From f35ce31005c7ed2c333bf85687e8863fc7b7a68d Mon Sep 17 00:00:00 2001 From: Sunny Sidhu Date: Thu, 10 Aug 2023 11:09:12 +0100 Subject: [PATCH] ER=697: Workflow permissions --- .github/workflows/azure-deploy-dev.yml | 2 ++ .github/workflows/azure-deploy-review.yml | 2 ++ .github/workflows/azure-deploy-stage.yml | 2 ++ .github/workflows/tf-azure-deploy.yml | 1 + 4 files changed, 7 insertions(+) diff --git a/.github/workflows/azure-deploy-dev.yml b/.github/workflows/azure-deploy-dev.yml index 6d7f68a52..ec538356b 100644 --- a/.github/workflows/azure-deploy-dev.yml +++ b/.github/workflows/azure-deploy-dev.yml @@ -22,6 +22,8 @@ on: # Permissions for OIDC authentication permissions: id-token: write + contents: write + packages: write env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} diff --git a/.github/workflows/azure-deploy-review.yml b/.github/workflows/azure-deploy-review.yml index d1afe10a8..8ef626561 100644 --- a/.github/workflows/azure-deploy-review.yml +++ b/.github/workflows/azure-deploy-review.yml @@ -23,6 +23,8 @@ on: # Permissions for OIDC authentication permissions: id-token: write + contents: write + packages: write env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} diff --git a/.github/workflows/azure-deploy-stage.yml b/.github/workflows/azure-deploy-stage.yml index 00810397a..afa87cd74 100644 --- a/.github/workflows/azure-deploy-stage.yml +++ b/.github/workflows/azure-deploy-stage.yml @@ -19,6 +19,8 @@ on: # Permissions for OIDC authentication permissions: id-token: write + contents: write + packages: write env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} diff --git a/.github/workflows/tf-azure-deploy.yml b/.github/workflows/tf-azure-deploy.yml index a5f2f6feb..d89419645 100644 --- a/.github/workflows/tf-azure-deploy.yml +++ b/.github/workflows/tf-azure-deploy.yml @@ -26,6 +26,7 @@ defaults: # Permissions for OIDC authentication permissions: id-token: write + contents: write env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}