These will override the default repo/org GITHUB_TOKEN scope.
+permissions:
+ contents: read
+
jobs:
buildbot:
uses: nginx/ci-self-hosted/.github/workflows/nginx-buildbot.yml@main
jobs:
buildbot:
uses: nginx/ci-self-hosted/.github/workflows/nginx-buildbot.yml@main
pull_request:
types: [ opened, synchronize ]
pull_request:
types: [ opened, synchronize ]
+permissions:
+ contents: read
+
jobs:
check-commit-messages:
runs-on: ubuntu-24.04
jobs:
check-commit-messages:
runs-on: ubuntu-24.04
+permissions:
+ contents: read
+ pull-requests: read
+
jobs:
check-pr:
uses: nginx/ci-self-hosted/.github/workflows/nginx-check-pr.yml@main
jobs:
check-pr:
uses: nginx/ci-self-hosted/.github/workflows/nginx-check-pr.yml@main
pull_request:
types: [ opened, synchronize ]
pull_request:
types: [ opened, synchronize ]
+permissions:
+ contents: read
+
jobs:
check-version-bump:
runs-on: ubuntu-24.04
jobs:
check-version-bump:
runs-on: ubuntu-24.04
pull_request:
types: [ opened, synchronize ]
pull_request:
types: [ opened, synchronize ]
+permissions:
+ contents: read
+
jobs:
check-whitespace:
runs-on: ubuntu-24.04
jobs:
check-whitespace:
runs-on: ubuntu-24.04