mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Code Activity

fix: token permissions on report vulns workflow (#7611)

Browse source 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
Charles-Edouard Brétéché 2023-06-20 22:01:16 +02:00 committed by GitHub
parent 4ff276c2d6
commit d8951d4a95
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
.github/workflows/report-on-vulnerabilities.yaml vendored
View file

@ -1,11 +1,16 @@
name: report-on-vulnerabilities name: report-on-vulnerabilities
on: on:
workflow_dispatch: {} workflow_dispatch: {}
schedule: schedule:
- cron: '23 2 * * *' # Every day at 02:23 - cron: '23 2 * * *' # Every day at 02:23
permissions: {}
env: env:
REGISTRY: ghcr.io REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }} IMAGE_NAME: ${{ github.repository }}
jobs: jobs:
scan: scan:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
@ -48,6 +53,9 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: contains(needs.scan.outputs.results, 'SchemaVersion') if: contains(needs.scan.outputs.results, 'SchemaVersion')
needs: scan needs: scan
permissions:
contents: read
issues: write
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3