diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 479028fc..54bcdf87 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -69,7 +69,7 @@ jobs: publish-test-results: name: ๐Ÿ“Š Publish Test Results - runs-on: ubuntu-latest + runs-on: ubuntu-slim permissions: checks: write # is needed by EnricoMi/publish-unit-test-result-action to add a check run with test results pull-requests: write # is needed by EnricoMi/publish-unit-test-result-action to annotate PRs diff --git a/.github/workflows/image-cleanup.yml b/.github/workflows/image-cleanup.yml index 36908c03..f6705f91 100644 --- a/.github/workflows/image-cleanup.yml +++ b/.github/workflows/image-cleanup.yml @@ -11,7 +11,7 @@ permissions: {} jobs: cleanup-images: name: ๐Ÿงน Clean Images - runs-on: ubuntu-latest + runs-on: ubuntu-slim permissions: packages: write # is needed by dataaxiom/ghcr-cleanup-action to delete untagged and orphaned images steps: diff --git a/.github/workflows/issue-cleanup.yml b/.github/workflows/issue-cleanup.yml index 0c603310..b3a85979 100644 --- a/.github/workflows/issue-cleanup.yml +++ b/.github/workflows/issue-cleanup.yml @@ -10,7 +10,7 @@ permissions: {} jobs: close-issues: name: โ™ป๏ธ Close Stale Issues & PRs - runs-on: ubuntu-latest + runs-on: ubuntu-slim permissions: issues: write # is needed by actions/stale to close/comment on issues pull-requests: write # is needed by actions/stale to close/comment on PRs diff --git a/.github/workflows/issue-creation-tool-versions.yml b/.github/workflows/issue-creation-tool-versions.yml index 075447c8..a2460c21 100644 --- a/.github/workflows/issue-creation-tool-versions.yml +++ b/.github/workflows/issue-creation-tool-versions.yml @@ -11,7 +11,7 @@ permissions: {} jobs: create-issue: name: Create tool version evaluation issue - runs-on: ubuntu-latest + runs-on: ubuntu-slim permissions: contents: read # is needed to checkout the repository issues: write # is needed by gh cli to create/close/pin/unpin issues diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index 0e9b18ef..139a60c5 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -14,7 +14,7 @@ permissions: {} jobs: ossf-scorecard: name: ๐Ÿ›ก๏ธ OpenSSF Scorecard - runs-on: ubuntu-latest + runs-on: ubuntu-slim permissions: contents: read security-events: write # is needed by github/codeql-action/upload-sarif to upload sarif files diff --git a/.github/workflows/pr-conventional-title.yml b/.github/workflows/pr-conventional-title.yml index 6a73a438..3a4e3dfa 100644 --- a/.github/workflows/pr-conventional-title.yml +++ b/.github/workflows/pr-conventional-title.yml @@ -13,7 +13,7 @@ permissions: {} jobs: validate-pr-title: name: โœ… Validate PR Title - runs-on: ubuntu-latest + runs-on: ubuntu-slim permissions: pull-requests: write # is needed by marocchino/sticky-pull-request-comment to post comments on PRs steps: diff --git a/.github/workflows/pr-image-cleanup.yml b/.github/workflows/pr-image-cleanup.yml index ed7d876e..edb22074 100644 --- a/.github/workflows/pr-image-cleanup.yml +++ b/.github/workflows/pr-image-cleanup.yml @@ -10,7 +10,7 @@ permissions: {} jobs: delete-images: name: ๐Ÿ—‘๏ธ Delete PR Images - runs-on: ubuntu-latest + runs-on: ubuntu-slim permissions: packages: write # is needed by dataaxiom/ghcr-cleanup-action to delete images steps: @@ -21,11 +21,11 @@ jobs: - uses: dataaxiom/ghcr-cleanup-action@cd0cdb900b5dbf3a6f2cc869f0dbb0b8211f50c4 # v1.0.16 with: delete-tags: pr-${{ github.event.pull_request.number }} - packages: amp-devcontainer,amp-devcontainer-cpp,amp-devcontainer-rust + packages: amp-devcontainer,amp-devcontainer-base,amp-devcontainer-cpp,amp-devcontainer-rust cleanup-cache: name: ๐Ÿงน Cleanup Cache - runs-on: ubuntu-latest + runs-on: ubuntu-slim permissions: actions: write # is needed to delete workflow run caches steps: diff --git a/.github/workflows/pr-report.yml b/.github/workflows/pr-report.yml index bb22e75a..ff782bc4 100644 --- a/.github/workflows/pr-report.yml +++ b/.github/workflows/pr-report.yml @@ -16,7 +16,7 @@ jobs: pull-requests: write # is needed by philips-software/pull-request-report-action to post the report as a comment on the PR repository-projects: read # is needed by philips-software/pull-request-report-action to fetch project information actions: read # is needed by philips-software/pull-request-report-action to fetch workflow run information - runs-on: ubuntu-latest + runs-on: ubuntu-slim steps: - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 23ceba1f..e44b2094 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -14,7 +14,7 @@ permissions: {} jobs: create-release: name: ๐Ÿš€ Create Release - runs-on: ubuntu-latest + runs-on: ubuntu-slim permissions: contents: read steps: diff --git a/.github/workflows/wc-document-generation.yml b/.github/workflows/wc-document-generation.yml index 260edba8..53371feb 100644 --- a/.github/workflows/wc-document-generation.yml +++ b/.github/workflows/wc-document-generation.yml @@ -9,7 +9,7 @@ permissions: {} jobs: generate-documents: name: Generate Documents - runs-on: ubuntu-latest + runs-on: ubuntu-slim permissions: contents: read steps: