diff --git a/.github/workflows/ci_branch.yml b/.github/workflows/ci_branch.yml index a9f985f7..99fff297 100644 --- a/.github/workflows/ci_branch.yml +++ b/.github/workflows/ci_branch.yml @@ -16,6 +16,10 @@ on: type: boolean required: false +permissions: + contents: write + packages: write + jobs: build-test-publish: name: "Build, test, publish" diff --git a/.github/workflows/ci_common.yml b/.github/workflows/ci_common.yml index aa4f7997..c40f6403 100644 --- a/.github/workflows/ci_common.yml +++ b/.github/workflows/ci_common.yml @@ -50,6 +50,10 @@ on: description: "" required: true +permissions: + contents: write + packages: write + jobs: build: # run build using the github action! runs-on: ubuntu-latest diff --git a/.github/workflows/ci_main.yml b/.github/workflows/ci_main.yml index 6a4abcef..f9bd53df 100644 --- a/.github/workflows/ci_main.yml +++ b/.github/workflows/ci_main.yml @@ -4,15 +4,19 @@ name: CI (main) on: push: - branches: [main] + branches: [chrmarti/deafening-dingo] workflow_dispatch: +permissions: + contents: write + packages: write + jobs: build-test-publish: name: "Build, test, publish" - if: github.ref == 'refs/heads/main' + if: github.ref == 'refs/heads/chrmarti/deafening-dingo' uses: ./.github/workflows/ci_common.yml with: - release: true + release: false secrets: AZDO_TOKEN: ${{ secrets.AZDO_TOKEN }} diff --git a/.github/workflows/pr-bot.yml b/.github/workflows/pr-bot.yml index e1f7ce0d..7813843d 100644 --- a/.github/workflows/pr-bot.yml +++ b/.github/workflows/pr-bot.yml @@ -9,7 +9,9 @@ on: # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#issue_comment # https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#issue_comment - +permissions: + contents: write + packages: write jobs: pr_comment: diff --git a/.github/workflows/pr_auto.yml b/.github/workflows/pr_auto.yml index 45231626..6412806c 100644 --- a/.github/workflows/pr_auto.yml +++ b/.github/workflows/pr_auto.yml @@ -10,6 +10,10 @@ on: - README.md - 'docs/**' +permissions: + contents: write + packages: write + jobs: build-test: name: "Build, test, publish"