ivuorinen/.github
1
0
Fork 0
mirror of https://github.com/ivuorinen/.github.git synced 2026-01-26 03:13:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(ci): permissions and linting

Browse Source
This commit is contained in:
Ismo Vuorinen
2025-01-28 14:11:41 +02:00
parent e50d2a006f
commit cdcec7d39d
12 changed files with 14 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/renovate.json vendored
View File

@@ -1,4 +1,6 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": ["github>ivuorinen/renovate-config"]
"extends": [
"github>ivuorinen/renovate-config"
]
}

6
.github/workflows/composer-install.yml vendored
View File

@@ -8,17 +8,13 @@ on:
- "composer.json"
- "composer.lock"
permissions:
contents: read
packages: read
statuses: read
jobs:
ComposerInstall:
runs-on: ubuntu-latest
permissions:
contents: write
pacakges: read
statuses: write
strategy:

4
.github/workflows/compress-images.yml vendored
View File

@@ -8,10 +8,6 @@ on:
schedule:
- cron: "00 23 * * 0"
permissions:
contents: read
statuses: read
jobs:
CompressOnDemandOrSchedule:
name: calibreapp/image-actions

7
.github/workflows/dependency-review.yml vendored
View File

@@ -12,16 +12,13 @@ name: "Dependency Review"
on: [pull_request]
permissions:
contents: read
packages: read
statuses: read
jobs:
dependency-review:
runs-on: ubuntu-latest
permissions:
contents: read
packages: read
statuses: read
steps:
- name: "Checkout Repository"
uses: actions/checkout@v4

6
.github/workflows/laravel-phpunit.yml vendored
View File

@@ -7,17 +7,13 @@ on:
pull_request:
branches: [main]
permissions:
contents: read
packages: read
statuses: read
jobs:
laravel-tests:
runs-on: ubuntu-latest
permissions:
contents: write
packages: read
statuses: write
steps:

6
.github/workflows/pr-compress-images.yml vendored
View File

@@ -11,11 +11,6 @@ on:
- "**.png"
- "**.webp"
permissions:
contents: read
packages: read
statuses: read
jobs:
CompressInPR:
# Only run on Pull Requests within the same repository, and not from forks.
@@ -25,6 +20,7 @@ jobs:
permissions:
contents: write
packages: read
statuses: write
pull-requests: write

5
.github/workflows/pr-lint.yml vendored
View File

@@ -24,11 +24,6 @@ on:
pull_request:
branches: [master, main]
permissions:
contents: read
packages: read
statuses: read
###############
# Set the Job #
###############

6
.github/workflows/release-drafter.yml vendored
View File

@@ -4,11 +4,6 @@ name: Release Drafter
on:
workflow_call:
permissions:
contents: read
packages: read
statuses: read
jobs:
update_release_draft:
name: ✏️ Draft release
@@ -16,6 +11,7 @@ jobs:
permissions:
contents: write
statuses: write
packages: read
steps:
- name: 🚀 Run Release Drafter
uses: release-drafter/release-drafter@v6.1.0

8
.github/workflows/release-monthly.yaml vendored
View File

@@ -7,17 +7,15 @@ on:
schedule:
- cron: "0 0 1 * *" # 1st of every month at midnight
permissions:
contents: read
packages: read
statuses: read
jobs:
release:
name: Release
runs-on: ubuntu-latest
permissions:
contents: write
packages: read
statuses: read
steps:
- name: Checkout
uses: actions/checkout@v4

4
.github/workflows/reviewdog-linters.yml vendored
View File

@@ -3,10 +3,6 @@ name: Reviewdog Linters
on: [pull_request]
permissions:
contents: read
statuses: read
jobs:
linters:
name: Linters

4
.github/workflows/sync-labels-to-own-projects.yml vendored
View File

@@ -12,10 +12,6 @@ on:
schedule:
- cron: "0 0 * * *" # Every day at midnight
permissions:
contents: read
statuses: read
jobs:
sync-labels:
runs-on: ubuntu-latest

6
.github/workflows/sync-labels.yml vendored
View File

@@ -13,16 +13,14 @@ on:
workflow_call:
workflow_dispatch:
permissions:
contents: read
statuses: read
jobs:
labels:
name: ♻️ Sync labels
runs-on: ubuntu-latest
permissions:
issues: write
contents: read
statuses: read
steps:
- name: ⤵️ Download latest labels definitions
run: |