Skip to content

Commit d559750

Browse files
fix: add content read
1 parent 404fd83 commit d559750

8 files changed

+10
-0
lines changed

.github/workflows/component_k8s_canaries.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@ jobs:
3333
permissions:
3434
# required to oidc AWS
3535
id-token: write
36+
contents: read
3637
steps:
3738
- name: Configure AWS Credentials
3839
uses: aws-actions/configure-aws-credentials@ff717079ee2060e4bcee96c4779b553acc87447c # v4

.github/workflows/component_onhost_canaries.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,7 @@ jobs:
3030
permissions:
3131
# required to oidc AWS
3232
id-token: write
33+
contents: read
3334
steps:
3435
- name: Configure AWS Credentials
3536
uses: aws-actions/configure-aws-credentials@ff717079ee2060e4bcee96c4779b553acc87447c # v4

.github/workflows/nightly.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -109,6 +109,7 @@ jobs:
109109
needs: [ build-image ]
110110
permissions:
111111
id-token: write
112+
contents: read
112113
with:
113114
image-tag: nightly
114115
cluster_name: Agent_Control_Canaries_Staging-Cluster
@@ -124,6 +125,7 @@ jobs:
124125
needs: [ upload-packages-s3 ]
125126
permissions:
126127
id-token: write
128+
contents: read
127129
with:
128130
environment: staging
129131
operation: apply

.github/workflows/prerelease.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -136,6 +136,7 @@ jobs:
136136
needs: [ build-image ]
137137
permissions:
138138
id-token: write
139+
contents: read
139140
with:
140141
image-tag: ${{ github.event.release.tag_name }}-rc
141142
cluster_name: Agent_Control_Canaries_Production-Cluster
@@ -151,6 +152,7 @@ jobs:
151152
needs: [ upload ]
152153
permissions:
153154
id-token: write
155+
contents: read
154156
with:
155157
environment: production
156158
operation: apply

.github/workflows/push_pr_k8s_canaries_apply.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ jobs:
2121
permissions:
2222
# required to oidc AWS
2323
id-token: write
24+
contents: read
2425
steps:
2526
- name: Configure AWS Credentials
2627
uses: aws-actions/configure-aws-credentials@ff717079ee2060e4bcee96c4779b553acc87447c # v4

.github/workflows/push_pr_k8s_canaries_plan.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ jobs:
1919
permissions:
2020
# required to oidc AWS
2121
id-token: write
22+
contents: read
2223
steps:
2324
- name: Configure AWS Credentials
2425
uses: aws-actions/configure-aws-credentials@ff717079ee2060e4bcee96c4779b553acc87447c # v4

.github/workflows/push_pr_onhost_canaries_apply.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ jobs:
2020
permissions:
2121
# required to oidc AWS
2222
id-token: write
23+
contents: read
2324
strategy:
2425
matrix:
2526
environment: [ staging, production ]

.github/workflows/push_pr_onhost_canaries_plan.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ jobs:
2121
permissions:
2222
# required to oidc AWS
2323
id-token: write
24+
contents: read
2425
with:
2526
environment: ${{ matrix.environment }}
2627
operation: plan

0 commit comments

Comments
 (0)