mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Code Activity

adding permissions in jobs (#2924)

Browse source 
Signed-off-by: Namanl2001 <namanlakhwani@gmail.com>
This commit is contained in:
Naman Lakhwani 2022-01-07 01:05:45 +05:30 committed by GitHub
parent 2f8bfc78b1
commit 68c8790139
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
.github/workflows/image.yaml vendored
View file

@ -7,6 +7,10 @@ on:
jobs:
push-init-kyverno:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout
uses: actions/checkout@v2
@ -22,7 +26,7 @@ jobs:
- name: Install Cosign
uses: sigstore/cosign-installer@main
with:
cosign-release: 'v1.2.1'
cosign-release: 'v1.4.0'
- name: login to GitHub Container Registry
run: echo ${{ secrets.CR_PAT }} | docker login ghcr.io -u ${{ github.repository_owner }} --password-stdin
@ -55,6 +59,10 @@ jobs:
push-kyverno:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout
uses: actions/checkout@v2
@ -70,7 +78,7 @@ jobs:
- name: Install Cosign
uses: sigstore/cosign-installer@main
with:
cosign-release: 'v1.2.1'
cosign-release: 'v1.4.0'
- name: login to GitHub Container Registry
run: echo ${{ secrets.CR_PAT }} | docker login ghcr.io -u ${{ github.repository_owner }} --password-stdin
@ -102,6 +110,10 @@ jobs:
push-kyverno-cli:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout
uses: actions/checkout@v2
@ -117,7 +129,7 @@ jobs:
- name: Install Cosign
uses: sigstore/cosign-installer@main
with:
cosign-release: 'v1.2.1'
cosign-release: 'v1.4.0'
- name: login to GitHub Container Registry
run: echo ${{ secrets.CR_PAT }} | docker login ghcr.io -u ${{ github.repository_owner }} --password-stdin