Commit Graph

3 Commits

Author SHA1 Message Date
stevenhorsman
f79e453313 workflows: Tighten up workflow permissions
Since the previous tightening a few workflow updates have
gone in and the zizmor job isn't flagging them as issues,
so address this to remove potential attack vectors

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
2025-08-22 14:13:21 +01:00
stevenhorsman
a7e27b9b68 workflow: Fix osv-scanner action
- The github generated template had an old version which
isn't valid for the pr-scan, so update to the latest
- The action needs also `actions: read` and `contents:read` to run in kata-containers

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
2025-07-17 17:29:35 +01:00
stevenhorsman
1a75c12651 workflow: Add osv-scanner action
Add action to check for vulnerabilities in the project and
on each PR

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
2025-07-17 16:41:56 +01:00