CI: Add `permissions` to GitHub Actions This change locks down the permissions of the access token in GitHub Actions to only allow reading the repository contents and nothing else. see https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token

commit: 89c9d0a169cba49882044e081827971ba0b271cb [log] [tgz]
author: Tim Duesterhus <tim@bastelstu.be> Sat Oct 16 18:10:26 2021 +0200
committer: Willy Tarreau <w@1wt.eu> Mon Oct 18 07:17:04 2021 +0200
tree: fbd1277caeaf06d9a6c5d6a3ff8a07b20edeb522
parent: c5aa113d805aa31a59e3a26f5f656b1fa0d526d0 [diff] [blame]
diff --git a/.github/workflows/vtest.yml b/.github/workflows/vtest.yml
index 1dc216e..4cdbdce 100644
--- a/.github/workflows/vtest.yml
+++ b/.github/workflows/vtest.yml

@@ -11,6 +11,9 @@
 on:
   push:
 
+permissions:
+  contents: read
+
 jobs:
   # The generate-matrix job generates the build matrix using JSON output
   # generated by .github/matrix.py.
commit	89c9d0a169cba49882044e081827971ba0b271cb	[log] [tgz]
author	Tim Duesterhus <tim@bastelstu.be>	Sat Oct 16 18:10:26 2021 +0200
committer	Willy Tarreau <w@1wt.eu>	Mon Oct 18 07:17:04 2021 +0200
tree	fbd1277caeaf06d9a6c5d6a3ff8a07b20edeb522
parent	c5aa113d805aa31a59e3a26f5f656b1fa0d526d0 [diff] [blame]