From 277d1acfacf05fb285c6676e81df7f9c7e877ef8 Mon Sep 17 00:00:00 2001 From: Nuru Date: Tue, 11 Jun 2024 13:41:38 -0700 Subject: [PATCH] Add permissions to builders workflows --- .github/workflows/apkbuild.yml | 8 +++++++- .github/workflows/debbuild.yml | 6 ++++++ .github/workflows/rpmbuild.yml | 6 ++++++ 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/.github/workflows/apkbuild.yml b/.github/workflows/apkbuild.yml index c17ff25a9f..f6c2cb2a83 100644 --- a/.github/workflows/apkbuild.yml +++ b/.github/workflows/apkbuild.yml @@ -14,6 +14,12 @@ on: paths: - apk/** +permissions: + contents: read + packages: write + attestations: write + id-token: write + jobs: build-and-push: runs-on: ubuntu-latest @@ -47,7 +53,7 @@ jobs: echo "tags=${TAGS}" >> $GITHUB_OUTPUT - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - name: Login to DockerHub + - name: Login to Container Registry uses: docker/login-action@v3 with: registry: ghcr.io diff --git a/.github/workflows/debbuild.yml b/.github/workflows/debbuild.yml index 6b1e8ed0f8..cd1040c751 100644 --- a/.github/workflows/debbuild.yml +++ b/.github/workflows/debbuild.yml @@ -16,6 +16,12 @@ on: - deb/** - .github/workflows/debbuild.yml +permissions: + contents: read + packages: write + attestations: write + id-token: write + jobs: build-and-push: runs-on: ubuntu-latest diff --git a/.github/workflows/rpmbuild.yml b/.github/workflows/rpmbuild.yml index a17787ac4a..66e543317d 100644 --- a/.github/workflows/rpmbuild.yml +++ b/.github/workflows/rpmbuild.yml @@ -16,6 +16,12 @@ on: - rpm/** - .github/workflows/rpmbuild.yml +permissions: + contents: read + packages: write + attestations: write + id-token: write + jobs: build-and-push: runs-on: ubuntu-latest