporters/geneva/**" - - ".github/workflows/geneva_metrics.yml" + paths: + - "exporters/geneva/**" + - ".github/workflows/geneva_metrics.yml" +permissions: + contents: read jobs: cmake_linux: name: CMake on Linux diff --git a/.github/workflows/geneva_trace.yml b/.github/workflows/geneva_trace.yml index 65bbc184b..9d868dc29 100644 --- a/.github/workflows/geneva_trace.yml +++ b/.github/workflows/geneva_trace.yml @@ -15,6 +15,9 @@ on: - "exporters/geneva-trace/**" - ".github/workflows/geneva_trace.yml" +permissions: + contents: read + jobs: geneva-trace-nuget-generation: name: Geneva Trace diff --git a/.github/workflows/glog.yml b/.github/workflows/glog.yml index c7bb9f40b..efd763a9c 100644 --- a/.github/workflows/glog.yml +++ b/.github/workflows/glog.yml @@ -13,6 +13,9 @@ on: - 'instrumentation/glog/**' - '.github/workflows/glog.yml' +permissions: + contents: read + jobs: cmake_linux: name: CMake Linux diff --git a/.github/workflows/httpd.yml b/.github/workflows/httpd.yml index 0049da21e..73cb050a0 100644 --- a/.github/workflows/httpd.yml +++ b/.github/workflows/httpd.yml @@ -12,6 +12,9 @@ on: - 'instrumentation/httpd/**' - '.github/workflows/httpd.yml' +permissions: + contents: read + jobs: build: name: Build module diff --git a/.github/workflows/log4cxx.yml b/.github/workflows/log4cxx.yml index 1f1090e16..ca132e59a 100644 --- a/.github/workflows/log4cxx.yml +++ b/.github/workflows/log4cxx.yml @@ -13,6 +13,9 @@ on: - 'instrumentation/log4cxx/**' - '.github/workflows/log4cxx.yml' +permissions: + contents: read + jobs: cmake_linux: name: CMake Linux diff --git a/.github/workflows/nginx.yml b/.github/workflows/nginx.yml index 3cc41b906..9564124b8 100644 --- a/.github/workflows/nginx.yml +++ b/.github/workflows/nginx.yml @@ -14,10 +14,14 @@ on: paths: - 'instrumentation/nginx/**' - '.github/workflows/nginx.yml' +permissions: + contents: read jobs: create-release: if: startsWith(github.ref, 'refs/tags/nginx') runs-on: ubuntu-latest + permissions: + contents: write steps: - name: Release uses: softprops/action-gh-release@v2 @@ -25,6 +29,8 @@ jobs: if: startsWith(github.ref, 'refs/tags/nginx') runs-on: ubuntu-latest needs: [nginx-build-test, create-release] + permissions: + contents: write steps: - name: Create directory run: | diff --git a/.github/workflows/prometheus.yml b/.github/workflows/prometheus.yml index 77fd1d2c0..27249f201 100644 --- a/.github/workflows/prometheus.yml +++ b/.github/workflows/prometheus.yml @@ -12,6 +12,9 @@ on: - "exporters/prometheus/**" - ".github/workflows/prometheus.yml" +permissions: + contents: read + jobs: prometheus_bazel_linux: name: Bazel on Linux diff --git a/.github/workflows/spdlog.yml b/.github/workflows/spdlog.yml index e43cc4358..992af96ff 100644 --- a/.github/workflows/spdlog.yml +++ b/.github/workflows/spdlog.yml @@ -13,6 +13,9 @@ on: - 'instrumentation/spdlog/**' - '.github/workflows/spdlog.yml' +permissions: + contents: read + jobs: cmake_linux: name: CMake Linux diff --git a/.github/workflows/user_events.yml b/.github/workflows/user_events.yml index 2e95a7363..b26f5496e 100644 --- a/.github/workflows/user_events.yml +++ b/.github/workflows/user_events.yml @@ -11,8 +11,11 @@ on: branches: [main] paths: - 'exporters/user_events/**' - - '.github/workflows/user_events.yml' - + - '.github/workflows/user_events.yml' + +permissions: + contents: read + jobs: cmake_linux: name: CMake Linux diff --git a/.github/workflows/webserver.yml b/.github/workflows/webserver.yml index b48f5d5ec..46ce27624 100644 --- a/.github/workflows/webserver.yml +++ b/.github/workflows/webserver.yml @@ -12,6 +12,9 @@ on: - 'instrumentation/otel-webserver-module/**' - '.github/workflows/webserver.yml' +permissions: + contents: read + jobs: webserver-build-test-ubuntu: name: webserver-ubuntu-build