Cool_Tools/ImHex
1
0
Fork 0
mirror of synced 2025-02-02 04:17:56 +01:00
Code Releases Wiki Activity

git: Fixed CI permissions

Browse Source
This commit is contained in:
WerWolv 2025-01-11 16:28:29 +01:00
parent b23a0febb5
commit 4b6ff68464
1 changed files with 40 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
.github/workflows/build.yml vendored
View File

@ -18,11 +18,18 @@ jobs:
win: win:
runs-on: windows-2022 runs-on: windows-2022
name: 🪟 Windows MINGW64 name: 🪟 Windows MINGW64
defaults: defaults:
run: run:
shell: msys2 {0} shell: msys2 {0}
env: env:
CCACHE_DIR: "${{ github.workspace }}/.ccache" CCACHE_DIR: "${{ github.workspace }}/.ccache"
permissions:
id-token: write
attestations: write
steps: steps:
- name: 🧰 Checkout - name: 🧰 Checkout
uses: actions/checkout@v4 uses: actions/checkout@v4
@ -128,12 +135,16 @@ jobs:
win-plugin-template-test: win-plugin-template-test:
runs-on: windows-2022 runs-on: windows-2022
name: 🧪 Plugin Template Test name: 🧪 Plugin Template Test
defaults: defaults:
run: run:
shell: msys2 {0} shell: msys2 {0}
needs: win needs: win
env: env:
IMHEX_SDK_PATH: "${{ github.workspace }}/out/sdk" IMHEX_SDK_PATH: "${{ github.workspace }}/out/sdk"
steps: steps:
- name: 🧰 Checkout ImHex - name: 🧰 Checkout ImHex
uses: actions/checkout@v4 uses: actions/checkout@v4
@ -182,6 +193,10 @@ jobs:
macos: macos:
runs-on: macos-13 runs-on: macos-13
permissions:
id-token: write
attestations: write
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@ -338,8 +353,10 @@ jobs:
macos-arm64-build: macos-arm64-build:
runs-on: ubuntu-24.04 runs-on: ubuntu-24.04
name: 🍎 macOS 13 arm64 name: 🍎 macOS 13 arm64
outputs: outputs:
IMHEX_VERSION: ${{ steps.build.outputs.IMHEX_VERSION }} IMHEX_VERSION: ${{ steps.build.outputs.IMHEX_VERSION }}
steps: steps:
- name: 🧰 Checkout - name: 🧰 Checkout
uses: actions/checkout@v4 uses: actions/checkout@v4
@ -383,8 +400,14 @@ jobs:
runs-on: macos-13 runs-on: macos-13
name: 🍎 macOS 13 arm64 Packaging name: 🍎 macOS 13 arm64 Packaging
needs: macos-arm64-build needs: macos-arm64-build
env: env:
IMHEX_VERSION: ${{ needs.macos-arm64-build.outputs.IMHEX_VERSION }} IMHEX_VERSION: ${{ needs.macos-arm64-build.outputs.IMHEX_VERSION }}
permissions:
id-token: write
attestations: write
steps: steps:
- name: ⬇️ Download artifact - name: ⬇️ Download artifact
uses: actions/download-artifact@v4 uses: actions/download-artifact@v4
@ -462,6 +485,10 @@ jobs:
image: "ubuntu:${{ matrix.release_num }}" image: "ubuntu:${{ matrix.release_num }}"
options: --privileged options: --privileged
permissions:
id-token: write
attestations: write
steps: steps:
- name: ⬇️ Install setup dependencies - name: ⬇️ Install setup dependencies
run: apt update && apt install -y git curl run: apt update && apt install -y git curl
@ -539,6 +566,11 @@ jobs:
appimage: appimage:
runs-on: ubuntu-24.04 runs-on: ubuntu-24.04
name: ⬇️ AppImage name: ⬇️ AppImage
permissions:
id-token: write
attestations: write
steps: steps:
- name: 🧰 Checkout - name: 🧰 Checkout
uses: actions/checkout@v4 uses: actions/checkout@v4
@ -592,6 +624,10 @@ jobs:
container: container:
image: archlinux:base-devel image: archlinux:base-devel
permissions:
id-token: write
attestations: write
steps: steps:
- name: ⬇️ Update all packages - name: ⬇️ Update all packages
run: | run: |
@ -719,6 +755,10 @@ jobs:
image: "almalinux:9" image: "almalinux:9"
options: --privileged --pid=host --security-opt apparmor=unconfined options: --privileged --pid=host --security-opt apparmor=unconfined
permissions:
id-token: write
attestations: write
steps: steps:
# This, together with the `--pid=host --security-opt apparmor=unconfined` docker options is required to allow # This, together with the `--pid=host --security-opt apparmor=unconfined` docker options is required to allow
# fedpkg to work inside a Docker container running on Ubuntu again. # fedpkg to work inside a Docker container running on Ubuntu again.