Skip to content

Commit 859ecf9

Browse files
JontziiJontzii
committed
Add permissions for workflows and update 3rd party actions
1 parent 8b45734 commit 859ecf9

File tree

3 files changed

+15
-6
lines changed

3 files changed

+15
-6
lines changed

.github/workflows/cd.yml

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -4,16 +4,19 @@ on:
44
push:
55
branches:
66
- main
7-
- "releases/**"
7+
- releases/**
88
pull_request:
99

10+
permissions:
11+
contents: read
12+
1013
jobs:
1114
publish_mapmatching_docker_image_to_acr:
1215
name: Publish Map Matching Docker image to ACR
1316
permissions:
1417
id-token: write
1518
contents: read
16-
uses: HSLdevcom/jore4-tools/.github/workflows/shared-build-and-publish-docker-image.yml@shared-build-and-publish-docker-image-v1
19+
uses: HSLdevcom/jore4-tools/.github/workflows/shared-build-and-publish-docker-image.yml@shared-build-and-publish-docker-image-v6
1720
with:
1821
docker_image_name: jore4-postgres-mapmatching
1922
build_arm64_image: true
@@ -28,7 +31,7 @@ jobs:
2831
permissions:
2932
id-token: write
3033
contents: read
31-
uses: HSLdevcom/jore4-tools/.github/workflows/shared-build-and-publish-docker-image.yml@shared-build-and-publish-docker-image-v1
34+
uses: HSLdevcom/jore4-tools/.github/workflows/shared-build-and-publish-docker-image.yml@shared-build-and-publish-docker-image-v6
3235
with:
3336
docker_image_name: jore4-postgres-azuredbmock
3437
build_arm64_image: true
@@ -134,7 +137,7 @@ jobs:
134137
135138
steps:
136139
- name: Checkout code
137-
uses: actions/checkout@v4
140+
uses: actions/checkout@v6
138141

139142
- name: Start up postgresql docker container
140143
run: |

.github/workflows/check-renovatebot-config.yml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,9 +3,12 @@ name: Check renovatebot config
33
on:
44
pull_request:
55

6+
permissions:
7+
contents: read
8+
69
jobs:
710
validate:
811
name: Validate renovatebot config
9-
uses: HSLdevcom/jore4-tools/.github/workflows/shared-check-renovatebot-config.yml@shared-check-renovatebot-config-v1
12+
uses: HSLdevcom/jore4-tools/.github/workflows/shared-check-renovatebot-config.yml@shared-check-renovatebot-config-v2
1013
with:
1114
config_file_path: .github/renovate.json5

.github/workflows/test-docker-compose.yml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,14 +5,17 @@ on:
55
pull_request:
66
branches: [main, releases/**]
77

8+
permissions:
9+
contents: read
10+
811
jobs:
912
test-docker-compose:
1013
name: verify docker-compose setup
1114
runs-on: ubuntu-24.04
1215

1316
steps:
1417
- name: Checkout code
15-
uses: actions/checkout@v4
18+
uses: actions/checkout@v6
1619

1720
- name: Start postgres databases in docker-compose
1821
run: docker compose up -d

0 commit comments

Comments
 (0)