GitHub Workflows security hardening (#1711)

* build: harden docker.yml permissions Signed-off-by: Alex <aleksandrosansan@gmail.com> * build: harden workflow.yml permissions Signed-off-by: Alex <aleksandrosansan@gmail.com> Signed-off-by: Alex <aleksandrosansan@gmail.com>
2 years ago · 02d5cf297b
parent 80c0edc232
commit 02d5cf297b
2 changed files with 6 additions and 0 deletions
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@ -7,6 +7,9 @@ on:
  workflow_dispatch:


+permissions:
+  contents: read # to fetch code (actions/checkout)
+
 jobs:
  push:
    if: github.repository == 'rq/rq'
--- a/.github/workflows/workflow.yml
+++ b/.github/workflows/workflow.yml
@ -6,6 +6,9 @@ on:
  pull_request:
    branches: [ master ]

+permissions:
+  contents: read # to fetch code (actions/checkout)
+
 jobs:
  build:
    name: Python${{ matrix.python-version }}/Redis${{ matrix.redis-version }}/redis-py${{ matrix.redis-py-version }}