From a2e50bece0b384b04ad462fd469b6e4dbd03f9b2 Mon Sep 17 00:00:00 2001 From: David Tippett Date: Fri, 13 Dec 2024 14:22:52 +0000 Subject: [PATCH 1/4] Adding contents: write to allow this to create artifacts. --- .github/workflows/releases.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/releases.yml b/.github/workflows/releases.yml index 8004e1a..0fc8605 100644 --- a/.github/workflows/releases.yml +++ b/.github/workflows/releases.yml @@ -5,6 +5,9 @@ on: tags: - '*' +permissions: + contents: write + jobs: goreleaser: runs-on: ubuntu-latest From 1b91a3e0ee7c36e1ca6443640f8969f3af58864c Mon Sep 17 00:00:00 2001 From: David Tippett Date: Fri, 13 Dec 2024 14:24:46 +0000 Subject: [PATCH 2/4] Adding explicit permissions for workflow --- .github/workflows/workflow.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yml index e09f353..cb5dce0 100644 --- a/.github/workflows/workflow.yml +++ b/.github/workflows/workflow.yml @@ -1,6 +1,10 @@ --- name: Vulcanizer CI on: [push, pull_request] +permissions: + contents: read + actions: read + checks: write jobs: build: runs-on: ubuntu-latest From 07a5b4479898a37fd3e9cae4ddfdda9d5108c673 Mon Sep 17 00:00:00 2001 From: David Tippett Date: Fri, 13 Dec 2024 14:40:56 +0000 Subject: [PATCH 3/4] Pinning repositories to specific commit hashes. --- .github/workflows/golangci-lint.yml | 2 +- .github/workflows/releases.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 4da5931..0ee8928 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -23,7 +23,7 @@ jobs: with: go-version: '1.22' - name: golangci-lint - uses: golangci/golangci-lint-action@v3.7.0 + uses: golangci/golangci-lint-action@v3a919529898de77ec3da873e3063ca4b10e7f5cc with: # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version version: v1.55.2 diff --git a/.github/workflows/releases.yml b/.github/workflows/releases.yml index 0fc8605..7fa5eea 100644 --- a/.github/workflows/releases.yml +++ b/.github/workflows/releases.yml @@ -24,7 +24,7 @@ jobs: go-version: 1.22 - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v2 + uses: goreleaser/goreleaser-action@b953231f81b8dfd023c58e0854a721e35037f28b with: version: 'v1.14.0' args: release --rm-dist From 554a72939dbf502590ff957069d27356bfa93ccc Mon Sep 17 00:00:00 2001 From: David Tippett Date: Fri, 13 Dec 2024 15:06:27 +0000 Subject: [PATCH 4/4] Fixing a messed up commit hash --- .github/workflows/golangci-lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 0ee8928..ea248cb 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -23,7 +23,7 @@ jobs: with: go-version: '1.22' - name: golangci-lint - uses: golangci/golangci-lint-action@v3a919529898de77ec3da873e3063ca4b10e7f5cc + uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc with: # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version version: v1.55.2