zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-07-22 18:56:15 +02:00
Code Issues Projects Releases Packages Wiki Activity

remove monitor and add specific permissions

Browse source
This commit is contained in:
Matthew Spence 2024-11-15 09:57:14 -06:00
parent a872893d00
commit a88b5bf635
No known key found for this signature in database
10 changed files with 5 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.github/workflows/clone-db.yaml vendored
View file

@ -27,7 +27,6 @@ jobs:
CF_USERNAME: ${{ secrets.CF_STAGING_USERNAME }} CF_USERNAME: ${{ secrets.CF_STAGING_USERNAME }}
CF_PASSWORD: ${{ secrets.CF_STAGING_PASSWORD }} CF_PASSWORD: ${{ secrets.CF_STAGING_PASSWORD }}
steps: steps:
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
- name: Clone Database - name: Clone Database
run: | run: |
# install cf cli and other tools # install cf cli and other tools

1
.github/workflows/createcachetable.yaml vendored
View file

@ -37,7 +37,6 @@ jobs:
CF_USERNAME: CF_${{ github.event.inputs.environment }}_USERNAME CF_USERNAME: CF_${{ github.event.inputs.environment }}_USERNAME
CF_PASSWORD: CF_${{ github.event.inputs.environment }}_PASSWORD CF_PASSWORD: CF_${{ github.event.inputs.environment }}_PASSWORD
steps: steps:
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
- name: Create cache table for ${{ github.event.inputs.environment }} - name: Create cache table for ${{ github.event.inputs.environment }}
uses: cloud-gov/cg-cli-tools@main uses: cloud-gov/cg-cli-tools@main
with: with:

1
.github/workflows/daily-csv-upload.yaml vendored
View file

@ -13,7 +13,6 @@ jobs:
CF_USERNAME: CF_${{ secrets.CF_REPORT_ENV }}_USERNAME CF_USERNAME: CF_${{ secrets.CF_REPORT_ENV }}_USERNAME
CF_PASSWORD: CF_${{ secrets.CF_REPORT_ENV }}_PASSWORD CF_PASSWORD: CF_${{ secrets.CF_REPORT_ENV }}_PASSWORD
steps: steps:
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
- name: Generate current-federal.csv - name: Generate current-federal.csv
uses: cloud-gov/cg-cli-tools@main uses: cloud-gov/cg-cli-tools@main
with: with:

1
.github/workflows/deploy-manual.yaml vendored
View file

@ -44,7 +44,6 @@ jobs:
variables: variables:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
- name: Setting global variables - name: Setting global variables
uses: actions/github-script@v6 uses: actions/github-script@v6
id: var id: var

3
.github/workflows/deploy-sandbox.yaml vendored
View file

@ -35,7 +35,6 @@ jobs:
environment: ${{ steps.var.outputs.environment}} environment: ${{ steps.var.outputs.environment}}
runs-on: "ubuntu-latest" runs-on: "ubuntu-latest"
steps: steps:
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
- name: Setting global variables - name: Setting global variables
uses: actions/github-script@v6 uses: actions/github-script@v6
id: var id: var
@ -72,6 +71,8 @@ jobs:
comment: comment:
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: [variables, deploy] needs: [variables, deploy]
permissions:
issues: write
steps: steps:
- uses: actions/github-script@v6 - uses: actions/github-script@v6
env: env:

3
.github/workflows/issue-label-notifier.yaml vendored
View file

@ -9,8 +9,9 @@ on:
jobs: jobs:
notify: notify:
runs-on: ubuntu-latest runs-on: ubuntu-latest
permissions:
issues: write
steps: steps:
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
- uses: jenschelkopf/issue-label-notification-action@1.3 - uses: jenschelkopf/issue-label-notification-action@1.3
with: with:
recipients: | recipients: |

1
.github/workflows/migrate.yaml vendored
View file

@ -45,7 +45,6 @@ jobs:
CF_USERNAME: CF_${{ github.event.inputs.environment }}_USERNAME CF_USERNAME: CF_${{ github.event.inputs.environment }}_USERNAME
CF_PASSWORD: CF_${{ github.event.inputs.environment }}_PASSWORD CF_PASSWORD: CF_${{ github.event.inputs.environment }}_PASSWORD
steps: steps:
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
- name: Run Django migrations for ${{ github.event.inputs.environment }} - name: Run Django migrations for ${{ github.event.inputs.environment }}
uses: cloud-gov/cg-cli-tools@main uses: cloud-gov/cg-cli-tools@main
with: with:

3
.github/workflows/reset-db.yaml vendored
View file

@ -45,8 +45,7 @@ jobs:
CF_USERNAME: CF_${{ github.event.inputs.environment }}_USERNAME CF_USERNAME: CF_${{ github.event.inputs.environment }}_USERNAME
CF_PASSWORD: CF_${{ github.event.inputs.environment }}_PASSWORD CF_PASSWORD: CF_${{ github.event.inputs.environment }}_PASSWORD
steps: steps:
- uses: GitHubSecurityLab/actions-permissions/monitor@v1 ] - name: Delete existing data for ${{ github.event.inputs.environment }}
- name: Delete existing data for ${{ github.event.inputs.environment }}
uses: cloud-gov/cg-cli-tools@main uses: cloud-gov/cg-cli-tools@main
with: with:
cf_username: ${{ secrets[env.CF_USERNAME] }} cf_username: ${{ secrets[env.CF_USERNAME] }}

1
.github/workflows/security-check.yaml vendored
View file

@ -54,7 +54,6 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
- name: Check out - name: Check out
uses: actions/checkout@v3 uses: actions/checkout@v3
- name: MockUserLogin should not be in settings.MIDDLEWARE - name: MockUserLogin should not be in settings.MIDDLEWARE

3
.github/workflows/test.yaml vendored
View file

@ -21,7 +21,6 @@ jobs:
python-linting: python-linting:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- name: Linting - name: Linting
@ -33,7 +32,6 @@ jobs:
python-test: python-test:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- name: Unit tests - name: Unit tests
@ -43,7 +41,6 @@ jobs:
django-migrations-complete: django-migrations-complete:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: GitHubSecurityLab/actions-permissions/monitor@v1
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- name: Check for complete migrations - name: Check for complete migrations