GitHub Workflows security hardening (#4761)

* build: harden integration_tests.yml permissions Signed-off-by: Alex <aleksandrosansan@gmail.com> * build: harden image_builds.yml permissions Signed-off-by: Alex <aleksandrosansan@gmail.com> Signed-off-by: Alex <aleksandrosansan@gmail.com> Co-authored-by: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com>
2022-09-25 14:42:01 +02:00
parent c4d5072e5c
commit f28e18e676
2 changed files with 6 additions and 0 deletions
--- a/.github/workflows/image_builds.yml
+++ b/.github/workflows/image_builds.yml
@@ -5,6 +5,9 @@ on:
    branches: [ "master", "staging" ]
  workflow_dispatch:

+permissions:
+  contents: read # to fetch code (actions/checkout)
+
 jobs:
  docker_image_builds:
    strategy:
--- a/.github/workflows/integration_tests.yml
+++ b/.github/workflows/integration_tests.yml
@@ -5,6 +5,9 @@ on:
    branches: [ "master", "staging" ]
  workflow_dispatch:

+permissions:
+  contents: read
+
 jobs:
  integration_tests:
    runs-on: ubuntu-latest