Skip to content

chore(ci): refactor more workflows to scope permissions #1979

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jan 29, 2024
Merged

chore(ci): refactor more workflows to scope permissions #1979

merged 3 commits into from
Jan 29, 2024

Conversation

dreamorosi
Copy link
Contributor

Description of your changes

This PR follows #1978 and makes additional changes to the workflows, namely:

  • remove the contents: write permission from the workflow used to make v2 releases since there's no commit
  • remove actions: write from the docs-related workflows - initially I thought this was needed but looking at other workflows that are known to be working (i.e. reusable_export_pr_details) and that also upload artifacts, I don't think it's actually needed
  • correct workflow reference in workflow (fixes issue I introduced in previous PR after renaming)
  • reduce permission scope of Layers workflow

Related issues, RFCs

Issue number: #1799

Checklist

  • My changes meet the tenets criteria
  • I have performed a self-review of my own code
  • I have commented my code where necessary, particularly in areas that should be flagged with a TODO, or hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my change is effective and works
  • The PR title follows the conventional commit semantics

Breaking change checklist

Is it a breaking change?: NO

  • I have documented the migration process
  • I have added, implemented necessary warnings (if it can live side by side)

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Disclaimer: We value your time and bandwidth. As such, any pull requests created on non-triaged issues might not be successful.

@dreamorosi dreamorosi self-assigned this Jan 26, 2024
@dreamorosi dreamorosi requested a review from a team January 26, 2024 17:06
@boring-cyborg boring-cyborg bot added the automation This item relates to automation label Jan 26, 2024
@pull-request-size pull-request-size bot added the size/S PR between 10-29 LOC label Jan 26, 2024
@dreamorosi dreamorosi requested a review from am29d January 26, 2024 18:12
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

am29d
am29d approved these changes Jan 29, 2024
View reviewed changes
Copy link
Contributor

@am29d am29d left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚢

@am29d am29d merged commit b387926 into main Jan 29, 2024
@am29d am29d deleted the chore/scorecard_fixes branch January 29, 2024 08:47
@dreamorosi dreamorosi linked an issue Jan 30, 2024 that may be closed by this pull request
Maintenance: review and restore PR automation #1925
Closed
2 tasks
@dreamorosi dreamorosi mentioned this pull request Jan 30, 2024
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@am29d am29d am29d approved these changes

Assignees

@dreamorosi dreamorosi

Labels
automation This item relates to automation size/S PR between 10-29 LOC
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Maintenance: review and restore PR automation
2 participants
@dreamorosi @am29d