From 726f71531b0de19cdec9d6b2855c09d6295c63f6 Mon Sep 17 00:00:00 2001 From: Cem KIRAY Date: Tue, 26 Mar 2024 13:21:18 +0100 Subject: [PATCH 1/3] add required permissions to github actions --- .github/workflows/new-version.yml | 4 ++++ .github/workflows/pr-preview.yml | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/.github/workflows/new-version.yml b/.github/workflows/new-version.yml index 8863362..1d005fd 100644 --- a/.github/workflows/new-version.yml +++ b/.github/workflows/new-version.yml @@ -5,6 +5,10 @@ on: branches: # only trigger when a commit was pushed to main - main +permissions: + # this is required to create a release + contents: read + jobs: publish: runs-on: ubuntu-latest diff --git a/.github/workflows/pr-preview.yml b/.github/workflows/pr-preview.yml index 6ff4439..c614c4e 100644 --- a/.github/workflows/pr-preview.yml +++ b/.github/workflows/pr-preview.yml @@ -10,6 +10,10 @@ on: concurrency: preview-${{ github.ref }} +permissions: + # this is required to allow the action to comment on the PR + pull-requests: write + jobs: deploy-preview: runs-on: ubuntu-latest From 11fdb8bf74e801011453fe627a1ca5f6c843a501 Mon Sep 17 00:00:00 2001 From: Cem KIRAY Date: Tue, 26 Mar 2024 13:25:42 +0100 Subject: [PATCH 2/3] update permissions of pr-preview workflow --- .github/workflows/pr-preview.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pr-preview.yml b/.github/workflows/pr-preview.yml index c614c4e..5344670 100644 --- a/.github/workflows/pr-preview.yml +++ b/.github/workflows/pr-preview.yml @@ -11,8 +11,8 @@ on: concurrency: preview-${{ github.ref }} permissions: - # this is required to allow the action to comment on the PR - pull-requests: write + # this is required to allow the action to comment on the PR and push to the repo + contents: write jobs: deploy-preview: @@ -25,7 +25,7 @@ jobs: - name: Setup Node.js uses: actions/setup-node@v4 with: - node-version: 18 + node-version: 18.0.0 - name: Install dependencies and build storybook run: | From 3709cc4cf27d80b116674ad4bba9fc22c9e3d542 Mon Sep 17 00:00:00 2001 From: Cem KIRAY Date: Tue, 26 Mar 2024 13:29:27 +0100 Subject: [PATCH 3/3] fix pr-preview workflow permissions - pull-requests permission was also necessary for pr comments --- .github/workflows/pr-preview.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/pr-preview.yml b/.github/workflows/pr-preview.yml index 5344670..6e4d327 100644 --- a/.github/workflows/pr-preview.yml +++ b/.github/workflows/pr-preview.yml @@ -11,8 +11,10 @@ on: concurrency: preview-${{ github.ref }} permissions: - # this is required to allow the action to comment on the PR and push to the repo + # allow the action to push storybook build to the gh-pages branch contents: write + # allow the action to add a comment to the PR + pull-requests: write jobs: deploy-preview: