Mirrors/flux2
1
0
Fork 0
mirror of synced 2026-03-12 07:06:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci: add top-level permissions to upgrade-fluxcd-pkg workflow

Browse Source 
Add explicit top-level `permissions: contents: read` to the
upgrade-fluxcd-pkg workflow to follow the principle of least privilege
and fix the OpenSSF Scorecard Token-Permissions warning.

Signed-off-by: Gagan H R <hrgagan4@gmail.com>
This commit is contained in:
Gagan H R
2026-03-11 21:40:14 +05:30
parent 4c79a76e94
commit 5f3098477e
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/upgrade-fluxcd-pkg.yaml vendored
View File

@@ -3,6 +3,9 @@ name: upgrade-fluxcd-pkg
on: on:
workflow_dispatch: workflow_dispatch:
permissions:
contents: read
jobs: jobs:
upgrade-fluxcd-pkg: upgrade-fluxcd-pkg:
uses: fluxcd/gha-workflows/.github/workflows/upgrade-fluxcd-pkg.yaml@v0.9.0 uses: fluxcd/gha-workflows/.github/workflows/upgrade-fluxcd-pkg.yaml@v0.9.0