Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci(github-actions/backport): add back "permissions" top section #9001

Merged
merged 1 commit into from
Jan 23, 2024
Merged

ci(github-actions/backport): add back "permissions" top section #9001

merged 1 commit into from
Jan 23, 2024

Conversation

bartsmykla
Copy link
Contributor

It seems we have to have contents: read in both, top level and job to make it work

Remediates: https://github.com/kumahq/kuma/security/code-scanning/38

Checklist prior to review

  • Link to relevant issue as well as docs and UI issues
  • This will not break child repos: it doesn't hardcode values (.e.g "kumahq" as a image registry) and it will work on Windows, system specific functions like syscall.Mkfifo have equivalent implementation on the other OS
    • It won't
  • Tests (Unit test, E2E tests, manual test on universal and k8s)
    • No tests
    • Don't forget ci/ labels to run additional/fewer tests
  • Do you need to update UPGRADE.md?
    • There is no need
  • Does it need to be backported according to the backporting policy? (this GH action will add "backport" label based on these file globs, if you want to prevent it from adding the "backport" label use no-backport-autolabel label)
    • There is no need

Changelog: skip

@bartsmykla
ci(github-actions/backport): add back "permissions" top section
93313d7 
It seems we have to have `contents: read` in both, top level and
job to make it work

Signed-off-by: Bart Smykla <[email protected]>
@bartsmykla bartsmykla added the ci/skip-test PR: Don't run unit and e2e tests (maybe this is just a doc change) label Jan 23, 2024
@bartsmykla bartsmykla requested a review from a team as a code owner January 23, 2024 06:33
@bartsmykla bartsmykla requested review from jijiechen and lukidzi and removed request for a team January 23, 2024 06:33
@bartsmykla bartsmykla enabled auto-merge (squash) January 23, 2024 06:50
@bartsmykla bartsmykla merged commit 268178a into kumahq:master Jan 23, 2024
13 checks passed
@bartsmykla bartsmykla deleted the ci/add-back-top-permissions-in-backport-gh-workflow branch January 23, 2024 07:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michaelbeaumont michaelbeaumont michaelbeaumont approved these changes

@jijiechen jijiechen Awaiting requested review from jijiechen jijiechen is a code owner automatically assigned from kumahq/kuma-maintainers

@lukidzi lukidzi Awaiting requested review from lukidzi lukidzi is a code owner automatically assigned from kumahq/kuma-maintainers

Assignees
No one assigned
Labels
ci/skip-test PR: Don't run unit and e2e tests (maybe this is just a doc change)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bartsmykla @michaelbeaumont