Skip to content

Commit 69c378f

Browse files
chore(ci): migrate CodeQL workflow to GitHub keyless auth
Signed-off-by: Matías Insaurralde <matias@chainloop.dev>
1 parent ebb6cf5 commit 69c378f

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

.github/workflows/codeql.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ on:
1111

1212
permissions:
1313
contents: read
14+
id-token: write # required for SLSA attestation
1415

1516
jobs:
1617
analyze:
@@ -22,7 +23,6 @@ jobs:
2223
security-events: write
2324
id-token: write # required for SLSA provenance - https://docs.chainloop.dev/guides/slsa/
2425
env:
25-
CHAINLOOP_TOKEN: ${{ secrets.CHAINLOOP_TOKEN }}
2626
CHAINLOOP_WORKFLOW_NAME: "codeql"
2727
CHAINLOOP_PROJECT: "chainloop"
2828

0 commit comments

Comments
 (0)