From 10f687acb13d8be01b9cee312ed0d80bffe31816 Mon Sep 17 00:00:00 2001 From: SergeantPanda Date: Thu, 10 Apr 2025 13:23:24 -0500 Subject: [PATCH] Updated permissions for releases. --- .github/workflows/ci.yml | 5 +++++ .github/workflows/release.yml | 12 ++++++++++++ 2 files changed, 17 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9c462b63..19fb7891 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,6 +6,11 @@ on: pull_request: branches: [ main, dev ] +# Add explicit permissions for the workflow +permissions: + contents: read + packages: write # For publishing to GitHub Container Registry + jobs: build: runs-on: ubuntu-latest diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8911b5c8..c03cc318 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,6 +13,11 @@ on: - minor - patch +# Add explicit permissions for the workflow +permissions: + contents: write # For managing releases and pushing tags + packages: write # For publishing to GitHub Container Registry + jobs: release: runs-on: ubuntu-latest @@ -39,6 +44,13 @@ jobs: REPO_OWNER=$(echo "${{ github.repository_owner }}" | tr '[:upper:]' '[:lower:]') echo "lowercase=$REPO_OWNER" >> $GITHUB_OUTPUT + - name: Login to GitHub Container Registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Commit and Tag run: | git add version.py