shishantbiswas/registry
1
0
Fork 0
mirror of https://github.com/coder/registry.git synced 2026-06-02 20:48:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: add CODEOWNERS and enforce approval for GHA Workflow changes (#654)

Browse Source 
## Summary

Adds a `CODEOWNERS` file to enforce code review requirements for GitHub
Actions workflow changes.

- Creates `CODEOWNERS` file designating `@jdomeracki-coder` as owner of
`.github/` directory
- All changes to GitHub Actions workflows (`.github/` directory) now
require approval from the designated code owner
- Improves security posture by preventing unauthorized modifications to
CI/CD pipelines

  ## Why this change?

GitHub Actions workflows have elevated privileges and can access
repository secrets. Requiring explicit approval for workflow changes
helps prevent:

  - Accidental or malicious modifications to CI/CD pipelines
  - Unauthorized access to secrets
  - Supply chain security vulnerabilities

  ## Test plan

  - [x] Verify CODEOWNERS file is properly formatted
- [ ] Test that PRs modifying `.github/` directory require approval from
`@jdomeracki-coder`
- [ ] Confirm existing PRs not touching `.github/` continue to work
normally
This commit is contained in:
Jakub Domeracki
2026-01-12 13:51:27 +01:00
committed by GitHub
parent 44d1ae1d1d
commit 836536eb97
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CODEOWNERS
+2
View File
@@ -0,0 +1,2 @@
# GitHub Actions Workflow Owners
.github/ @jdomeracki-coder