github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2026-04-02 10:02:12 +00:00
Code Issues Projects Releases Wiki Activity
Files
1d73b2f0a91e59bf67c9def03b0e31da2d446c79
falco/.github/workflows
History
Leonardo Di Giovanna 1d73b2f0a9 ci: restore minimum set of required permissions 
Commit #8171176 reduced workflow permissions and only allowed read
accesses to repo content. However, some workflows require write
permissions for token-id and attestations: these requirements resulted
in both master and release CIs being broken in the last month.

While still applying least privilege principle, this patch restores
the minimum set of required ones.

Signed-off-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com>
2026-04-01 11:28:39 +02:00
..
bump-libs.yaml
ci: add top-level permissions to workflow files
2026-03-11 18:05:08 +01:00
ci.yml
Revert "fix(.github): ghcr.io rate-limit mitigation"
2025-12-12 13:08:39 +01:00
codeql.yaml
chore!: drop gRPC output and server support
2026-02-05 17:21:54 +01:00
codespell.yml
made required changes
2024-09-04 22:00:06 +02:00
engine-version-weakcheck.yaml
fixed the token-permission and pinned-dependencies issue
2024-09-04 22:00:06 +02:00
format.yaml
ci: add top-level permissions to workflow files
2026-03-11 18:05:08 +01:00
insecure-api.yaml
ci(insecure-api): update semgrep docker image
2024-09-09 15:03:24 +02:00
master.yaml
ci: restore minimum set of required permissions
2026-04-01 11:28:39 +02:00
release.yaml
ci: restore minimum set of required permissions
2026-04-01 11:28:39 +02:00
reusable_build_dev.yaml
chore!: drop gRPC output and server support
2026-02-05 17:21:54 +01:00
reusable_build_docker.yaml
chore: adds labels to falco-debian, driver-loader and driver-loader-buster
2025-08-11 10:46:35 +02:00
reusable_build_packages.yaml
chore!: drop legacy BPF probe
2026-02-05 13:15:54 +01:00
reusable_fetch_version.yaml
fixed the token-permission and pinned-dependencies issue
2024-09-04 22:00:06 +02:00
reusable_publish_docker.yaml
fix(ci): fixed reusable_build/publish_docker workflows.
2025-01-21 11:37:59 +01:00
reusable_publish_packages.yaml
fix: consolidate RPM signing logic into publish-rpm
2026-01-19 16:36:17 +01:00
reusable_test_packages.yaml
Revert "fix(.github): ghcr.io rate-limit mitigation"
2025-12-12 13:08:39 +01:00
scorecard.yaml
chore(ci): bumped actions/upload-download-artifact.
2025-01-17 10:01:32 +01:00
staticanalysis.yaml
chore!: drop legacy BPF probe
2026-02-05 13:15:54 +01:00