Lavande/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-12-13 18:32:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
3e57ba5b36a110065804a3f70f63b10587b17ea3
gitea/.github/workflows/pull-docker-dryrun.yml
silverwind 3e57ba5b36 Add permissions tofiles-changed jobs (#36142) 
Followup to https://github.com/go-gitea/gitea/pull/36140.
`files-changed` is a job that imports another workflow via `uses`
statement but CodeQL still complains about lack of permissions on these
jobs, so add it. This will fix the remaining [3 CodeQL
issues](https://github.com/go-gitea/gitea/security/code-scanning?query=is%3Aopen+branch%3Amain+permissions).
2025-12-12 18:38:59 +01:00

38 lines
962 B
YAML
Raw Blame History

name: docker-dryrun
on:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
files-changed:
uses: ./.github/workflows/files-changed.yml
permissions:
contents: read
container:
if: needs.files-changed.outputs.docker == 'true' || needs.files-changed.outputs.actions == 'true'
needs: files-changed
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: docker/setup-buildx-action@v3
- name: Build regular container image
uses: docker/build-push-action@v5
with:
context: .
push: false
tags: gitea/gitea:linux-amd64
- name: Build rootless container image
uses: docker/build-push-action@v5
with:
context: .
push: false
file: Dockerfile.rootless
tags: gitea/gitea:linux-amd64
Reference in New Issue View Git Blame Copy Permalink