diff options
| author | Florian Bruhin <me@the-compiler.org> | 2021-04-28 23:01:43 +0200 |
|---|---|---|
| committer | Florian Bruhin <me@the-compiler.org> | 2021-04-29 09:35:09 +0200 |
| commit | ab566cdb0394558771683bae191105729f2a49ed (patch) | |
| tree | 211e8bd4606016741b0b3de30d3c1845aef13616 | |
| parent | 1167b5c3e83cd8961ba5d680786225f2eaa582f6 (diff) | |
| download | qutebrowser-ab566cdb0394558771683bae191105729f2a49ed.tar.gz qutebrowser-ab566cdb0394558771683bae191105729f2a49ed.zip | |
ci: Lock down workflows
Closes #6430
(cherry picked from commit 8023b8c8fe6cfb13e4a561c87177744612bb42f9)
| -rw-r--r-- | .github/workflows/bleeding.yml | 5 | ||||
| -rw-r--r-- | .github/workflows/ci.yml | 8 | ||||
| -rw-r--r-- | .github/workflows/recompile-requirements.yml | 2 |
3 files changed, 15 insertions, 0 deletions
diff --git a/.github/workflows/bleeding.yml b/.github/workflows/bleeding.yml index cf65f3dc5..5d464e3ac 100644 --- a/.github/workflows/bleeding.yml +++ b/.github/workflows/bleeding.yml @@ -25,6 +25,8 @@ jobs: options: --privileged --tty steps: - uses: actions/checkout@v2 + with: + persist-credentials: false - name: Set up problem matchers run: "python scripts/dev/ci/problemmatchers.py py3 ${{ runner.temp }}" - name: Run tox @@ -51,6 +53,8 @@ jobs: timeout-minutes: 30 steps: - uses: actions/checkout@v2 + with: + persist-credentials: false - name: Set up Python uses: actions/setup-python@v2 with: @@ -61,6 +65,7 @@ jobs: repository: asciidoc-py/asciidoc-py ref: '9.x' path: asciidoc + persist-credentials: false - name: Move asciidoc out of the repo run: mv asciidoc .. - name: Install dependencies diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9d1995c64..2cb239a1a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -32,6 +32,8 @@ jobs: - testenv: yamllint steps: - uses: actions/checkout@v2 + with: + persist-credentials: false - uses: actions/cache@v2 with: path: | @@ -88,6 +90,8 @@ jobs: options: --privileged --tty steps: - uses: actions/checkout@v2 + with: + persist-credentials: false - name: Set up problem matchers run: "python scripts/dev/ci/problemmatchers.py py38 ${{ runner.temp }}" - name: Run tox @@ -142,6 +146,8 @@ jobs: runs-on: "${{ matrix.os }}" steps: - uses: actions/checkout@v2 + with: + persist-credentials: false - uses: actions/cache@v2 with: path: | @@ -186,6 +192,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v2 + with: + persist-credentials: false - name: Initialize CodeQL uses: github/codeql-action/init@v1 with: diff --git a/.github/workflows/recompile-requirements.yml b/.github/workflows/recompile-requirements.yml index efdf39950..68a0d588f 100644 --- a/.github/workflows/recompile-requirements.yml +++ b/.github/workflows/recompile-requirements.yml @@ -19,6 +19,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 + with: + persist-credentials: false - name: Set up Python 3.7 uses: actions/setup-python@v2 with: |