git.99rst.org / stevenblack-hosts.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side (parent: 56e34ab)
CI: remove git credentials after checkout
authorXhmikosR <redacted>
Sun, 13 Nov 2022 06:00:34 +0000 (08:00 +0200)
committerXhmikosR <redacted>
Sun, 13 Nov 2022 06:02:41 +0000 (08:02 +0200)
.github/workflows/ci.yml patch | blob | history
.github/workflows/codeql-analysis.yml patch | blob | history
.github/workflows/container.yml patch | blob | history
.github/workflows/depsreview.yaml patch | blob | history

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 010e2133ff5c09aade8bf89ea71a3272c8b1e452..6bcb9238fff2accb60a25a067b8056b099ae9058 100644 (file)
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -29,6 +29,8 @@ jobs:
     steps:
       - name: Clone repository
         uses: actions/checkout@v3
+        with:
+          persist-credentials: false
 
       - name: Set up Python
         uses: actions/setup-python@v4
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index e3d93cade7a8597641e2261bed22a4749719a9c0..b1f87b84adfe40ee77249c6b8d4a44b0d3661348 100644 (file)
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -23,8 +23,10 @@ jobs:
       security-events: write
 
     steps:
-      - name: Checkout repository
+      - name: Clone repository
         uses: actions/checkout@v3
+        with:
+          persist-credentials: false
 
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v2
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
index 7a68a73853d0dc2a463e5f2bd4a12d207b38bd51..9857f0a5ddc40b56256dfad4a5238ddf38bd1cc9 100644 (file)
--- a/.github/workflows/container.yml
+++ b/.github/workflows/container.yml
@@ -19,21 +19,27 @@ jobs:
       contents: read
       packages: write
     steps:
-      - name: Checkout
+      - name: Clone repository
         uses: actions/checkout@v3
+        with:
+          persist-credentials: false
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v2
+
       - name: Log in to the Container registry
         uses: docker/login-action@v2
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Extract metadata (tags, labels)
         id: meta
         uses: docker/metadata-action@v4
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
       - name: Build and push container image
         uses: docker/build-push-action@v3
         with:
diff --git a/.github/workflows/depsreview.yaml b/.github/workflows/depsreview.yaml
index a25de591ba3c64f2a64205d89265dc3bb0e0244f..5a9469932717ba0129da4f4b4a2af004f21cf624 100644 (file)
--- a/.github/workflows/depsreview.yaml
+++ b/.github/workflows/depsreview.yaml
@@ -8,7 +8,10 @@ jobs:
   dependency-review:
     runs-on: ubuntu-latest
     steps:
-      - name: 'Checkout Repository'
+      - name: Clone repository
         uses: actions/checkout@v3
+        with:
+          persist-credentials: false
+
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@v2
git clone https://git.99rst.org/PROJECT