Secure workflows (#1) (#1072)

* Restrict permissions for the GITHUB_TOKEN in .github/workflows/label-feature.yml

* Restrict permissions for the GITHUB_TOKEN in .github/workflows/label-support.yml

* Restrict permissions for the GITHUB_TOKEN in .github/workflows/stale.yml

* Restrict permissions for the GITHUB_TOKEN in .github/workflows/sync_ghes.yaml

* Restrict permissions for the GITHUB_TOKEN in .github/workflows/validate-data.yaml

Co-authored-by: Step Security <bot@stepsecurity.io>

Co-authored-by: step-security[bot] <89328102+step-security[bot]@users.noreply.github.com>
Co-authored-by: Step Security <bot@stepsecurity.io>
This commit is contained in:
Varun Sharma
2021-09-02 13:05:24 -07:00
committed by GitHub
parent ea5c3f66f6
commit ac64f9caf5
5 changed files with 11 additions and 0 deletions
+2
View File
@@ -5,6 +5,8 @@ on:
jobs:
build:
permissions:
issues: write
runs-on: ubuntu-latest
steps:
- name: Close Issue
+2
View File
@@ -5,6 +5,8 @@ on:
jobs:
build:
permissions:
issues: write
runs-on: ubuntu-latest
steps:
- name: Close Issue
+3
View File
@@ -7,6 +7,9 @@ on:
jobs:
stale:
permissions:
issues: write
pull-requests: write
runs-on: ubuntu-latest
steps:
+2
View File
@@ -7,6 +7,8 @@ on:
jobs:
sync:
permissions:
contents: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
+2
View File
@@ -6,6 +6,8 @@ on:
jobs:
validate-data:
permissions:
contents: read
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2