GitHub Workflows security hardening (#1711)

* build: harden docker.yml permissions

Signed-off-by: Alex <aleksandrosansan@gmail.com>

* build: harden workflow.yml permissions

Signed-off-by: Alex <aleksandrosansan@gmail.com>

Signed-off-by: Alex <aleksandrosansan@gmail.com>
This commit is contained in:
Alex 2022-09-25 10:04:00 +02:00 committed by GitHub
parent 80c0edc232
commit 02d5cf297b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 0 deletions

View File

@ -7,6 +7,9 @@ on:
workflow_dispatch: workflow_dispatch:
permissions:
contents: read # to fetch code (actions/checkout)
jobs: jobs:
push: push:
if: github.repository == 'rq/rq' if: github.repository == 'rq/rq'

View File

@ -6,6 +6,9 @@ on:
pull_request: pull_request:
branches: [ master ] branches: [ master ]
permissions:
contents: read # to fetch code (actions/checkout)
jobs: jobs:
build: build:
name: Python${{ matrix.python-version }}/Redis${{ matrix.redis-version }}/redis-py${{ matrix.redis-py-version }} name: Python${{ matrix.python-version }}/Redis${{ matrix.redis-version }}/redis-py${{ matrix.redis-py-version }}