mirror of
https://github.com/hashicorp/packer.git
synced 2026-03-04 14:31:33 -05:00
cc5898022a
* chore: Set permissions for GitHub actions Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much. - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com> * Update permissions for newly added actions * Remove deleted actions Co-authored-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>
56 lines
2.2 KiB
YAML
56 lines
2.2 KiB
YAML
on:
|
|
issues:
|
|
types: [opened]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
issue_triage:
|
|
name: Issue Opened Triage
|
|
permissions:
|
|
contents: read
|
|
issues: write # for github/issue-labeler to create or remove labels
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
- uses: github/issue-labeler@v2.5
|
|
with:
|
|
repo-token: "${{ secrets.GITHUB_TOKEN }}"
|
|
configuration-path: .github/labeler-issue-triage.yml
|
|
enable-versioned-regex: 0
|
|
add-to-project:
|
|
name: Add issue to request queue
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/add-to-project@main
|
|
with:
|
|
project-url: https://github.com/orgs/hashicorp/projects/105
|
|
github-token: ${{ secrets.PACKER_PROJ_BOARD_TOKEN }}
|
|
labeled: bug, enhancement
|
|
label-operator: OR
|
|
label-question:
|
|
name: Redirect to discuss
|
|
permissions:
|
|
contents: read
|
|
issues: write # for actions-ecosystem/action-create-comment to create comments
|
|
if: contains(github.event.issue.labels.*.name, 'question')
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions-ecosystem/action-create-comment@v1.0.2
|
|
with:
|
|
github_token: ${{ secrets.GITHUB_TOKEN }}
|
|
body: |
|
|
Hi 👋 thanks for reaching out.
|
|
|
|
For general questions we recommend reaching out to the [community forum](https://discuss.hashicorp.com/c/packer) for greater visibility.
|
|
As the GitHub issue tracker is only watched by a small subset of maintainers and is really reserved for bugs and enhancements, you'll have a better chance of finding someone who can help you in the forum.
|
|
We'll mark this issue as needs-reply to help inform maintainers that this question is awaiting a response.
|
|
If no activity is taken on this question within 30 days it will be automatically closed.
|
|
|
|
If you find the forum to be more helpful or if you've found the answer to your question elsewhere please feel free to post a response and close the issue.
|
|
- uses: actions-ecosystem/action-add-labels@v1.1.3
|
|
with:
|
|
github_token: ${{ secrets.GITHUB_TOKEN }}
|
|
labels: needs-reply
|
|
|