build: harden build.yml permissions

Signed-off-by: Alex <aleksandrosansan@gmail.com>
This commit is contained in:
Alex 2022-09-24 08:52:44 +02:00
parent 78b9c98c5c
commit 1667a66856

View file

@ -14,6 +14,9 @@ on:
env: env:
DOCKERHUB_SLUG: distribution/distribution DOCKERHUB_SLUG: distribution/distribution
permissions:
contents: read # to fetch code (actions/checkout)
jobs: jobs:
test: test:
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -43,6 +46,9 @@ jobs:
directory: ./ directory: ./
build: build:
permissions:
contents: write # to create GitHub release (softprops/action-gh-release)
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: needs:
- test - test