ceph-csi/.github/workflows/go-test.yaml
naveen 2672fad90a ci: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way,
 even if the attackers will succeed in compromising your workflow,
 they won’t be able to do much.

- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-05-05 20:21:15 +05:30

26 lines
545 B
YAML

---
name: go-test
# yamllint disable-line rule:truthy
on:
pull_request:
branches:
- '*'
permissions:
contents: read
jobs:
go-test:
name: go-test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: go-test
run: CONTAINER_CMD=docker make containerized-test TARGET=go-test
go-test-api:
name: go-test-api
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: go-test-api
run: CONTAINER_CMD=docker make containerized-test TARGET=go-test-api