ceph-csi/.github/workflows/test-retest-action.yaml
naveen 2672fad90a ci: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way,
 even if the attackers will succeed in compromising your workflow,
 they won’t be able to do much.

- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-05-05 20:21:15 +05:30

21 lines
431 B
YAML

---
name: test-retest-action
# yamllint disable-line rule:truthy
on:
pull_request:
branches: [devel]
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Docker build
# Run cd to avoid loading complete cephcsi directory in docker context
# while building retest image.
run: cd actions/retest && docker build -t retest .