Skip to content

Commit

Permalink
Set permissions on the calling side.
Browse files Browse the repository at this point in the history 
The `permissions` block in a reusable workflow doesn't grant these permissions. These are more used as an early indication of the permissions required by the reusable workflow. The correct permissions still need to be set on the calling side.
  • Loading branch information
@ringods
ringods committed Dec 17, 2024
1 parent aeb1679 commit f8763a9
Show file tree
Hide file tree
Showing 22 changed files with 66 additions and 0 deletions.
3 changes: 3 additions & 0 deletions provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/nightly-test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/prerelease.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
3 changes: 3 additions & 0 deletions ...der-ci/internal/pkg/templates/bridged-provider/.github/workflows/run-acceptance-tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/test-providers/acme/.github/workflows/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/test-providers/acme/.github/workflows/prerelease.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/test-providers/acme/.github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
3 changes: 3 additions & 0 deletions provider-ci/test-providers/acme/.github/workflows/run-acceptance-tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/test-providers/aws/.github/workflows/master.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/test-providers/aws/.github/workflows/nightly-test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/test-providers/aws/.github/workflows/prerelease.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/test-providers/aws/.github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
3 changes: 3 additions & 0 deletions provider-ci/test-providers/aws/.github/workflows/run-acceptance-tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/test-providers/cloudflare/.github/workflows/master.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/test-providers/cloudflare/.github/workflows/prerelease.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/test-providers/cloudflare/.github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
3 changes: 3 additions & 0 deletions provider-ci/test-providers/cloudflare/.github/workflows/run-acceptance-tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/test-providers/docker/.github/workflows/master.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/test-providers/docker/.github/workflows/prerelease.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down
3 changes: 3 additions & 0 deletions provider-ci/test-providers/docker/.github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
3 changes: 3 additions & 0 deletions provider-ci/test-providers/docker/.github/workflows/run-acceptance-tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,6 +136,9 @@ jobs:
- prerequisites
- build_provider
- build_sdk
permissions:
contents: read
id-token: write
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
Expand Down

0 comments on commit f8763a9

Please sign in to comment.