diff --git a/.github/workflows/build-almalinux9-cxx-image.yml b/.github/workflows/build-almalinux9-cxx-image.yml index 5b85192..cb4be60 100644 --- a/.github/workflows/build-almalinux9-cxx-image.yml +++ b/.github/workflows/build-almalinux9-cxx-image.yml @@ -19,9 +19,15 @@ defaults: run: shell: bash +permissions: + contents: read + jobs: build-almalinux9-image: runs-on: ubuntu-latest + permissions: + contents: read + packages: write steps: - name: Checkout uses: actions/checkout@v4 diff --git a/.github/workflows/build-centos7-cxx-image.yml b/.github/workflows/build-centos7-cxx-image.yml index 2fa3a4f..6ff2934 100644 --- a/.github/workflows/build-centos7-cxx-image.yml +++ b/.github/workflows/build-centos7-cxx-image.yml @@ -19,9 +19,15 @@ defaults: run: shell: bash +permissions: + contents: read + jobs: build-centos7-image: runs-on: ubuntu-latest + permissions: + contents: read + packages: write steps: - name: Checkout uses: actions/checkout@v4 diff --git a/.github/workflows/build-cxx-ubuntu-images.yml b/.github/workflows/build-cxx-ubuntu-images.yml index 9b1d82b..13a7d55 100644 --- a/.github/workflows/build-cxx-ubuntu-images.yml +++ b/.github/workflows/build-cxx-ubuntu-images.yml @@ -25,6 +25,10 @@ defaults: run: shell: bash +permissions: + contents: read + packages: write + jobs: build-dockerfile: runs-on: ubuntu-latest diff --git a/.github/workflows/build-modle-ci-ubuntu-images.yml b/.github/workflows/build-modle-ci-ubuntu-images.yml index ef121b3..2d54f8f 100644 --- a/.github/workflows/build-modle-ci-ubuntu-images.yml +++ b/.github/workflows/build-modle-ci-ubuntu-images.yml @@ -22,6 +22,9 @@ defaults: run: shell: bash +permissions: + contents: read + jobs: build-ubuntu-image: runs-on: ubuntu-latest @@ -29,6 +32,10 @@ jobs: github.event_name != 'workflow_run' || github.event.workflow_run.conclusion == 'success' + permissions: + contents: read + packages: write + strategy: fail-fast: false matrix: