sascha/esphome
1
0
Fork 0
mirror of https://github.com/esphome/esphome.git synced 2025-10-31 07:03:55 +00:00
Code Issues Releases Wiki Activity

Constrain GH Actions workflows permissions (#2625)

Browse Source
This commit is contained in:
Otto Winter
2021-10-26 10:55:27 +02:00
committed by GitHub
parent a01f5f5cf1
commit c612a3bf60
3 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/ci-docker.yml vendored
View File

@@ -17,6 +17,10 @@ on:
- 'requirements*.txt' - 'requirements*.txt'
- 'platformio.ini' - 'platformio.ini'
permissions:
contents: read
packages: read
jobs: jobs:
check-docker: check-docker:
name: Build docker containers name: Build docker containers

3
.github/workflows/ci.yml vendored
View File

@@ -8,6 +8,9 @@ on:
pull_request: pull_request:
permissions:
contents: read
jobs: jobs:
ci: ci:
name: ${{ matrix.name }} name: ${{ matrix.name }}

9
.github/workflows/release.yml vendored
View File

@@ -7,6 +7,9 @@ on:
schedule: schedule:
- cron: "0 2 * * *" - cron: "0 2 * * *"
permissions:
contents: read
jobs: jobs:
init: init:
name: Initialize build name: Initialize build
@@ -52,6 +55,9 @@ jobs:
deploy-docker: deploy-docker:
name: Build and publish docker containers name: Build and publish docker containers
if: github.repository == 'esphome/esphome' if: github.repository == 'esphome/esphome'
permissions:
contents: read
packages: write
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: [init] needs: [init]
strategy: strategy:
@@ -93,6 +99,9 @@ jobs:
deploy-docker-manifest: deploy-docker-manifest:
if: github.repository == 'esphome/esphome' if: github.repository == 'esphome/esphome'
permissions:
contents: read
packages: write
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: [init, deploy-docker] needs: [init, deploy-docker]
strategy: strategy: