Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Harden security of GitHub Actions CI/CD #202

Merged
merged 4 commits into from
Oct 23, 2021
Merged

Harden security of GitHub Actions CI/CD #202

merged 4 commits into from
Oct 23, 2021

Commits on Oct 23, 2021

  1. restrict permissions for GitHub actions 

    This commit introduces two changes. First, the actions are changed to only have
read access to repositories. Second, we specify that GitHub should not persist
the authorization token for write access to a repository on disk (see the
option `persist-credentials: false`).
    Vincent Mutolo committed Oct 23, 2021
    Configuration menu
    Copy the full SHA
    7a17d85 View commit details
    Browse the repository at this point in the history

  2. pin action versions by SHA1 instead of git tag

    Vincent Mutolo committed Oct 23, 2021
    Configuration menu
    Copy the full SHA
    78ac7fb View commit details
    Browse the repository at this point in the history

  3. remove codecov token 

    It shouldn't be necessary for public repositories.
    Vincent Mutolo committed Oct 23, 2021
    Configuration menu
    Copy the full SHA
    4e4a584 View commit details
    Browse the repository at this point in the history

  4. update git tags for GitHub actions

    Vince Mutolo committed Oct 23, 2021
    Configuration menu
    Copy the full SHA
    1423d6c View commit details
    Browse the repository at this point in the history