configure workflow default permission

shogo82148 · Jul 1, 2024 · 2e583ec · 2e583ec
1 parent 89b0de1
commit 2e583ec
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 32 deletions.
diff --git a/.github/workflows/build-mariadb.yml b/.github/workflows/build-mariadb.yml
@@ -10,6 +10,10 @@ on:
         description: MariaDB versions to build (JSON Array)
         required: false
         default: ""
+permissions:
+  contents: write
+  id-token: write
+  attestations: write
 
 jobs:
   list:
@@ -48,10 +52,6 @@ jobs:
       MARIADB_VERSION: ${{ matrix.mariadb }}
       BUILD_OS: ${{ matrix.os }}
     timeout-minutes: 180
-    permissions:
-      contents: write
-      id-token: write
-      attestations: write
     steps:
       - uses: actions/checkout@v4
       - run: .github/build-mariadb-linux.sh "$MARIADB_VERSION"
@@ -76,10 +76,6 @@ jobs:
     env:
       MARIADB_VERSION: ${{ matrix.mariadb }}
     timeout-minutes: 180
-    permissions:
-      contents: write
-      id-token: write
-      attestations: write
     steps:
       - uses: actions/checkout@v4
       - run: .github/build-mariadb-darwin.sh ${{ matrix.mariadb }}
@@ -105,10 +101,6 @@ jobs:
     env:
       MARIADB_VERSION: ${{ matrix.mariadb }}
     timeout-minutes: 180
-    permissions:
-      contents: write
-      id-token: write
-      attestations: write
     steps:
       - uses: actions/checkout@v4
       - run: .github/build-mariadb-darwin.sh ${{ matrix.mariadb }}
@@ -134,10 +126,6 @@ jobs:
     env:
       MARIADB_VERSION: ${{ matrix.mariadb }}
     timeout-minutes: 180
-    permissions:
-      contents: write
-      id-token: write
-      attestations: write
     steps:
       - uses: actions/checkout@v4
       - run: .github\build-mariadb-windows.ps1 $env:MARIADB_VERSION

diff --git a/.github/workflows/build-mysql.yml b/.github/workflows/build-mysql.yml
@@ -11,6 +11,11 @@ on:
         required: false
         default: ""
 
+permissions:
+  contents: write
+  id-token: write
+  attestations: write
+
 jobs:
   list:
     runs-on: ubuntu-latest
@@ -48,10 +53,6 @@ jobs:
       MYSQL_VERSION: ${{ matrix.mysql }}
       BUILD_OS: ${{ matrix.os }}
     timeout-minutes: 180
-    permissions:
-      contents: write
-      id-token: write
-      attestations: write
     steps:
       - uses: actions/checkout@v4
       - run: .github/build-mysql-linux.sh "$MYSQL_VERSION"
@@ -76,10 +77,6 @@ jobs:
     env:
       MYSQL_VERSION: ${{ matrix.mysql }}
     timeout-minutes: 180
-    permissions:
-      contents: write
-      id-token: write
-      attestations: write
     steps:
       - uses: actions/checkout@v4
       - run: |
@@ -108,10 +105,6 @@ jobs:
     env:
       MYSQL_VERSION: ${{ matrix.mysql }}
     timeout-minutes: 180
-    permissions:
-      contents: write
-      id-token: write
-      attestations: write
     steps:
       - uses: actions/checkout@v4
       - run: |
@@ -140,10 +133,6 @@ jobs:
     env:
       MYSQL_VERSION: ${{ matrix.mysql }}
     timeout-minutes: 180
-    permissions:
-      contents: write
-      id-token: write
-      attestations: write
     steps:
       - uses: actions/checkout@v4
       - run: .github\build-mysql-windows.ps1 $env:MYSQL_VERSION