mirror of
https://gitea.com/Lydanne/buildx.git
synced 2025-05-28 16:37:43 +08:00
b1a13bb740
make the OpenSSF scorecard slightly happier; https://securityscorecards.dev/viewer/?uri=github.com/docker/buildx Warn: no topLevel permission defined: .github/workflows/build.yml:1 Warn: topLevel 'security-events' permission set to 'write': .github/workflows/codeql.yml:13 Warn: no topLevel permission defined: .github/workflows/docs-release.yml:1 Warn: no topLevel permission defined: .github/workflows/docs-upstream.yml:1 Warn: no topLevel permission defined: .github/workflows/e2e.yml:1 Warn: no topLevel permission defined: .github/workflows/labeler.yml:1 Warn: no topLevel permission defined: .github/workflows/validate.yml:1 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
31 lines
662 B
YAML
31 lines
662 B
YAML
name: labeler
|
|
|
|
# Default to 'contents: read', which grants actions to read commits.
|
|
#
|
|
# If any permission is set, any permission not included in the list is
|
|
# implicitly set to "none".
|
|
#
|
|
# see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
|
|
permissions:
|
|
contents: read
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
on:
|
|
pull_request_target:
|
|
|
|
jobs:
|
|
labeler:
|
|
permissions:
|
|
contents: read
|
|
pull-requests: write
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
-
|
|
name: Run
|
|
uses: actions/labeler@v5
|
|
with:
|
|
sync-labels: true
|