mirror of
https://github.com/cisagov/manage.get.gov.git
synced 2025-07-23 11:16:07 +02:00
Merge pull request #3086 from cisagov/ms/2999-update-workflow-permissions
#3003: remove monitor and add specific permissions
This commit is contained in:
Matt-Spence
GitHub
commit
08ad55a5a9
10 changed files with 4 additions and 12 deletions
1
.github/workflows/clone-db.yaml
vendored
1
.github/workflows/clone-db.yaml
vendored
|
|
@ -27,7 +27,6 @@ jobs:
|
|||
CF_USERNAME: ${{ secrets.CF_STAGING_USERNAME }}
|
||||
CF_PASSWORD: ${{ secrets.CF_STAGING_PASSWORD }}
|
||||
steps:
|
||||
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
|
||||
- name: Clone Database
|
||||
run: |
|
||||
# install cf cli and other tools
|
||||
|
|
|
|||
1
.github/workflows/createcachetable.yaml
vendored
1
.github/workflows/createcachetable.yaml
vendored
|
|
@ -37,7 +37,6 @@ jobs:
|
|||
CF_USERNAME: CF_${{ github.event.inputs.environment }}_USERNAME
|
||||
CF_PASSWORD: CF_${{ github.event.inputs.environment }}_PASSWORD
|
||||
steps:
|
||||
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
|
||||
- name: Create cache table for ${{ github.event.inputs.environment }}
|
||||
uses: cloud-gov/cg-cli-tools@main
|
||||
with:
|
||||
|
|
|
|||
1
.github/workflows/daily-csv-upload.yaml
vendored
1
.github/workflows/daily-csv-upload.yaml
vendored
|
|
@ -13,7 +13,6 @@ jobs:
|
|||
CF_USERNAME: CF_${{ secrets.CF_REPORT_ENV }}_USERNAME
|
||||
CF_PASSWORD: CF_${{ secrets.CF_REPORT_ENV }}_PASSWORD
|
||||
steps:
|
||||
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
|
||||
- name: Generate current-federal.csv
|
||||
uses: cloud-gov/cg-cli-tools@main
|
||||
with:
|
||||
|
|
|
|||
1
.github/workflows/deploy-manual.yaml
vendored
1
.github/workflows/deploy-manual.yaml
vendored
|
|
@ -44,7 +44,6 @@ jobs:
|
|||
variables:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
|
||||
- name: Setting global variables
|
||||
uses: actions/github-script@v6
|
||||
id: var
|
||||
|
|
|
|||
3
.github/workflows/deploy-sandbox.yaml
vendored
3
.github/workflows/deploy-sandbox.yaml
vendored
|
|
@ -35,7 +35,6 @@ jobs:
|
|||
environment: ${{ steps.var.outputs.environment}}
|
||||
runs-on: "ubuntu-latest"
|
||||
steps:
|
||||
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
|
||||
- name: Setting global variables
|
||||
uses: actions/github-script@v6
|
||||
id: var
|
||||
|
|
@ -72,6 +71,8 @@ jobs:
|
|||
comment:
|
||||
runs-on: ubuntu-latest
|
||||
needs: [variables, deploy]
|
||||
permissions:
|
||||
issues: write
|
||||
steps:
|
||||
- uses: actions/github-script@v6
|
||||
env:
|
||||
|
|
|
|||
3
.github/workflows/issue-label-notifier.yaml
vendored
3
.github/workflows/issue-label-notifier.yaml
vendored
|
|
@ -9,8 +9,9 @@ on:
|
|||
jobs:
|
||||
notify:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
issues: write
|
||||
steps:
|
||||
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
|
||||
- uses: jenschelkopf/issue-label-notification-action@1.3
|
||||
with:
|
||||
recipients: |
|
||||
|
|
|
|||
1
.github/workflows/migrate.yaml
vendored
1
.github/workflows/migrate.yaml
vendored
|
|
@ -45,7 +45,6 @@ jobs:
|
|||
CF_USERNAME: CF_${{ github.event.inputs.environment }}_USERNAME
|
||||
CF_PASSWORD: CF_${{ github.event.inputs.environment }}_PASSWORD
|
||||
steps:
|
||||
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
|
||||
- name: Run Django migrations for ${{ github.event.inputs.environment }}
|
||||
uses: cloud-gov/cg-cli-tools@main
|
||||
with:
|
||||
|
|
|
|||
1
.github/workflows/reset-db.yaml
vendored
1
.github/workflows/reset-db.yaml
vendored
|
|
@ -45,7 +45,6 @@ jobs:
|
|||
CF_USERNAME: CF_${{ github.event.inputs.environment }}_USERNAME
|
||||
CF_PASSWORD: CF_${{ github.event.inputs.environment }}_PASSWORD
|
||||
steps:
|
||||
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
|
||||
- name: Delete existing data for ${{ github.event.inputs.environment }}
|
||||
uses: cloud-gov/cg-cli-tools@main
|
||||
with:
|
||||
|
|
|
|||
1
.github/workflows/security-check.yaml
vendored
1
.github/workflows/security-check.yaml
vendored
|
|
@ -54,7 +54,6 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
|
||||
- name: Check out
|
||||
uses: actions/checkout@v3
|
||||
- name: MockUserLogin should not be in settings.MIDDLEWARE
|
||||
|
|
|
|||
3
.github/workflows/test.yaml
vendored
3
.github/workflows/test.yaml
vendored
|
|
@ -21,7 +21,6 @@ jobs:
|
|||
python-linting:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Linting
|
||||
|
|
@ -33,7 +32,6 @@ jobs:
|
|||
python-test:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Unit tests
|
||||
|
|
@ -43,7 +41,6 @@ jobs:
|
|||
django-migrations-complete:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Check for complete migrations
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue