1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 23:21:22 +03:00
systemd/.github/workflows/labeler.yml
Evgeny Vereshchagin 510afa460a ci: tighten codeql and labeler even more
by moving the read permissions to the top level and
granting additional permissions to the specific jobs.
It should help to prevent new jobs that could be added
there eventually from having write access to resources they
most likely would never need.
2021-11-14 10:51:07 +00:00

24 lines
499 B
YAML

---
# vi: ts=2 sw=2 et:
# SPDX-License-Identifier: LGPL-2.1-or-later
#
name: "Pull Request Labeler"
on:
- pull_request_target
permissions:
contents: read
jobs:
triage:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- uses: actions/labeler@69da01b8e0929f147b8943611bee75ee4175a49e
with:
repo-token: "${{ secrets.GITHUB_TOKEN }}"
configuration-path: .github/labeler.yml
sync-labels: "" # This is a workaround for issue 18671