From 4ea4050503abffc5adcc001c079fb4a8571d6ccf Mon Sep 17 00:00:00 2001 From: Michael Collins <15347726+michaeljcollinsuk@users.noreply.github.com> Date: Mon, 22 Apr 2024 11:52:31 +0100 Subject: [PATCH] Attempt to resolve checkov errors --- .github/workflows/codeql-analysis.yml | 2 ++ .github/workflows/enforce-version-pinning.yml | 2 ++ .github/workflows/test-and-push-docker-image.yaml | 2 ++ 3 files changed, 6 insertions(+) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 632ad4c70..7a6188849 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -20,6 +20,8 @@ on: schedule: - cron: '43 11 * * 1' +permissions: {} + jobs: analyze: name: Analyze diff --git a/.github/workflows/enforce-version-pinning.yml b/.github/workflows/enforce-version-pinning.yml index e0d6d0a78..de7885ebc 100644 --- a/.github/workflows/enforce-version-pinning.yml +++ b/.github/workflows/enforce-version-pinning.yml @@ -6,6 +6,8 @@ on: pull_request: branches: [main] +permissions: {} + jobs: check-version-pinning: runs-on: ubuntu-latest diff --git a/.github/workflows/test-and-push-docker-image.yaml b/.github/workflows/test-and-push-docker-image.yaml index 024a5aa82..25dd59a15 100644 --- a/.github/workflows/test-and-push-docker-image.yaml +++ b/.github/workflows/test-and-push-docker-image.yaml @@ -7,6 +7,8 @@ name: Run tests and push Docker image on success release: types: [published] +permissions: {} + jobs: test-and-push: runs-on: [self-hosted, management-ecr]