]> git.alsa-project.org Git - alsa-ucm-conf.git/commitdiff
projects / alsa-ucm-conf.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7aa83f8)
github: workflow: try to set permissions explicitly
authorJaroslav Kysela <perex@perex.cz>
Tue, 31 Mar 2026 07:36:34 +0000 (09:36 +0200)
committerJaroslav Kysela <perex@perex.cz>
Tue, 31 Mar 2026 07:36:34 +0000 (09:36 +0200)
Signed-off-by: Jaroslav Kysela <perex@perex.cz>
.github/workflows/label-automation.yml patch | blob | history
.github/workflows/pr-validation.yml patch | blob | history
.github/workflows/reusable-label-commenter.yml patch | blob | history
.github/workflows/reusable-sob-validator.yml patch | blob | history

diff --git a/.github/workflows/label-automation.yml b/.github/workflows/label-automation.yml
index d354176157ab698fe6c5c3a2857ea48eb07ece0d..2a77d4ce31420dea14353a37bd3d4ef7aab33691 100644 (file)
--- a/.github/workflows/label-automation.yml
+++ b/.github/workflows/label-automation.yml
@@ -11,6 +11,11 @@ on:
   pull_request_target:
     types: [labeled, unlabeled]
 
+permissions:
+  contents: read
+  pull-requests: write
+  issues: write
+
 jobs:
   handle-label:
     uses: ./.github/workflows/reusable-label-commenter.yml
diff --git a/.github/workflows/pr-validation.yml b/.github/workflows/pr-validation.yml
index d862b780c0a40b2b03e899dbfd6f46fa7122b033..66516536777ec1099fa6ddb9a6d8a429a913536c 100644 (file)
--- a/.github/workflows/pr-validation.yml
+++ b/.github/workflows/pr-validation.yml
@@ -13,6 +13,11 @@ on:
         required: true
         type: number
 
+permissions:
+  contents: read
+  pull-requests: write
+  issues: write
+
 jobs:
   validate-commits:
     uses: ./.github/workflows/reusable-sob-validator.yml
diff --git a/.github/workflows/reusable-label-commenter.yml b/.github/workflows/reusable-label-commenter.yml
index 40f2ff194af9022a7f5768298510d17e6a700f5b..296e408d2ff3522c5eacc4d4086cff466ed7b781 100644 (file)
--- a/.github/workflows/reusable-label-commenter.yml
+++ b/.github/workflows/reusable-label-commenter.yml
@@ -16,6 +16,10 @@ on:
 jobs:
   add-label-comment:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+      issues: write
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
diff --git a/.github/workflows/reusable-sob-validator.yml b/.github/workflows/reusable-sob-validator.yml
index d115be30a51b325ea4a8b0a0c179e782944a5e59..15a94d140997922b1be92fde83816edb4c240e1b 100644 (file)
--- a/.github/workflows/reusable-sob-validator.yml
+++ b/.github/workflows/reusable-sob-validator.yml
@@ -26,6 +26,10 @@ on:
 jobs:
   validate-signedoff:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+      issues: write
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
ALSA UseCaseManager configuration library