Skip to content

Commit

Permalink
Expand workflow permissions directly into job definitions
Browse files Browse the repository at this point in the history
  • Loading branch information
@BenjaminPelletier
BenjaminPelletier committed Jan 16, 2025
1 parent 472d64d commit f8c788f
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 4 deletions.
29 changes: 29 additions & 0 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ on:
jobs:
hygiene-tests:
name: Repository hygiene
# https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#permissions
permissions:
contents: read
runs-on: ubuntu-latest
Expand Down Expand Up @@ -34,6 +35,8 @@ jobs:

mock_uss-test:
name: mock_uss tests
permissions:
contents: read
uses: ./.github/workflows/monitoring-test.yml
with:
name: mock_uss
Expand All @@ -43,6 +46,8 @@ jobs:
uss_qualifier-noop-test:
name: uss_qualifier configurations.dev.noop tests
permissions:
contents: read
uses: ./.github/workflows/monitoring-test.yml
with:
name: uss_qualifier-noop-test
Expand All @@ -54,6 +59,8 @@ jobs:
uss_qualifier-geoawareness_cis-test:
name: uss_qualifier configurations.dev.geoawareness_cis tests
permissions:
contents: read
uses: ./.github/workflows/monitoring-test.yml
with:
name: uss_qualifier-geoawareness_cis-test
Expand All @@ -65,6 +72,8 @@ jobs:
uss_qualifier-generate_rid_test_data-test:
name: uss_qualifier configurations.dev.generate_rid_test_data tests
permissions:
contents: read
uses: ./.github/workflows/monitoring-test.yml
with:
name: uss_qualifier-generate_rid_test_data-test
Expand All @@ -76,6 +85,8 @@ jobs:
uss_qualifier-geospatial_comprehension-test:
name: uss_qualifier configurations.dev.geospatial_comprehension tests
permissions:
contents: read
uses: ./.github/workflows/monitoring-test.yml
with:
name: uss_qualifier-geospatial_comprehension-test
Expand All @@ -87,6 +98,8 @@ jobs:
uss_qualifier-general_flight_auth-test:
name: uss_qualifier configurations.dev.general_flight_auth tests
permissions:
contents: read
uses: ./.github/workflows/monitoring-test.yml
with:
name: uss_qualifier-general_flight_auth-test
Expand All @@ -98,6 +111,8 @@ jobs:
uss_qualifier-message_signing-test:
name: uss_qualifier configurations.dev.message_signing tests
permissions:
contents: read
uses: ./.github/workflows/monitoring-test.yml
with:
name: uss_qualifier-message_signing-test
Expand All @@ -109,6 +124,8 @@ jobs:
uss_qualifier-dss_probing-test:
name: uss_qualifier configurations.dev.dss_probing tests
permissions:
contents: read
uses: ./.github/workflows/monitoring-test.yml
with:
name: uss_qualifier-dss_probing-test
Expand All @@ -120,6 +137,8 @@ jobs:
uss_qualifier-f3548_self_contained-test:
name: uss_qualifier configurations.dev.f3548_self_contained tests
permissions:
contents: read
uses: ./.github/workflows/monitoring-test.yml
with:
name: uss_qualifier-f3548_self_contained-test
Expand All @@ -131,6 +150,8 @@ jobs:
uss_qualifier-utm_implementation_us-test:
name: uss_qualifier configurations.dev.utm_implementation_us tests
permissions:
contents: read
uses: ./.github/workflows/monitoring-test.yml
with:
name: uss_qualifier-utm_implementation_us-test
Expand All @@ -142,6 +163,8 @@ jobs:
uss_qualifier-netrid_v22a-test:
name: uss_qualifier configurations.dev.netrid_v22a tests
permissions:
contents: read
uses: ./.github/workflows/monitoring-test.yml
with:
name: uss_qualifier-netrid_v22a-test
Expand All @@ -153,6 +176,8 @@ jobs:
uss_qualifier-netrid_v19-test:
name: uss_qualifier configurations.dev.netrid_v19 tests
permissions:
contents: read
uses: ./.github/workflows/monitoring-test.yml
with:
name: uss_qualifier-netrid_v19-test
Expand All @@ -164,6 +189,8 @@ jobs:
uss_qualifier-uspace-test:
name: uss_qualifier configurations.dev.uspace tests
permissions:
contents: read
uses: ./.github/workflows/monitoring-test.yml
with:
name: uss_qualifier-uspace-test
Expand All @@ -175,6 +202,8 @@ jobs:
prober-test:
name: prober tests
permissions:
contents: read
uses: ./.github/workflows/monitoring-test.yml
with:
name: prober
Expand Down
4 changes: 0 additions & 4 deletions .github/workflows/monitoring-test.yml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,5 @@
name: 'Run a monitoring test (re-usable workflow)'

# https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#permissions
permissions:
contents: read

on:
workflow_call:
inputs:
Expand Down

0 comments on commit f8c788f

Please sign in to comment.