From 3f5d9c5c69453c264185ddbeb23d8d847460a4f9 Mon Sep 17 00:00:00 2001 From: Peter Bomber Date: Fri, 6 Oct 2023 16:23:18 +1300 Subject: [PATCH] Add GHCR package write permissions --- .github/workflows/build-publish.yml | 8 +++++++- .github/workflows/patch.yml | 4 ++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index 50892f98..9cb4d46d 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -1,4 +1,5 @@ -name: Building and Pushing to Container Registries +name: Build and Publish to GHCR and MCR + on: [workflow_dispatch] permissions: @@ -53,6 +54,9 @@ jobs: publish: runs-on: ${{ matrix.os }} needs: common + permissions: + contents: read + packages: write strategy: max-parallel: 4 matrix: @@ -163,6 +167,8 @@ jobs: update-manifest: runs-on: ubuntu-latest needs: [common, publish] + permissions: + packages: write defaults: run: shell: pwsh diff --git a/.github/workflows/patch.yml b/.github/workflows/patch.yml index 260153e8..f4af8f5b 100644 --- a/.github/workflows/patch.yml +++ b/.github/workflows/patch.yml @@ -39,6 +39,8 @@ jobs: patch: runs-on: ${{ matrix.os }} needs: common + permissions: + packages: write strategy: max-parallel: 4 matrix: @@ -132,6 +134,8 @@ jobs: update-manifest: runs-on: ubuntu-latest needs: [common, patch] + permissions: + packages: write defaults: run: shell: pwsh