Skip to content

Commit d9374b9

Browse files
cpanatocpanato
authored
not fail fast and setup permissions (#195)
Signed-off-by: Carlos Panato <[email protected]>
1 parent 398d4b0 commit d9374b9

File tree

1 file changed

+33
-11
lines changed

1 file changed

+33
-11
lines changed

.github/workflows/test-action.yml

Lines changed: 33 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -6,10 +6,13 @@ on:
66
branches:
77
- 'main'
88

9+
permissions: {}
10+
911
jobs:
1012
get_all_cosign_releases:
1113
runs-on: ubuntu-latest
12-
permissions: {}
14+
permissions:
15+
contents: read
1316
name: Fetch current list of all Cosign releases for testing
1417
outputs:
1518
releases: ${{ steps.get_tags.outputs.result }}
@@ -33,7 +36,8 @@ jobs:
3336
strategy:
3437
matrix:
3538
os: [macos-latest, ubuntu-latest, windows-latest]
36-
permissions: {}
39+
permissions:
40+
contents: read
3741
name: Install default version Cosign and test presence in path
3842
steps:
3943
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -57,9 +61,11 @@ jobs:
5761
# this does not run on macOS as the support for multi-arch was not added yet
5862
runs-on: ${{ matrix.os }}
5963
strategy:
64+
fail-fast: false
6065
matrix:
6166
os: [ubuntu-latest]
62-
permissions: {}
67+
permissions:
68+
contents: read
6369
name: Install existing release of Cosign and test presence in path
6470
steps:
6571
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -82,10 +88,12 @@ jobs:
8288
runs-on: ${{ matrix.os }}
8389
needs: get_all_cosign_releases
8490
strategy:
91+
fail-fast: false
8592
matrix:
8693
os: [macos-latest, ubuntu-latest, windows-latest]
8794
cosign_release: ${{ fromJson(needs.get_all_cosign_releases.outputs.releases) }}
88-
permissions: {}
95+
permissions:
96+
contents: read
8997
name: Install Cosign ${{ matrix.cosign_release }} on ${{ matrix.os }} and test presence in path
9098
steps:
9199
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -110,9 +118,11 @@ jobs:
110118
test_cosign_action_0_5_0:
111119
runs-on: ${{ matrix.os }}
112120
strategy:
121+
fail-fast: false
113122
matrix:
114123
os: [ubuntu-latest, windows-latest]
115-
permissions: {}
124+
permissions:
125+
contents: read
116126
name: Install Cosign v0.5.0 and test presence in path
117127
steps:
118128
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -137,9 +147,11 @@ jobs:
137147
test_cosign_action_0_6_0:
138148
runs-on: ${{ matrix.os }}
139149
strategy:
150+
fail-fast: false
140151
matrix:
141152
os: [macos-latest, ubuntu-latest, windows-latest]
142-
permissions: {}
153+
permissions:
154+
contents: read
143155
name: Install Cosign v0.6.0 and test presence in path
144156
steps:
145157
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -165,9 +177,11 @@ jobs:
165177
# this test is specifically for linux and pcsclite1 dependencies
166178
runs-on: ${{ matrix.os }}
167179
strategy:
180+
fail-fast: false
168181
matrix:
169182
os: [ubuntu-latest]
170-
permissions: {}
183+
permissions:
184+
contents: read
171185
name: Install Cosign v0.6.0 and test presence in path with pre installed libpcsclite1 package
172186
steps:
173187
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -195,9 +209,11 @@ jobs:
195209
test_cosign_action_wrong:
196210
runs-on: ${{ matrix.os }}
197211
strategy:
212+
fail-fast: false
198213
matrix:
199214
os: [macos-latest, ubuntu-latest, windows-latest]
200-
permissions: {}
215+
permissions:
216+
contents: read
201217
name: Try to install a wrong Cosign
202218
steps:
203219
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -212,9 +228,11 @@ jobs:
212228
test_cosign_action_custom_dir:
213229
runs-on: ${{ matrix.os }}
214230
strategy:
231+
fail-fast: false
215232
matrix:
216233
os: [macos-latest, ubuntu-latest, windows-latest]
217-
permissions: {}
234+
permissions:
235+
contents: read
218236
name: Install Custom Cosign and test presence in path
219237
steps:
220238
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -238,9 +256,11 @@ jobs:
238256
test_cosign_action_custom_dir_root:
239257
runs-on: ${{ matrix.os }}
240258
strategy:
259+
fail-fast: false
241260
matrix:
242261
os: [ubuntu-latest]
243-
permissions: {}
262+
permissions:
263+
contents: read
244264
name: Install Custom Cosign and test presence in path with custom root dir
245265
steps:
246266
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -263,9 +283,11 @@ jobs:
263283
shell: bash
264284

265285
test_cosign_with_go_install:
266-
permissions: {}
286+
permissions:
287+
contents: read
267288
runs-on: ${{ matrix.os }}
268289
strategy:
290+
fail-fast: false
269291
matrix:
270292
os:
271293
- macos-latest

0 commit comments

Comments
 (0)