Limit permissions to gradlew validator GH Action

I've already limited the grpc-wide setting to read-only access, but limiting it explicitly here seems like a good idea; all workflows should explicitly set their permissions since any action can implicitly access the GITHUB_TOKEN.
2021-05-26 11:55:18 -07:00 · 2021-05-26 11:55:18 -07:00 · a7792d3d14
parent 505594ac53
commit a7792d3d14
1 changed files with 3 additions and 0 deletions
--- a/.github/workflows/gradle-wrapper-validation.yml
+++ b/.github/workflows/gradle-wrapper-validation.yml
@ -1,6 +1,9 @@
 name: "Validate Gradle Wrapper"
 on: [push, pull_request]

+permissions:
+  contents: read
+
 jobs:
  validation:
    name: "Gradle wrapper validation"