You've already forked opentelemetry-go
mirror of
https://github.com/open-telemetry/opentelemetry-go.git
synced 2025-08-10 22:31:50 +02:00
Add minimum token permissions for all github workflow files (#6950)
See https://github.com/open-telemetry/sig-security/issues/148 for details. Co-authored-by: otelbot <197425009+otelbot@users.noreply.github.com>
This commit is contained in:
OpenTelemetry Bot
committed by
GitHub
GitHub
parent
86640ceae0
commit
e97ee25f2e
2
.github/workflows/benchmark.yml
vendored
2
.github/workflows/benchmark.yml
vendored
@@ -12,6 +12,8 @@ env:
|
|||||||
DEFAULT_GO_VERSION: "~1.24.0"
|
DEFAULT_GO_VERSION: "~1.24.0"
|
||||||
jobs:
|
jobs:
|
||||||
benchmark:
|
benchmark:
|
||||||
|
permissions:
|
||||||
|
contents: write # required for pushing to gh-pages branch
|
||||||
name: Benchmarks
|
name: Benchmarks
|
||||||
runs-on: equinix-bare-metal
|
runs-on: equinix-bare-metal
|
||||||
steps:
|
steps:
|
||||||
|
|||||||
7
.github/workflows/close-stale.yml
vendored
7
.github/workflows/close-stale.yml
vendored
@@ -5,10 +5,13 @@ on:
|
|||||||
- cron: "8 5 * * *" # arbitrary time not to DDOS GitHub
|
- cron: "8 5 * * *" # arbitrary time not to DDOS GitHub
|
||||||
|
|
||||||
permissions:
|
permissions:
|
||||||
issues: write
|
contents: read
|
||||||
pull-requests: write
|
|
||||||
jobs:
|
jobs:
|
||||||
stale:
|
stale:
|
||||||
|
permissions:
|
||||||
|
issues: write
|
||||||
|
pull-requests: write
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0
|
- uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0
|
||||||
|
|||||||
2
.github/workflows/links-fail-fast.yml
vendored
2
.github/workflows/links-fail-fast.yml
vendored
@@ -36,8 +36,6 @@ jobs:
|
|||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
needs: changedfiles
|
needs: changedfiles
|
||||||
if: ${{needs.changedfiles.outputs.files}}
|
if: ${{needs.changedfiles.outputs.files}}
|
||||||
permissions:
|
|
||||||
contents: read
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||||
|
|
||||||
|
|||||||
2
.github/workflows/links.yml
vendored
2
.github/workflows/links.yml
vendored
@@ -14,7 +14,7 @@ jobs:
|
|||||||
check-links:
|
check-links:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
permissions:
|
permissions:
|
||||||
contents: read
|
issues: write # required for creating issues from link checker reports
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout Repo
|
- name: Checkout Repo
|
||||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||||
|
|||||||
2
.github/workflows/markdown.yml
vendored
2
.github/workflows/markdown.yml
vendored
@@ -12,6 +12,8 @@ permissions: read-all
|
|||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
lint-markdown:
|
lint-markdown:
|
||||||
|
permissions:
|
||||||
|
issues: write # required for creating issues from markdown lint reports
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout Repo
|
- name: Checkout Repo
|
||||||
|
|||||||
Reference in New Issue
Block a user