Skip to content

Commit

Permalink
Refactor GitHub Actions workflow for security updates: removed unnece…
Browse files Browse the repository at this point in the history
…ssary permissions for security-events and repository-advisories, and updated environment variable for GitHub token to enhance security during vulnerability scanning.
  • Loading branch information
jaydrogers committed Dec 11, 2024
1 parent 628d128 commit 5078a51
Showing 1 changed file with 1 addition and 3 deletions.
4 changes: 1 addition & 3 deletions .github/workflows/action_publish-images-security-updates.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,6 @@ on:
permissions:
contents: write
packages: write
security-events: write
repository-advisories: write

jobs:
scan-vulnerabilities:
Expand Down Expand Up @@ -50,7 +48,7 @@ jobs:
- if: inputs.skip_scan != true
id: parse
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GH_TOKEN: ${{ secrets.GHA_SECURITY_ADVISORY_PAT }}
shell: bash
run: |
if [ -f trivy-results.json ]; then
Expand Down

0 comments on commit 5078a51

Please sign in to comment.