Harden GITHUB_TOKEN permissions

Signed-off-by: Craig Ingram <cjingram@google.com>
2022-11-01 10:56:38 -04:00
parent 8167751f56
commit a270d6e8ae
11 changed files with 48 additions and 1 deletions
--- a/.github/workflows/nightly.yml
+++ b/.github/workflows/nightly.yml
@@ -9,6 +9,9 @@ on:
 env:
  GO_VERSION: '1.19.2'

+permissions:  # added using https://github.com/step-security/secure-workflows
+  contents: read
+
 jobs:
  linux:
    name: Linux