mirror of
https://github.com/fleetdm/fleet
synced 2026-05-22 00:18:27 +00:00
e6c6b7e840
* Added explicit read permissions + tweaked permissions As a part of #4698 - this should fix the remaining warnings we get from the OSSF scorecard in relation to github workflows. They now all have explicit read permissions with more granular permissions granted in jobs. * Update tfsec.yml New workflow that I had not fixed in this PR.
23 lines
No EOL
571 B
YAML
23 lines
No EOL
571 B
YAML
name: release-helm
|
|
on:
|
|
release:
|
|
types: [released] # don't trigger on pre-releases
|
|
workflow_dispatch: # allow manual trigger
|
|
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
publish-chart:
|
|
permissions:
|
|
contents: write # to push helm charts
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- uses: actions/checkout@629c2de402a417ea7690ca6ce3f33229e27606a5 # v2
|
|
- uses: stefanprodan/helm-gh-pages@f1701eb82e4d4b82016e7965501c8b6d79feaec9
|
|
with:
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
charts_dir: charts
|
|
target_dir: charts
|
|
linting: off |