diff --git a/.github/WorkflowGen/Program.cs b/.github/WorkflowGen/Program.cs index 5d73fa75..5c275eea 100644 --- a/.github/WorkflowGen/Program.cs +++ b/.github/WorkflowGen/Program.cs @@ -40,6 +40,8 @@ void GenerateWorkflowsForLibs() .Paths(paths) .Tags($"{lib}-**"); + workflow.Permissions(packages: Permission.Write); + var buildJob = workflow .Job("build") .RunsOn(GitHubHostedRunners.UbuntuLatest) diff --git a/.github/workflows/aspnet-core-ci.yml b/.github/workflows/aspnet-core-ci.yml index 89f66321..990af2fd 100644 --- a/.github/workflows/aspnet-core-ci.yml +++ b/.github/workflows/aspnet-core-ci.yml @@ -16,6 +16,8 @@ on: - build/** tags: - aspnet-core-** +permissions: + packages: write jobs: build: runs-on: ubuntu-latest diff --git a/.github/workflows/bullseye-ci.yml b/.github/workflows/bullseye-ci.yml index 8849bcdb..8dc9a67e 100644 --- a/.github/workflows/bullseye-ci.yml +++ b/.github/workflows/bullseye-ci.yml @@ -16,6 +16,8 @@ on: - build/** tags: - bullseye-** +permissions: + packages: write jobs: build: runs-on: ubuntu-latest diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 1c859359..481db3d3 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -34,10 +34,10 @@ jobs: dotnet-version: 8.0.x - run: dotnet --info - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v2 with: languages: ${{ matrix.language }} - run: ./build.ps1 build shell: pwsh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/configuration-ci.yml b/.github/workflows/configuration-ci.yml index 984fdbb5..63ea88d0 100644 --- a/.github/workflows/configuration-ci.yml +++ b/.github/workflows/configuration-ci.yml @@ -16,6 +16,8 @@ on: - build/** tags: - configuration-** +permissions: + packages: write jobs: build: runs-on: ubuntu-latest diff --git a/.github/workflows/github-ci.yml b/.github/workflows/github-ci.yml index 6e8951dd..cbb15406 100644 --- a/.github/workflows/github-ci.yml +++ b/.github/workflows/github-ci.yml @@ -16,6 +16,8 @@ on: - build/** tags: - github-** +permissions: + packages: write jobs: build: runs-on: ubuntu-latest diff --git a/.github/workflows/hosting-ci.yml b/.github/workflows/hosting-ci.yml index 81f35ab4..98cb85f3 100644 --- a/.github/workflows/hosting-ci.yml +++ b/.github/workflows/hosting-ci.yml @@ -16,6 +16,8 @@ on: - build/** tags: - hosting-** +permissions: + packages: write jobs: build: runs-on: ubuntu-latest diff --git a/.github/workflows/lambda-ci.yml b/.github/workflows/lambda-ci.yml index 37cf0a07..8a9ae255 100644 --- a/.github/workflows/lambda-ci.yml +++ b/.github/workflows/lambda-ci.yml @@ -16,6 +16,8 @@ on: - build/** tags: - lambda-** +permissions: + packages: write jobs: build: runs-on: ubuntu-latest diff --git a/.github/workflows/pulumi-ci.yml b/.github/workflows/pulumi-ci.yml index 0bd8157f..ac45c124 100644 --- a/.github/workflows/pulumi-ci.yml +++ b/.github/workflows/pulumi-ci.yml @@ -16,6 +16,8 @@ on: - build/** tags: - pulumi-** +permissions: + packages: write jobs: build: runs-on: ubuntu-latest diff --git a/.github/workflows/system-extensions-ci.yml b/.github/workflows/system-extensions-ci.yml index 7101ed4a..b805c595 100644 --- a/.github/workflows/system-extensions-ci.yml +++ b/.github/workflows/system-extensions-ci.yml @@ -16,6 +16,8 @@ on: - build/** tags: - system-extensions-** +permissions: + packages: write jobs: build: runs-on: ubuntu-latest diff --git a/.github/workflows/webhook-relay-ci.yml b/.github/workflows/webhook-relay-ci.yml index c2c65c2d..16679af0 100644 --- a/.github/workflows/webhook-relay-ci.yml +++ b/.github/workflows/webhook-relay-ci.yml @@ -16,6 +16,8 @@ on: - build/** tags: - webhook-relay-** +permissions: + packages: write jobs: build: runs-on: ubuntu-latest