apitech
/
loki
mirror of https://github.com/grafana/loki
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

chore(ci): Add more oidc perms for image publishing jobs (#17523)

Browse Source
pull/17526/head
Paul Rogers 1 year ago committed by GitHub
parent 070e2bbaf8
commit 28783601ff
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 16 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      .github/release-workflows.jsonnet
  2. 12
      .github/workflows/images.yml

4
.github/release-workflows.jsonnet
Unescape View File

@ -247,6 +247,10 @@ local lambdaPromtailJob =
['%s-image' % name]:
weeklyImageJobs[name]
+ job.withNeeds(['check'])
+ job.withPermissions({
contents: 'read',
'id-token': 'write',
})
+ job.withEnv({
BUILD_TIMEOUT: imageBuildTimeoutMin,
RELEASE_REPO: 'grafana/loki',

12
.github/workflows/images.yml
Unescape View File

@ -116,6 +116,9 @@
"image_digest_linux_arm64": "${{ steps.digest.outputs.digest_linux_arm64 }}"
"image_name": "${{ steps.weekly-version.outputs.image_name }}"
"image_tag": "${{ steps.weekly-version.outputs.image_version }}"
"permissions":
"contents": "read"
"id-token": "write"
"runs-on": "${{ matrix.runs_on }}"
"steps":
- "name": "pull release library code"
@ -236,6 +239,9 @@
"image_digest_linux_arm64": "${{ steps.digest.outputs.digest_linux_arm64 }}"
"image_name": "${{ steps.weekly-version.outputs.image_name }}"
"image_tag": "${{ steps.weekly-version.outputs.image_version }}"
"permissions":
"contents": "read"
"id-token": "write"
"runs-on": "${{ matrix.runs_on }}"
"steps":
- "name": "pull release library code"
@ -356,6 +362,9 @@
"image_digest_linux_arm64": "${{ steps.digest.outputs.digest_linux_arm64 }}"
"image_name": "${{ steps.weekly-version.outputs.image_name }}"
"image_tag": "${{ steps.weekly-version.outputs.image_version }}"
"permissions":
"contents": "read"
"id-token": "write"
"runs-on": "${{ matrix.runs_on }}"
"steps":
- "name": "pull release library code"
@ -476,6 +485,9 @@
"image_digest_linux_arm64": "${{ steps.digest.outputs.digest_linux_arm64 }}"
"image_name": "${{ steps.weekly-version.outputs.image_name }}"
"image_tag": "${{ steps.weekly-version.outputs.image_version }}"
"permissions":
"contents": "read"
"id-token": "write"
"runs-on": "${{ matrix.runs_on }}"
"steps":
- "name": "pull release library code"

Write Preview
Loading…
Cancel
Save