[llvm] workflows: Fix permissions for release-sources job (PR #100750)
Tom Stellard via llvm-commits
llvm-commits at lists.llvm.org
Fri Jul 26 07:08:23 PDT 2024
https://github.com/tstellar created https://github.com/llvm/llvm-project/pull/100750
For reusable workflows, the called workflow cannot upgrade it's permissions, and since the default permission is none, we need to explicitly declare 'contents: read' when calling the release-sources workflow.
Fixes the error:
The workflow is requesting 'contents: read', but is only allowed 'contents: none'.
>From ebc16279af14fcba3f51ee0b19cc90f68546dcc1 Mon Sep 17 00:00:00 2001
From: Tom Stellard <tstellar at redhat.com>
Date: Fri, 26 Jul 2024 07:06:09 -0700
Subject: [PATCH] workflows: Fix permissions for release-sources job
For reusable workflows, the called workflow cannot upgrade it's
permissions, and since the default permission is none, we need to
explicitly declare 'contents: read' when calling the release-sources
workflow.
Fixes the error:
The workflow is requesting 'contents: read', but is only allowed 'contents: none'.
---
.github/workflows/release-tasks.yml | 1 +
1 file changed, 1 insertion(+)
diff --git a/.github/workflows/release-tasks.yml b/.github/workflows/release-tasks.yml
index 2ed56dace1d4c..116261f8e76b7 100644
--- a/.github/workflows/release-tasks.yml
+++ b/.github/workflows/release-tasks.yml
@@ -89,6 +89,7 @@ jobs:
release-sources:
name: Package Release Sources
permissions:
+ contents: read
id-token: write
attestations: write
needs:
More information about the llvm-commits
mailing list