ci : fine-grant permission (#9710)
This commit is contained in:
Xuan Son Nguyen
GitHub
parent
133c7b46b3
commit
f3fdcfaa79
4 changed files with 24 additions and 0 deletions
7
.github/workflows/nix-ci.yml
vendored
7
.github/workflows/nix-ci.yml
vendored
|
|
@ -12,6 +12,13 @@ concurrency:
|
|||
group: ${{ github.workflow }}-${{ github.head_ref && github.ref || github.run_id }}
|
||||
cancel-in-progress: true
|
||||
|
||||
# Fine-grant permission
|
||||
# https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token
|
||||
permissions:
|
||||
# https://github.com/DeterminateSystems/nix-installer-action?tab=readme-ov-file#with-flakehub
|
||||
id-token: write
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
nix-eval:
|
||||
strategy:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue