From 7b411cf8421ef3bf6c05edcf131f63b8e7bae8ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=94=D0=B0=D0=BC=D1=98=D0=B0=D0=BD=20=D0=93=D0=B5=D0=BE?= =?UTF-8?q?=D1=80=D0=B3=D0=B8=D0=B5=D0=B2=D1=81=D0=BA=D0=B8?= Date: Mon, 3 Apr 2023 11:10:41 +0200 Subject: ci: add permissions to make a release follow-up to https://github.com/systemd/systemd/pull/27071 in order to create Github Releases, the job needs permissions to write contents also: - pinned the `softprops/action-gh-release` action to a specific commit - made it only active on the `systemd` organization repos (so not on forks) --- .github/workflows/make_release.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to '.github') diff --git a/.github/workflows/make_release.yml b/.github/workflows/make_release.yml index 47dbbea374..c789d33f16 100644 --- a/.github/workflows/make_release.yml +++ b/.github/workflows/make_release.yml @@ -5,14 +5,20 @@ on: tags: - "v*" +permissions: + contents: read + jobs: build: runs-on: ubuntu-latest + permissions: + contents: write + if: ${{ github.repository_owner == 'systemd' }} steps: - name: Checkout uses: actions/checkout@v3 - name: Release - uses: softprops/action-gh-release@v1 + uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 with: prerelease: ${{ contains(github.ref_name, '-rc') }} draft: ${{ github.repository == 'systemd/systemd' }} -- cgit v1.2.1