mirror of
https://github.com/intel/intel-device-plugins-for-kubernetes.git
synced 2025-06-03 03:59:37 +00:00
ci: add GitHub token permissions for workflows
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
This commit is contained in:
Varun Sharma
parent
685ed6ecec
commit
af962d5645
6
.github/workflows/ci.yaml
vendored
6
.github/workflows/ci.yaml
vendored
@ -11,6 +11,9 @@ on:
|
||||
env:
|
||||
GO_VERSION: 1.18.3
|
||||
K8S_VERSION: 1.24.2
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
|
||||
docs:
|
||||
@ -37,6 +40,9 @@ jobs:
|
||||
mv _build/html/* $HOME/output/
|
||||
|
||||
golangci:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
pull-requests: read # for golangci/golangci-lint-action to fetch pull requests
|
||||
name: lint
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
|
||||
3
.github/workflows/e2e-dlb.yml
vendored
3
.github/workflows/e2e-dlb.yml
vendored
@ -11,6 +11,9 @@ on:
|
||||
env:
|
||||
IMAGES: 'intel-dlb-plugin dlb-libdlb-demo'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
e2e-dlb:
|
||||
name: e2e-dlb
|
||||
|
||||
3
.github/workflows/e2e-dsa.yml
vendored
3
.github/workflows/e2e-dsa.yml
vendored
@ -11,6 +11,9 @@ on:
|
||||
env:
|
||||
IMAGES: 'intel-dsa-plugin intel-idxd-config-initcontainer accel-config-demo'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
e2e-dsa:
|
||||
name: e2e-dsa
|
||||
|
||||
3
.github/workflows/e2e-fpga.yml
vendored
3
.github/workflows/e2e-fpga.yml
vendored
@ -11,6 +11,9 @@ on:
|
||||
env:
|
||||
IMAGES: 'intel-fpga-plugin intel-fpga-initcontainer intel-fpga-admissionwebhook opae-nlb-demo'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
e2e-fpga:
|
||||
name: e2e-fpga
|
||||
|
||||
3
.github/workflows/e2e-gpu.yml
vendored
3
.github/workflows/e2e-gpu.yml
vendored
@ -11,6 +11,9 @@ on:
|
||||
env:
|
||||
IMAGES: 'intel-gpu-plugin intel-gpu-initcontainer'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
e2e-gpu:
|
||||
name: e2e-gpu
|
||||
|
||||
3
.github/workflows/e2e-iaa.yml
vendored
3
.github/workflows/e2e-iaa.yml
vendored
@ -11,6 +11,9 @@ on:
|
||||
env:
|
||||
IMAGES: 'intel-iaa-plugin intel-idxd-config-initcontainer accel-config-demo'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
e2e-iaa:
|
||||
name: e2e-iaa
|
||||
|
||||
3
.github/workflows/e2e-qat.yml
vendored
3
.github/workflows/e2e-qat.yml
vendored
@ -11,6 +11,9 @@ on:
|
||||
env:
|
||||
IMAGES: 'intel-qat-plugin intel-qat-initcontainer crypto-perf'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
e2e-qat:
|
||||
name: e2e-qat
|
||||
|
||||
3
.github/workflows/e2e-sgx.yml
vendored
3
.github/workflows/e2e-sgx.yml
vendored
@ -11,6 +11,9 @@ on:
|
||||
env:
|
||||
IMAGES: 'intel-sgx-plugin intel-sgx-initcontainer intel-sgx-admissionwebhook'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
e2e-sgx:
|
||||
name: e2e-sgx
|
||||
|
||||
5
.github/workflows/publish.yml
vendored
5
.github/workflows/publish.yml
vendored
@ -8,9 +8,14 @@ on:
|
||||
- release-0.23
|
||||
- release-0.24
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
build:
|
||||
|
||||
permissions:
|
||||
contents: write # for Git to git push
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
|
||||
Loading…
Reference in New Issue
Block a user