From 94d6bf9d2205442189681a51f429ab9143657007 Mon Sep 17 00:00:00 2001 From: Stefan Zweifel Date: Sat, 11 Feb 2023 12:23:24 +0100 Subject: [PATCH] Add permissions block to Workflows --- .github/workflows/git-auto-commit.yml | 6 ++++++ .github/workflows/release-drafter.yml | 7 +++++++ .github/workflows/update-changelog.yaml | 6 ++++++ .github/workflows/versioning.yml | 7 +++++++ 4 files changed, 26 insertions(+) diff --git a/.github/workflows/git-auto-commit.yml b/.github/workflows/git-auto-commit.yml index 0334115..bf9bbcd 100644 --- a/.github/workflows/git-auto-commit.yml +++ b/.github/workflows/git-auto-commit.yml @@ -10,6 +10,12 @@ jobs: git-auto-commit: runs-on: ubuntu-latest + permissions: + # Give the default GITHUB_TOKEN write permission to commit and push the + # updaetd CHANGELOG back to the repository. + # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/ + contents: write + steps: - uses: actions/checkout@v3 diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index 17fdb96..152a509 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -8,6 +8,13 @@ on: jobs: update_release_draft: runs-on: ubuntu-latest + + permissions: + # Give the default GITHUB_TOKEN write permission to commit and push the + # updaetd CHANGELOG back to the repository. + # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/ + contents: write + steps: - uses: release-drafter/release-drafter@v5 env: diff --git a/.github/workflows/update-changelog.yaml b/.github/workflows/update-changelog.yaml index a5d6509..e882088 100644 --- a/.github/workflows/update-changelog.yaml +++ b/.github/workflows/update-changelog.yaml @@ -8,6 +8,12 @@ jobs: update: runs-on: ubuntu-latest + permissions: + # Give the default GITHUB_TOKEN write permission to commit and push the + # updaetd CHANGELOG back to the repository. + # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/ + contents: write + steps: - name: Checkout code uses: actions/checkout@v3 diff --git a/.github/workflows/versioning.yml b/.github/workflows/versioning.yml index ad05219..396efac 100644 --- a/.github/workflows/versioning.yml +++ b/.github/workflows/versioning.yml @@ -7,6 +7,13 @@ on: jobs: actions-tagger: runs-on: windows-latest + + permissions: + # Give the default GITHUB_TOKEN write permission to commit and push the + # updaetd CHANGELOG back to the repository. + # https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/ + contents: write + steps: - uses: Actions-R-Us/actions-tagger@latest env: