diff --git a/.github/workflow-gen/Program.cs b/.github/workflow-gen/Program.cs index 4694d627..0e028477 100644 --- a/.github/workflow-gen/Program.cs +++ b/.github/workflow-gen/Program.cs @@ -61,6 +61,8 @@ void GenerateCiWorkflow(Component component) .Defaults().Run("bash", component.Name) .Job; + job.Permissions(actions: Permission.Read, contents: Permission.Read, checks: Permission.Write); + job.TimeoutMinutes(15); job.Step() diff --git a/.github/workflows/access-token-management-ci.yml b/.github/workflows/access-token-management-ci.yml index 5de6f5ce..1e9cc5c3 100644 --- a/.github/workflows/access-token-management-ci.yml +++ b/.github/workflows/access-token-management-ci.yml @@ -20,6 +20,10 @@ jobs: build: name: Build runs-on: ubuntu-latest + permissions: + actions: read + checks: write + contents: read defaults: run: shell: bash diff --git a/.github/workflows/identity-model-ci.yml b/.github/workflows/identity-model-ci.yml index 513ee9ab..2d4e0adb 100644 --- a/.github/workflows/identity-model-ci.yml +++ b/.github/workflows/identity-model-ci.yml @@ -20,6 +20,10 @@ jobs: build: name: Build runs-on: ubuntu-latest + permissions: + actions: read + checks: write + contents: read defaults: run: shell: bash diff --git a/.github/workflows/identity-model-oidc-client-ci.yml b/.github/workflows/identity-model-oidc-client-ci.yml index a6581fd1..2df277dd 100644 --- a/.github/workflows/identity-model-oidc-client-ci.yml +++ b/.github/workflows/identity-model-oidc-client-ci.yml @@ -20,6 +20,10 @@ jobs: build: name: Build runs-on: ubuntu-latest + permissions: + actions: read + checks: write + contents: read defaults: run: shell: bash diff --git a/.github/workflows/ignore-this-ci.yml b/.github/workflows/ignore-this-ci.yml index 10bd8547..95352bc1 100644 --- a/.github/workflows/ignore-this-ci.yml +++ b/.github/workflows/ignore-this-ci.yml @@ -20,6 +20,10 @@ jobs: build: name: Build runs-on: ubuntu-latest + permissions: + actions: read + checks: write + contents: read defaults: run: shell: bash