diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 7fa6ab9..c402efb 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,5 +1,7 @@ name: ci +permissions: read-all + on: pull_request: paths: @@ -37,7 +39,7 @@ jobs: with: fetch-depth: 0 - name: Lint Code Base - uses: github/super-linter/slim@v5 + uses: github/super-linter/slim@v6 env: DEFAULT_BRANCH: main GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 815971f..6b2049a 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,5 +1,7 @@ name: Release Charts +permissions: read-all + on: push: branches: @@ -10,6 +12,10 @@ env: jobs: release: + permissions: + contents: write # to push chart release and create a release (helm/chart-releaser-action) + packages: write # needed for ghcr access + id-token: write # needed for keyless signing runs-on: ubuntu-22.04 steps: - name: Checkout diff --git a/.github/workflows/sync-readme.yaml b/.github/workflows/sync-readme.yaml index 3f7bdf6..584eb62 100644 --- a/.github/workflows/sync-readme.yaml +++ b/.github/workflows/sync-readme.yaml @@ -1,5 +1,7 @@ name: sync-readme +permissions: read-all + on: push: branches: @@ -9,6 +11,8 @@ on: jobs: build: + permissions: + contents: write # for git push runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 diff --git a/charts/fluentd-elasticsearch/Chart.yaml b/charts/fluentd-elasticsearch/Chart.yaml index 8b5f625..d3e6071 100644 --- a/charts/fluentd-elasticsearch/Chart.yaml +++ b/charts/fluentd-elasticsearch/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: fluentd-elasticsearch -version: 13.12.0 -appVersion: v4.7.0 +version: 13.12.1 +appVersion: v4.7.4 type: application home: https://www.fluentd.org/ description: A Fluentd Helm chart for Kubernetes with Elasticsearch output