Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🌱 [StepSecurity] ci: Harden GitHub Actions #305

Merged
merged 1 commit into from
Oct 31, 2023
Merged

🌱 [StepSecurity] ci: Harden GitHub Actions #305

merged 1 commit into from
Oct 31, 2023

Conversation

step-security-bot
Copy link
Contributor

Summary

This pull request is created by StepSecurity at the request of @zhujian7. Please merge the Pull Request to incorporate the requested changes. Please tag @zhujian7 on your message if you have any questions related to the PR.

Security Fixes

Least Privileged GitHub Actions Token Permissions

The GITHUB_TOKEN is an automatically generated secret to make authenticated calls to the GitHub API. GitHub recommends setting minimum token permissions for the GITHUB_TOKEN.

Feedback

For bug reports, feature requests, and general feedback; please email [email protected]. To create such PRs, please visit https://app.stepsecurity.io/securerepo.

Signed-off-by: StepSecurity Bot [email protected]

@openshift-ci openshift-ci bot requested review from deads2k and qiujian16 October 31, 2023 02:38
@zhujian7 zhujian7 changed the title [StepSecurity] ci: Harden GitHub Actions 🌱 [StepSecurity] ci: Harden GitHub Actions Oct 31, 2023
@codecov
Copy link

codecov bot commented Oct 31, 2023
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (49ffc36) 61.47% compared to head (033f4ba) 61.47%.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #305   +/-   ##
=======================================
  Coverage   61.47%   61.47%           
=======================================
  Files         132      132           
  Lines       13844    13844           
=======================================
  Hits         8510     8510           
+ Misses       4571     4570    -1     
- Partials      763      764    +1
Flag Coverage Δ
unit 61.47% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

see 1 file with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@zhujian7
Copy link
Member

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Oct 31, 2023
@qiujian16
Copy link
Member

/approve

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 31, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: qiujian16, step-security-bot

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot merged commit 05f1a2c into open-cluster-management-io:main Oct 31, 2023
12 of 13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@deads2k deads2k Awaiting requested review from deads2k

@qiujian16 qiujian16 Awaiting requested review from qiujian16

Assignees

@zhujian7 zhujian7

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@step-security-bot @zhujian7 @qiujian16