From 9a0293efd2f312b75e915e421d39ad6d490de12f Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Mon, 31 Mar 2025 11:11:44 -0700 Subject: [PATCH 1/2] Add write permission to nightly report table. --- .github/workflows/build-report.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build-report.yml b/.github/workflows/build-report.yml index 9af62a6bf..3fdb21d13 100644 --- a/.github/workflows/build-report.yml +++ b/.github/workflows/build-report.yml @@ -5,6 +5,8 @@ on: schedule: - cron: "0 21 * * *" # 9pm UTC = 1pm PST / 2pm PDT, 12 hours after testapps run +permissions: write-all + env: GITHUB_TOKEN: ${{ github.token }} numDays: 7 From 935d6b844397ecda3558538333dbe5ac2424b06a Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 1 Apr 2025 19:40:47 -0700 Subject: [PATCH 2/2] Update other workflows. --- .github/workflows/checks.yml | 2 ++ .github/workflows/checks_secure.yml | 2 ++ .github/workflows/update-feature-branches.yml | 2 ++ 3 files changed, 6 insertions(+) diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index c1ee5375f..9b5261583 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -4,6 +4,8 @@ on: pull_request: types: [opened, reopened, synchronize, labeled, unlabeled] +permissions: write-all + env: triggerLabelFull: "tests-requested: full" triggerLabelQuick: "tests-requested: quick" diff --git a/.github/workflows/checks_secure.yml b/.github/workflows/checks_secure.yml index c919b374b..9bd167d0b 100644 --- a/.github/workflows/checks_secure.yml +++ b/.github/workflows/checks_secure.yml @@ -5,6 +5,8 @@ on: pull_request_target: types: [synchronize] +permissions: write-all + concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.ref }} cancel-in-progress: true diff --git a/.github/workflows/update-feature-branches.yml b/.github/workflows/update-feature-branches.yml index b39ad3e27..20590ab7d 100644 --- a/.github/workflows/update-feature-branches.yml +++ b/.github/workflows/update-feature-branches.yml @@ -13,6 +13,8 @@ on: schedule: - cron: "0 16 * * 1" # Mondays, 4pm UTC = 9am PST / 10am PDT +permissions: write-all + env: defaultBranchPattern: "feature_branch/*" defaultMainBranch: "main"