projects / systemd / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 10b1c3c) | patch
ci: mimic the "restricted" mode
authorEvgeny Vereshchagin <evvers@ya.ru>
Sat, 13 Nov 2021 22:34:04 +0000 (22:34 +0000)
committerFrantisek Sumsal <frantisek@sumsal.cz>
Sun, 14 Nov 2021 10:41:06 +0000 (10:41 +0000)
commite7a966915dde2c6f25a5e7a06a4a637b04b89781
tree7f82043f1bde10262d0ddbec683410e58679d6fetree | snapshot
parent10b1c3cd24f5f95e6e72caebdd6896e2eaf8b853commit | diff
ci: mimic the "restricted" mode

Judging by https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
it should be enough to grant the "read contents" permission to
most of our actions. The "read metadata" permission is set impliciclty
somewhere and can't be set via the "permissions" setting:
```
The workflow is not valid. .github/workflows/linter.yml (Line: 14, Col: 3): Unexpected value 'metadata'
```
.github/workflows/build_test.yml diff | blob | history
.github/workflows/cifuzz.yml diff | blob | history
.github/workflows/coverity.yml diff | blob | history
.github/workflows/linter.yml diff | blob | history
.github/workflows/mkosi.yml diff | blob | history
.github/workflows/unit_tests.yml diff | blob | history
https://github.com/systemd/systemd.git