From aa1174df69f7282e9d469dfcd3edabb531b090ea Mon Sep 17 00:00:00 2001 From: Ashcon Partovi Date: Wed, 17 Apr 2024 17:51:34 -0700 Subject: [PATCH] Probably fix permissions issues with CI --- .github/workflows/build-darwin.yml | 4 ++++ .github/workflows/build-linux.yml | 4 ++++ .github/workflows/build-windows.yml | 4 ++++ .github/workflows/build-zig.yml | 4 ++++ .github/workflows/ci.yml | 4 ++++ .github/workflows/comment.yml | 1 + .github/workflows/run-lint.yml | 3 +++ .github/workflows/run-test.yml | 4 ++++ 8 files changed, 28 insertions(+) diff --git a/.github/workflows/build-darwin.yml b/.github/workflows/build-darwin.yml index dc37d599b5..9f251e15e6 100644 --- a/.github/workflows/build-darwin.yml +++ b/.github/workflows/build-darwin.yml @@ -1,5 +1,9 @@ name: Build Darwin +permissions: + contents: read + actions: write + on: workflow_call: inputs: diff --git a/.github/workflows/build-linux.yml b/.github/workflows/build-linux.yml index dcc0e97d6b..656469c8a8 100644 --- a/.github/workflows/build-linux.yml +++ b/.github/workflows/build-linux.yml @@ -1,5 +1,9 @@ name: Build Linux +permissions: + contents: read + actions: write + on: workflow_call: inputs: diff --git a/.github/workflows/build-windows.yml b/.github/workflows/build-windows.yml index 7584124b68..40688c67bd 100644 --- a/.github/workflows/build-windows.yml +++ b/.github/workflows/build-windows.yml @@ -1,5 +1,9 @@ name: Build Windows +permissions: + contents: read + actions: write + on: workflow_call: inputs: diff --git a/.github/workflows/build-zig.yml b/.github/workflows/build-zig.yml index fa18eb1064..b9516ce56a 100644 --- a/.github/workflows/build-zig.yml +++ b/.github/workflows/build-zig.yml @@ -1,5 +1,9 @@ name: Build Zig +permissions: + contents: read + actions: write + on: workflow_call: inputs: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7af04dcea1..5b6503f327 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,5 +1,9 @@ name: CI +permissions: + contents: read + actions: write + concurrency: group: ${{ github.workflow }}-${{ github.ref == 'refs/heads/main' && github.run_id || github.ref }} cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} diff --git a/.github/workflows/comment.yml b/.github/workflows/comment.yml index 30e1681673..c19b73dde3 100644 --- a/.github/workflows/comment.yml +++ b/.github/workflows/comment.yml @@ -1,6 +1,7 @@ name: Comment permissions: + actions: read pull-requests: write on: diff --git a/.github/workflows/run-lint.yml b/.github/workflows/run-lint.yml index 8471c78252..75316ba1e4 100644 --- a/.github/workflows/run-lint.yml +++ b/.github/workflows/run-lint.yml @@ -1,5 +1,8 @@ name: Lint +permissions: + contents: read + on: workflow_call: diff --git a/.github/workflows/run-test.yml b/.github/workflows/run-test.yml index e9b6dd75a1..cf1bae9c72 100644 --- a/.github/workflows/run-test.yml +++ b/.github/workflows/run-test.yml @@ -1,5 +1,9 @@ name: Test +permissions: + contents: read + actions: read + on: workflow_call: inputs: