mirror of
https://github.com/containers/podman.git
synced 2026-02-05 06:45:31 +01:00
31 lines
797 B
YAML
31 lines
797 B
YAML
name: 'zizmor: GitHub Actions Security Analysis'
|
|
|
|
on:
|
|
push:
|
|
branches: ["main"]
|
|
pull_request:
|
|
branches: ["**"]
|
|
|
|
permissions: {}
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
zizmor:
|
|
name: Zizmor
|
|
runs-on: ubuntu-24.04
|
|
permissions:
|
|
security-events: write # to create vulnerability alerts
|
|
contents: read # to read repo contents
|
|
actions: read # to read GitHub actions info
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: Run zizmor 🌈
|
|
uses: zizmorcore/zizmor-action@135698455da5c3b3e55f73f4419e481ab68cdd95 # v0.4.1
|