You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by po...@apache.org on 2021/07/18 11:20:18 UTC
[airflow] 01/29: Fix permissions for CodeQL workflows (#16660)
This is an automated email from the ASF dual-hosted git repository.
potiuk pushed a commit to branch v2-1-test
in repository https://gitbox.apache.org/repos/asf/airflow.git
commit 8c336c143d547776dca600453b1da58a318d11d6
Author: Jarek Potiuk <ja...@potiuk.com>
AuthorDate: Fri Jun 25 19:35:37 2021 +0200
Fix permissions for CodeQL workflows (#16660)
After limiting permissions, our CodeQL workflow started failing.
This is because it needs some extra permissions as explained in
the https://github.com/github/codeql-action/issues/464
This PR adds the required permissions.
(cherry picked from commit b8a9e9fba6737500bdcce920028ece87a31ab129)
---
.github/workflows/codeql-analysis.yml | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 096177a..6d6f4d0 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -67,7 +67,11 @@ jobs:
# Override automatic language detection by changing the below list
# Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
language: ['python', 'javascript']
-
+ permissions:
+ actions: read
+ contents: read
+ pull-requests: read
+ security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v2