Skip to content

[EngSys] Default all workflow perms to "content: read"#32388

Merged
mikeharder merged 5 commits intoAzure:mainfrom
mikeharder:github-permissions
Jan 29, 2025
Merged

[EngSys] Default all workflow perms to "content: read"#32388
mikeharder merged 5 commits intoAzure:mainfrom
mikeharder:github-permissions

Conversation

@mikeharder
Copy link
Member

@mikeharder mikeharder commented Jan 29, 2025
edited
Loading

  • Should have no real-world security impact
  • Follows principle of least-priviliges

https://github.com/Azure/azure-sdk-tools/wiki/GitHub-Actions-Design-Guidelines#default-permissions

@openapi-pipeline-app
Copy link

openapi-pipeline-app bot commented Jan 29, 2025
edited
Loading

Next Steps to Merge

Next steps that must be taken to merge this PR:
  • ❌ The required check named Protected Files has failed. Refer to the check in the PR's 'Checks' tab for details on how to fix it and consult the aka.ms/ci-fix guide

@openapi-pipeline-app
Copy link

openapi-pipeline-app bot commented Jan 29, 2025
edited
Loading

PR validation pipeline restarted successfully. If there is ApiView generated, it will be updated in this comment.

@mikeharder mikeharder marked this pull request as ready for review January 29, 2025 19:45
@mikeharder mikeharder changed the title [EngSys] Set permissions in all workflows [EngSys] Default all workflow perms to "content: read" Jan 29, 2025
@mikeharder mikeharder merged commit 3682aa5 into Azure:main Jan 29, 2025
44 of 46 checks passed
@mikeharder mikeharder deleted the github-permissions branch January 29, 2025 20:04
@mikeharder mikeharder self-assigned this Jan 29, 2025
markcowl pushed a commit to markcowl/azure-rest-api-specs that referenced this pull request Feb 6, 2025
@mikeharder @markcowl
[EngSys] Default all workflow perms to "content: read" (Azure#32388)
a860f0b 
- Should have no real-world security impact
- Follows principle of least-priviliges
najian pushed a commit to najian/azure-rest-api-specs that referenced this pull request Mar 4, 2025
@mikeharder
[EngSys] Default all workflow perms to "content: read" (Azure#32388)
7baabf4 
- Should have no real-world security impact
- Follows principle of least-priviliges
pjpatel12 pushed a commit to pjpatel12/azure-rest-api-specs that referenced this pull request Apr 29, 2025
@mikeharder @pjpatel12
[EngSys] Default all workflow perms to "content: read" (Azure#32388)
64c5b9b 
- Should have no real-world security impact
- Follows principle of least-priviliges
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@benbp benbp benbp approved these changes

@weshaggard weshaggard Awaiting requested review from weshaggard weshaggard is a code owner

@danieljurek danieljurek Awaiting requested review from danieljurek

Assignees

@mikeharder mikeharder

Labels

None yet

Projects

Azure SDK EngSys 📆🎇
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mikeharder @benbp