From 27b2edd721ab60e64b2868dbf895165f7cc3514b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Mar 2025 11:13:06 +0100 Subject: [PATCH] github-actions(deps): bump docker/build-push-action from 5 to 6 (#990) * github-actions(deps): bump docker/build-push-action from 5 to 6 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5 to 6. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v5...v6) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * fix: add permissions --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Thomas F. K. Jorna --- .github/workflows/ecrbuild-template.yml | 2 +- .github/workflows/on_pr.yml | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ecrbuild-template.yml b/.github/workflows/ecrbuild-template.yml index d80a72eb5..5aa8934d1 100644 --- a/.github/workflows/ecrbuild-template.yml +++ b/.github/workflows/ecrbuild-template.yml @@ -114,7 +114,7 @@ jobs: fi - name: Build, tag, and push image to Amazon ECR - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 id: build-image env: REGISTRY_REF: ${{steps.login-ecr.outputs.registry}}/${{env.ECR_REPOSITORY_PREFIX}}-${{env.PACKAGE}}:cache diff --git a/.github/workflows/on_pr.yml b/.github/workflows/on_pr.yml index a0b65beb7..97e96c291 100644 --- a/.github/workflows/on_pr.yml +++ b/.github/workflows/on_pr.yml @@ -11,6 +11,10 @@ on: env: AWS_REGION: us-east-1 +permissions: + id-token: write + contents: read + jobs: ci: uses: ./.github/workflows/ci.yml