From 530300429712ce16a1b68e07dcda02e70df4e8bb Mon Sep 17 00:00:00 2001 From: Jonathan Norris Date: Tue, 22 Jul 2025 14:41:45 -0400 Subject: [PATCH] chore: update actions workflow permissions --- .github/workflows/benchmark.yml | 21 ++++++++++++--------- .github/workflows/lint.yml | 7 +++++-- .github/workflows/run-test-harness.yml | 3 +++ .github/workflows/test_examples.yml | 11 +++++++---- .github/workflows/unit_test.yml | 3 +++ 5 files changed, 30 insertions(+), 15 deletions(-) diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml index 0b2183d..2981a0e 100644 --- a/.github/workflows/benchmark.yml +++ b/.github/workflows/benchmark.yml @@ -1,13 +1,16 @@ name: Benchmark -on: [ push ] +on: [push] + +permissions: + contents: read jobs: benchmark: runs-on: ubuntu-latest strategy: matrix: - python-version: [ "3.12" ] + python-version: ["3.12"] steps: - uses: actions/checkout@v4 @@ -15,7 +18,7 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - cache: 'pip' + cache: "pip" - name: Install dependencies run: | pip install --upgrade pip @@ -25,9 +28,9 @@ jobs: pytest --benchmark-only --benchmark-json=benchmarks.json - name: Print summary run: | - echo "### Benchmark Results" >> $GITHUB_STEP_SUMMARY - echo " - Benchmark|Min (uS)|Median (uS)|Mean (uS)|Max (uS)|Iterations - ---|---|---|---|---|--- - $(jq -r '.benchmarks[] | [.name,(.stats.min*1000000000 | round / 1000),(.stats.median*1000000000 | round / 1000),(.stats.mean*1000000000 | round / 1000),(.stats.max*1000000000 | round / 1000),.stats.rounds] | join("|")' benchmarks.json) - " >> $GITHUB_STEP_SUMMARY \ No newline at end of file + echo "### Benchmark Results" >> $GITHUB_STEP_SUMMARY + echo " + Benchmark|Min (uS)|Median (uS)|Mean (uS)|Max (uS)|Iterations + ---|---|---|---|---|--- + $(jq -r '.benchmarks[] | [.name,(.stats.min*1000000000 | round / 1000),(.stats.median*1000000000 | round / 1000),(.stats.mean*1000000000 | round / 1000),(.stats.max*1000000000 | round / 1000),.stats.rounds] | join("|")' benchmarks.json) + " >> $GITHUB_STEP_SUMMARY diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 03e675f..9000815 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,6 +1,9 @@ name: Lint on: pull_request +permissions: + contents: read + jobs: lint: name: Lint and Format @@ -15,7 +18,7 @@ jobs: uses: actions/setup-python@v5 with: python-version: 3.12 - cache: 'pip' + cache: "pip" - name: Install dependencies run: | @@ -28,4 +31,4 @@ jobs: - name: Run mypy run: | - mypy . \ No newline at end of file + mypy . diff --git a/.github/workflows/run-test-harness.yml b/.github/workflows/run-test-harness.yml index 17d9585..cbdb732 100644 --- a/.github/workflows/run-test-harness.yml +++ b/.github/workflows/run-test-harness.yml @@ -4,6 +4,9 @@ on: pull_request: branches: [main] +permissions: + contents: read + jobs: harness-tests: name: Harness Tests diff --git a/.github/workflows/test_examples.yml b/.github/workflows/test_examples.yml index 116c62a..7f63688 100644 --- a/.github/workflows/test_examples.yml +++ b/.github/workflows/test_examples.yml @@ -1,6 +1,9 @@ name: Test Examples -on: [ push ] +on: [push] + +permissions: + contents: read jobs: test_examples: @@ -8,7 +11,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: [ "3.12" ] + python-version: ["3.12"] steps: - uses: actions/checkout@v4 @@ -16,7 +19,7 @@ jobs: uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - cache: 'pip' + cache: "pip" - name: Install dependencies run: | pip install --upgrade pip @@ -35,4 +38,4 @@ jobs: run: | cd example && python openfeature_example.py env: - DEVCYCLE_SERVER_SDK_KEY: dvc_server_token_hash \ No newline at end of file + DEVCYCLE_SERVER_SDK_KEY: dvc_server_token_hash diff --git a/.github/workflows/unit_test.yml b/.github/workflows/unit_test.yml index 83d4823..76b6124 100644 --- a/.github/workflows/unit_test.yml +++ b/.github/workflows/unit_test.yml @@ -2,6 +2,9 @@ name: Unit Tests on: [push] +permissions: + contents: read + jobs: unit_tests: name: Unit Tests