Skip to content

Commit e1029ca

Browse files
naveensrinivasannaveensrinivasan
authored
ci: apply least privilege principle (#3024)
Signed-off-by: naveensrinivasan <[email protected]>
1 parent 045c0de commit e1029ca

File tree

2 files changed

+8
-0
lines changed

2 files changed

+8
-0
lines changed

.github/workflows/docker-image-check.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,8 +5,13 @@ on:
55
schedule:
66
- cron: '30 4 * * *'
77

8+
permissions:
9+
contents: read
10+
811
jobs:
912
build:
13+
permissions:
14+
contents: none
1015
runs-on: ubuntu-latest
1116
steps:
1217
- name: Run Trivy vulnerability scanner

.github/workflows/nodejs.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,9 @@ on:
1111
env:
1212
CYPRESS_CACHE_FOLDER: cypress/cache
1313

14+
permissions:
15+
contents: read
16+
1417
jobs:
1518
build:
1619
runs-on: ubuntu-latest

0 commit comments

Comments
 (0)