fix GITHUB_TOKEN permissions in workflows#11392
Conversation
|
theoretically this should fix some of the issues with WebFreak001/deploy-nightly failing, |
|
|
|
/assign-me (I guess this doesn't work) |
|
@Noisyfox Could I get you to take a peek at this? |
should fix permissions issue
NanashiTheNameless
changed the title
There was a problem hiding this comment.
Pull Request Overview
This PR updates GitHub Actions workflow permissions to fix permission issues by adding explicit permission declarations at the workflow level.
- Added
issues: writepermission to the assign.yml workflow for issue management - Added
contents: write,actions: write, andchecks: writepermissions to the build_all.yml workflow for build and deployment operations
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| .github/workflows/assign.yml | Added workflow-level issues: write permission to complement existing job-level permission for the issue assignment action |
| .github/workflows/build_all.yml | Added workflow-level permissions (contents: write, actions: write, checks: write) to enable release deployment and test result publishing |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
@NanashiTheNameless |
My understanding is it has to do with the API and weirdness relating to GITHUB_TOKEN and organizations my assumption is the defaults are different for users and organizations |
|
@SoftFever please see Workflow permissions at the bottom of https://github.com/OrcaSlicer/OrcaSlicer/settings/actions |
|
by designating the permissions used we can ensure the token used by https://github.com/NanashiTheNameless/OrcaSlicer/blob/fix-workflows/.github/workflows/build_check_cache.yml#L44 and every instance of WebFreak001/[email protected] have the permissions they need to run correctly. |
Noisyfox also suspects this is the cause. |
I think the migration did more than intended, adding the the permissions flag is worth adding regardless IMO |
Agreed, let me try adjusting the settings first to figure out the root cause, and then we can merge this pull request. |
sounds good |
|
@NanashiTheNameless |
* correct oversight in #11392 #11392 (comment) * correct oversight in #11392
* main: (272 commits) Delete validate-documentation.yml (OrcaSlicer#11477) Update printer profiles for Artillery (OrcaSlicer#11284) Fix emulated spiral Z-hop XY offset on multi-plate slicing (OrcaSlicer#11468) Move WIKI to new repo Validate invalid fields for hidden system profiles (OrcaSlicer#11455) ci: Increase timeout for dedupe-issues workflow from 10 to 30 minutes Fix CICD AI dedupe Change runner from self-hosted to ubuntu-latest Check duplicated issues. ported from Claude code repo (OrcaSlicer#11454) UI fixes / improvements (OrcaSlicer#11413) Fix Spiral Z-Hop arc handling (OrcaSlicer#11430) FIX: Open provided file at startup (OrcaSlicer#11419) Re-include BBS's Clipperutils2 (OrcaSlicer#11415) Fix filament profile import if inherit from vendor generic (OrcaSlicer#11398) Fix crash after syncing printer (OrcaSlicer#11428) Wiki 16 (MiniUpdate): Updated by Stable cmake 4.2 release + VS2026 First (OrcaSlicer#11423) Revert "fix GITHUB_TOKEN permissions in workflows (OrcaSlicer#11392)" correct oversight in OrcaSlicer#11392 (OrcaSlicer#11404) Profiles for Creality K2 Pro printer (OrcaSlicer#11315) Reduce artifacts from short travel moves before external perimeters (OrcaSlicer#10722) ...
* upd-eigen-5.0.0: (273 commits) Delete validate-documentation.yml (OrcaSlicer#11477) Update printer profiles for Artillery (OrcaSlicer#11284) Fix emulated spiral Z-hop XY offset on multi-plate slicing (OrcaSlicer#11468) Move WIKI to new repo Validate invalid fields for hidden system profiles (OrcaSlicer#11455) ci: Increase timeout for dedupe-issues workflow from 10 to 30 minutes Fix CICD AI dedupe Change runner from self-hosted to ubuntu-latest Check duplicated issues. ported from Claude code repo (OrcaSlicer#11454) UI fixes / improvements (OrcaSlicer#11413) Fix Spiral Z-Hop arc handling (OrcaSlicer#11430) FIX: Open provided file at startup (OrcaSlicer#11419) Re-include BBS's Clipperutils2 (OrcaSlicer#11415) Fix filament profile import if inherit from vendor generic (OrcaSlicer#11398) Fix crash after syncing printer (OrcaSlicer#11428) Wiki 16 (MiniUpdate): Updated by Stable cmake 4.2 release + VS2026 First (OrcaSlicer#11423) Revert "fix GITHUB_TOKEN permissions in workflows (OrcaSlicer#11392)" correct oversight in OrcaSlicer#11392 (OrcaSlicer#11404) Profiles for Creality K2 Pro printer (OrcaSlicer#11315) Reduce artifacts from short travel moves before external perimeters (OrcaSlicer#10722) ...
This pull request updates GitHub Actions workflow files to explicitly set permissions for certain actions. (fixing the permissions issues)
Workflow permissions updates:
issues: writepermission to theassign.ymlworkflow to ensure it can modify issues as needed.contents: write,actions: write, andchecks: writepermissions in thebuild_all.ymlworkflow to allow the workflow to interact with repository contents, manage actions, and update checks.