StarMirror/qTox
1
0
Fork 0
mirror of https://github.com/qTox/qTox.git synced 2024-03-22 14:00:36 +08:00
Code Issues Projects Releases Wiki Activity

fix(CI): Grant action content write permission for release upload

Browse Source 
By default our organization on GH only grants a more restricted read
permission to actions for content APIs, which include both writing to
repo for nightly tag creation, and writing to releases for nightly and
tag release creation or updates.
This commit is contained in:
Anthony Bilinski 2022-01-10 00:01:32 -08:00
parent b657fa2bc6
commit 1bc72ab1a4
No known key found for this signature in database
GPG Key ID: 2AA8E0DA1B31FB3C
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.github/workflows/build-test-deploy.yaml vendored
View File

@ -5,6 +5,8 @@ jobs:
name: Update nightly release tag name: Update nightly release tag
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: github.event_name == 'push' && github.ref == 'refs/heads/master' if: github.event_name == 'push' && github.ref == 'refs/heads/master'
permissions:
contents: write
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@v2
- name: Move nightly tag to head for nightly release - name: Move nightly tag to head for nightly release
@ -203,6 +205,8 @@ jobs:
needs.build-ubuntu-lts-docker.result == 'success' && needs.build-ubuntu-lts-docker.result == 'success' &&
(needs.update-nightly-tag.result == 'success' || (needs.update-nightly-tag.result == 'success' ||
needs.update-nightly-tag.result == 'skipped') needs.update-nightly-tag.result == 'skipped')
permissions:
contents: write
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@v2
- uses: ./.github/actions/load-docker-image - uses: ./.github/actions/load-docker-image
@ -256,6 +260,8 @@ jobs:
needs.build-flatpak-docker.result == 'success' && needs.build-flatpak-docker.result == 'success' &&
(needs.update-nightly-tag.result == 'success' || (needs.update-nightly-tag.result == 'success' ||
needs.update-nightly-tag.result == 'skipped') needs.update-nightly-tag.result == 'skipped')
permissions:
contents: write
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@v2
- uses: ./.github/actions/load-docker-image - uses: ./.github/actions/load-docker-image
@ -308,6 +314,8 @@ jobs:
needs.build-windows-docker.result == 'success' && needs.build-windows-docker.result == 'success' &&
(needs.update-nightly-tag.result == 'success' || (needs.update-nightly-tag.result == 'success' ||
needs.update-nightly-tag.result == 'skipped') needs.update-nightly-tag.result == 'skipped')
permissions:
contents: write
strategy: strategy:
matrix: matrix:
build_type: [debug, release] build_type: [debug, release]
@ -378,6 +386,8 @@ jobs:
needs.build-windows-i686-docker.result == 'success' && needs.build-windows-i686-docker.result == 'success' &&
(needs.update-nightly-tag.result == 'success' || (needs.update-nightly-tag.result == 'success' ||
needs.update-nightly-tag.result == 'skipped') needs.update-nightly-tag.result == 'skipped')
permissions:
contents: write
strategy: strategy:
matrix: matrix:
build_type: [debug, release] build_type: [debug, release]
@ -447,6 +457,8 @@ jobs:
always() && always() &&
(needs.update-nightly-tag.result == 'success' || (needs.update-nightly-tag.result == 'success' ||
needs.update-nightly-tag.result == 'skipped') needs.update-nightly-tag.result == 'skipped')
permissions:
contents: write
env: env:
TRAVIS: true TRAVIS: true
TRAVIS_BUILD_DIR: ${{ github.workspace }} TRAVIS_BUILD_DIR: ${{ github.workspace }}