From bc39a70d118e857c6c1cf980d4882c4737a4c110 Mon Sep 17 00:00:00 2001 From: John Stilley Date: Wed, 4 Sep 2024 06:53:37 -0700 Subject: [PATCH] Adding GitHub content protection rule to CI --- .github/workflows/bench.yml | 3 +++ .github/workflows/ci.yml | 3 +++ .github/workflows/docs.yml | 3 +++ .github/workflows/lint.yml | 3 +++ .github/workflows/publish.yml | 3 +++ 5 files changed, 15 insertions(+) diff --git a/.github/workflows/bench.yml b/.github/workflows/bench.yml index 57f926a29..c9e369448 100644 --- a/.github/workflows/bench.yml +++ b/.github/workflows/bench.yml @@ -10,6 +10,9 @@ on: # performance analysis in order to generate initial data. workflow_dispatch: +permissions: + contents: read + jobs: benchmarks: runs-on: ubuntu-latest diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 981f49e0c..a4acfc418 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,6 +2,9 @@ name: CI on: [push, pull_request] +permissions: + contents: read + jobs: test-linux: strategy: diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 8ebea5e60..e0760a5bb 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -2,6 +2,9 @@ name: Documentation Build on: [push, pull_request] +permissions: + contents: read + jobs: docbuild: runs-on: ubuntu-latest diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index e2d26381c..4aa02923a 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -2,6 +2,9 @@ name: Lint on: [push, pull_request] +permissions: + contents: read + jobs: lint: runs-on: ubuntu-latest diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 3cf9f795e..df1ccb351 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -5,6 +5,9 @@ on: tags: - '*' +permissions: + contents: read + jobs: publish: runs-on: ubuntu-latest