minder icon indicating copy to clipboard operation
minder copied to clipboard
verified publisher icon stacklok

Implement security checks on the workflow that built the artifact (list of actions, has permissions etc)

Open rdimitrov opened this issue 2 years ago • 2 comments

Overview:

I want the workflow that built my artifact:

  • to use only a set of actions that I have allowed to be used
  • to have their permissions explicitly set and fit within my boundary permissions

rdimitrov avatar Feb 19 '24 12:02 rdimitrov

@puerco is interested in this, but I'm not sure if we have a feature lined up to support it.

evankanderson avatar Jul 30 '24 13:07 evankanderson

Rado wants to keep this open.

evankanderson avatar Dec 03 '24 14:12 evankanderson