Skip to content

Commit

Permalink
Merge pull request #389 from balena-io/ab77patch
Browse files Browse the repository at this point in the history
Explicitly set GH_TOKEN permissions
  • Loading branch information
flowzone-app[bot] authored Nov 18, 2024
2 parents 5705acc + 06f5684 commit 34996fb
Showing 1 changed file with 21 additions and 0 deletions.
21 changes: 21 additions & 0 deletions .github/workflows/flowzone.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,27 @@ on:
types: [opened, synchronize, closed]
branches: [main, master]

# Base permissions required by Flowzone
# https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
# https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#permissions
permissions:
actions: none
attestations: none
checks: none
contents: read
deployments: none
id-token: none
issues: none
discussions: none
pages: none
pull-requests: none
repository-projects: none
security-events: none
statuses: none

# Additional permissions needed by this repo, such as:
packages: write # Allow Flowzone to publish to ghcr.io

jobs:
flowzone:
name: Flowzone
Expand Down

0 comments on commit 34996fb

Please sign in to comment.