Scope permissions to dispatch reusable workflow invokation (#11843)
# Introduction Fixes `preview-dispatch` for external contributors such as this run FAILING = https://github.com/twentyhq/twenty/actions/runs/14796579485/job/41545030774 NOW SUCCEEDING = https://github.com/twentyhq/twenty/actions/runs/14797811684?pr=11827
This commit is contained in:
Paul Rastoin
9
.github/workflows/preview-env-dispatch.yaml
vendored
9
.github/workflows/preview-env-dispatch.yaml
vendored
@ -11,11 +11,6 @@ concurrency:
|
|||||||
group: ${{ github.workflow }}-${{ github.ref }}
|
group: ${{ github.workflow }}-${{ github.ref }}
|
||||||
cancel-in-progress: true
|
cancel-in-progress: true
|
||||||
|
|
||||||
permissions:
|
|
||||||
contents: write
|
|
||||||
actions: write
|
|
||||||
pull-requests: read
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
changed-files-check:
|
changed-files-check:
|
||||||
uses: ./.github/workflows/changed-files.yaml
|
uses: ./.github/workflows/changed-files.yaml
|
||||||
@ -30,6 +25,10 @@ jobs:
|
|||||||
|
|
||||||
trigger-preview:
|
trigger-preview:
|
||||||
needs: changed-files-check
|
needs: changed-files-check
|
||||||
|
permissions:
|
||||||
|
contents: write
|
||||||
|
actions: write
|
||||||
|
pull-requests: read
|
||||||
if: needs.changed-files-check.outputs.any_changed == 'true' || contains(github.event.pull_request.labels.*.name, 'preview')
|
if: needs.changed-files-check.outputs.any_changed == 'true' || contains(github.event.pull_request.labels.*.name, 'preview')
|
||||||
timeout-minutes: 5
|
timeout-minutes: 5
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|||||||
Reference in New Issue
Block a user