Skip to content

Commit

Permalink
fixed permissions
Browse files Browse the repository at this point in the history
  • Loading branch information
mrmoonl1ght94 committed Jan 23, 2024
1 parent 73aa34f commit fb047df
Show file tree
Hide file tree
Showing 16 changed files with 30 additions and 74 deletions.
6 changes: 2 additions & 4 deletions .github/workflows/branch-deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,12 @@ on:

pull_request:
types: ['labeled']
permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read
jobs:
build:
if: ${{ github.event.label.name == 'status/feature_testing' || github.event.label.name == 'status/feature_testing_public' }}
runs-on: ubuntu-latest
permissions: # TODO remove when public
contents: read
steps:
- uses: actions/checkout@v4
with:
Expand Down
6 changes: 2 additions & 4 deletions .github/workflows/branch-remove.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,11 @@ on:
workflow_dispatch:
pull_request:
types: ['unlabeled', 'closed']
permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read
jobs:
remove:
runs-on: ubuntu-latest
permissions: # TODO remove when public
contents: read
if: ${{ (github.event.label.name == 'status/feature_testing' || github.event.label.name == 'status/feature_testing_public') || (github.event.action == 'closed' && (contains(github.event.pull_request.labels.*.name, 'status/feature_testing') || contains(github.event.pull_request.labels.*.name, 'status/feature_testing_public'))) }}
steps:
- uses: actions/checkout@v4
Expand Down
6 changes: 2 additions & 4 deletions .github/workflows/build-public-image.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,12 @@ on:
workflow_dispatch:
pull_request:
types: ['labeled']
permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read
jobs:
build:
if: ${{ github.event.label.name == 'status/image_testing' }}
runs-on: ubuntu-latest
permissions: # TODO remove when public
contents: read
steps:
- uses: actions/checkout@v4
with:
Expand Down
8 changes: 2 additions & 6 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,16 +25,12 @@ on:
schedule:
- cron: '39 15 * * 6'

permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read

jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest

permissions: # TODO remove when public
contents: read
strategy:
fail-fast: false
matrix:
Expand Down
7 changes: 2 additions & 5 deletions .github/workflows/cve.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,12 @@ on:
schedule:
# * is a special character in YAML so you have to quote this string
- cron: '0 8 15 * *'

permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read

jobs:
build-and-test:
runs-on: ubuntu-latest
permissions: # TODO remove when public
contents: read
steps:
- uses: actions/checkout@v4
with:
Expand Down
7 changes: 2 additions & 5 deletions .github/workflows/documentation.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,14 +9,11 @@ on:
paths:
- '**.md'

permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read

jobs:
build-and-test:
runs-on: ubuntu-latest
permissions: # TODO remove when public
contents: read
steps:
- uses: actions/checkout@v4
with:
Expand Down
7 changes: 2 additions & 5 deletions .github/workflows/e2e-automation.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,15 +15,12 @@ on:
description: 'Set Qase token to enable integration'
required: false
type: string

permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read

jobs:
build-and-test:
runs-on: ubuntu-latest
permissions: # TODO remove when public
contents: read
steps:
- uses: actions/checkout@v4
with:
Expand Down
2 changes: 0 additions & 2 deletions .github/workflows/e2e-checks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,6 @@ on:
- "pom.xml"
permissions: # TODO remove when public
statuses: write
checks: write
pull-requests: write
contents: read
jobs:
build-and-test:
Expand Down
7 changes: 2 additions & 5 deletions .github/workflows/e2e-manual.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,15 +14,12 @@ on:
description: 'Set Qase token to enable integration'
required: true
type: string

permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read

jobs:
build-and-test:
runs-on: ubuntu-latest
permissions: # TODO remove when public
contents: read
steps:
- uses: actions/checkout@v4
with:
Expand Down
7 changes: 2 additions & 5 deletions .github/workflows/e2e-weekly.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,11 @@ on:
schedule:
- cron: '0 1 * * 1'

permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read

jobs:
build-and-test:
runs-on: ubuntu-latest
permissions: # TODO remove when public
contents: read
steps:
- uses: actions/checkout@v4
with:
Expand Down
6 changes: 2 additions & 4 deletions .github/workflows/frontend.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,17 +8,15 @@ on:
paths:
- "kafka-ui-contract/**"
- "kafka-ui-react-app/**"
permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read

jobs:
build-and-test:
env:
CI: true
NODE_ENV: dev
runs-on: ubuntu-latest
permissions: # TODO remove when public
contents: read
steps:
- uses: actions/checkout@v4
with:
Expand Down
7 changes: 2 additions & 5 deletions .github/workflows/master.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,12 @@ on:
workflow_dispatch:
push:
branches: [ "main" ]

permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read

jobs:
build:
runs-on: ubuntu-latest
permissions: # TODO remove when public
contents: read
steps:
- uses: actions/checkout@v4
with:
Expand Down
7 changes: 2 additions & 5 deletions .github/workflows/release-serde-api.yaml
Original file line number Diff line number Diff line change
@@ -1,14 +1,11 @@
name: "Infra: Release: Serde API"
on: workflow_dispatch

permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read

jobs:
release-serde-api:
runs-on: ubuntu-latest
permissions: # TODO remove when public
contents: read
steps:
- uses: actions/checkout@v4
with:
Expand Down
7 changes: 2 additions & 5 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,11 @@ on:
release:
types: [published]

permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read

jobs:
release:
runs-on: ubuntu-latest
permissions: # TODO remove when public
contents: read
outputs:
version: ${{steps.build.outputs.version}}
steps:
Expand Down
7 changes: 2 additions & 5 deletions .github/workflows/separate_env_public_create.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,11 @@ on:
required: true
default: 'demo'

permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read

jobs:
build:
runs-on: ubuntu-latest
permissions: # TODO remove when public
contents: read
steps:
- uses: actions/checkout@v4
with:
Expand Down
7 changes: 2 additions & 5 deletions .github/workflows/workflow_linter.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,14 +9,11 @@ on:
paths:
- ".github/workflows/**"

permissions: # TODO remove when public
checks: write
pull-requests: write
contents: read

jobs:
build-and-test:
runs-on: ubuntu-latest
permissions: # TODO remove when public
contents: read
steps:
- uses: actions/checkout@v4
with:
Expand Down

0 comments on commit fb047df

Please sign in to comment.