[llvm] workflows: Fix permissions for release-sources job (PR #100750)
via llvm-commits
llvm-commits at lists.llvm.org
Fri Jul 26 07:08:57 PDT 2024
llvmbot wrote:
<!--LLVM PR SUMMARY COMMENT-->
@llvm/pr-subscribers-github-workflow
Author: Tom Stellard (tstellar)
<details>
<summary>Changes</summary>
For reusable workflows, the called workflow cannot upgrade it's permissions, and since the default permission is none, we need to explicitly declare 'contents: read' when calling the release-sources workflow.
Fixes the error:
The workflow is requesting 'contents: read', but is only allowed 'contents: none'.
---
Full diff: https://github.com/llvm/llvm-project/pull/100750.diff
1 Files Affected:
- (modified) .github/workflows/release-tasks.yml (+1)
``````````diff
diff --git a/.github/workflows/release-tasks.yml b/.github/workflows/release-tasks.yml
index 2ed56dace1d4c..116261f8e76b7 100644
--- a/.github/workflows/release-tasks.yml
+++ b/.github/workflows/release-tasks.yml
@@ -89,6 +89,7 @@ jobs:
release-sources:
name: Package Release Sources
permissions:
+ contents: read
id-token: write
attestations: write
needs:
``````````
</details>
https://github.com/llvm/llvm-project/pull/100750
More information about the llvm-commits
mailing list