1berry/docker-compose
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix zizmor security alerts on GHA workflows

Browse Source 
Signed-off-by: Guillaume Lours <705411+glours@users.noreply.github.com>
This commit is contained in:
Guillaume Lours 2025-04-11 15:35:55 +02:00 committed by Nicolas De loof
parent a3f88a0a1d
commit 51907d9f72
2 changed files with 15 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/ci.yml vendored
View File

@ -77,8 +77,10 @@ jobs:
- -
name: Prepare name: Prepare
run: | run: |
platform=${{ matrix.platform }} platform=${MATRIX_PLATFORM}
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
env:
MATRIX_PLATFORM: ${{ matrix.platform }}
- -
name: Set up QEMU name: Set up QEMU
uses: docker/setup-qemu-action@v3 uses: docker/setup-qemu-action@v3

15
.github/workflows/scorecards.yml vendored
View File

@ -7,9 +7,6 @@ on:
push: push:
branches: [ "main" ] branches: [ "main" ]
# Declare default permissions as read only.
permissions: read-all
jobs: jobs:
analysis: analysis:
name: Scorecards analysis name: Scorecards analysis
@ -19,6 +16,18 @@ jobs:
security-events: write security-events: write
# Used to receive a badge. # Used to receive a badge.
id-token: write id-token: write
# read permissions to all the other objects
actions: read
attestations: read
checks: read
contents: read
deployments: read
issues: read
discussions: read
packages: read
pages: read
pull-requests: read
statuses: read
steps: steps:
- name: "Checkout code" - name: "Checkout code"