Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🌱 Fix goreleaser permissions #984

Closed
wants to merge 2 commits into from
Closed

🌱 Fix goreleaser permissions #984

wants to merge 2 commits into from

Conversation

naveensrinivasan
Copy link
Member

  • Please check if the PR fulfills these requirements

  • What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)
    Bug fix

  • What is the current behavior? (You can also link to an open issue here)
    Scorecard repo fails at Token-Permissions with score 0 #942

  • What is the new behavior (if this is a feature change)?

    • Fix the goreleaser permissions to read contents

  • Does this PR introduce a breaking change? (What changes might users need to make in their application due to this PR?)

No

  • Other information:

No

@naveensrinivasan naveensrinivasan self-assigned this Sep 9, 2021
@github-actions
Copy link

github-actions bot commented Sep 9, 2021

Integration tests success for 1d31de436c7912707bc9eeb26058249962e2afc3

@naveensrinivasan
🌱 Fix goreleaser permissions
2477d11 
* Fix the goreleaser permissions to read contents and write deployments
@naveensrinivasan naveensrinivasan force-pushed the naveen/feat/fix/go-releaser-permissions branch from 1d31de4 to 2477d11 Compare September 9, 2021 16:14
@github-actions
Copy link

github-actions bot commented Sep 9, 2021

Integration tests success for 2477d1172ccdac85095db3e1d4a6723198289e4d

@naveensrinivasan naveensrinivasan marked this pull request as draft September 9, 2021 16:31
@naveensrinivasan
Copy link
Member Author

Not yet ready, figuring out the right permissions.

laurentsimon
laurentsimon approved these changes Sep 9, 2021
View reviewed changes
.github/workflows/goreleaser.yaml
@@ -19,6 +19,18 @@ on:
tags:
- "*" # triggers only if push new tag version, like `0.8.4` or else

permissions:
actions: none
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same comment as other PR. You can remove the name: none

@azeemshaikh38
Copy link
Contributor

ETA on this PR?

@laurentsimon
Copy link
Contributor

this is interesting https://github.com/apps/step-security

@naveensrinivasan
Copy link
Member Author

ETA on this PR?

The hard thing with this is to only make releases to determine the right permissions.

@github-actions
Copy link

github-actions bot commented Oct 4, 2021

Integration tests success for 95db6ac782b31bc94606a187120ff4b987170f53

@naveensrinivasan
Copy link
Member Author

It will be addressed by #1164

@naveensrinivasan naveensrinivasan deleted the naveen/feat/fix/go-releaser-permissions branch October 26, 2021 21:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@laurentsimon laurentsimon laurentsimon approved these changes

Assignees

@naveensrinivasan naveensrinivasan

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@naveensrinivasan @azeemshaikh38 @laurentsimon