Rooba
/
rq
mirror of https://github.com/rq/rq.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

GitHub Workflows security hardening (#1711) 

* build: harden docker.yml permissions

Signed-off-by: Alex <aleksandrosansan@gmail.com>

* build: harden workflow.yml permissions

Signed-off-by: Alex <aleksandrosansan@gmail.com>

Signed-off-by: Alex <aleksandrosansan@gmail.com>
This commit is contained in:
Alex 2022-09-25 10:04:00 +02:00 committed by GitHub
parent 80c0edc232
commit 02d5cf297b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/docker.yml vendored
View File

@ -7,6 +7,9 @@ on:
workflow_dispatch:
permissions:
contents: read # to fetch code (actions/checkout)
jobs:
push:
if: github.repository == 'rq/rq'

3
.github/workflows/workflow.yml vendored
View File

@ -6,6 +6,9 @@ on:
pull_request:
branches: [ master ]
permissions:
contents: read # to fetch code (actions/checkout)
jobs:
build:
name: Python${{ matrix.python-version }}/Redis${{ matrix.redis-version }}/redis-py${{ matrix.redis-py-version }}