From 2c884a68822f86b8d8c65e17268ad4d3dc59900c Mon Sep 17 00:00:00 2001 From: Alex Zenla Date: Thu, 18 Jul 2024 14:47:35 -0700 Subject: [PATCH] fix(workflows): give id-token write permission to nightly and release-assets oci (#263) --- .github/workflows/nightly.yml | 2 ++ .github/workflows/release-assets.yml | 3 ++- nightly | 0 3 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 nightly diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index f465bee..46637d3 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -126,6 +126,8 @@ jobs: - krata-guest-init name: nightly oci build ${{ matrix.component }} permissions: + contents: read + id-token: write packages: write steps: - name: harden runner diff --git a/.github/workflows/release-assets.yml b/.github/workflows/release-assets.yml index 9dc3334..3fbcb9c 100644 --- a/.github/workflows/release-assets.yml +++ b/.github/workflows/release-assets.yml @@ -123,7 +123,8 @@ jobs: - krata-guest-init name: release-assets oci ${{ matrix.component }} permissions: - contents: write + contents: read + id-token: write packages: write steps: - name: harden runner diff --git a/nightly b/nightly new file mode 100644 index 0000000..e69de29