Skip to content

Commit

Permalink
Merge pull request #46 from creative-commoners/pulls/main/gha-permiss…
Browse files Browse the repository at this point in the history
…ions

ENH Add workflow permissions
  • Loading branch information
GuySartorelli authored May 14, 2024
2 parents c42e9b4 + 947bc2c commit f737a5e
Show file tree
Hide file tree
Showing 5 changed files with 25 additions and 0 deletions.
5 changes: 5 additions & 0 deletions scripts/cms-any/auto-tag.php
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,15 @@
tags:
- '*.*.*'
workflow_dispatch:
permissions: {}
jobs:
auto-tag:
name: Auto-tag
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Auto-tag
uses: silverstripe/gha-auto-tag@v1
Expand Down
5 changes: 5 additions & 0 deletions scripts/cms-any/dispatch-ci.php
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,17 @@
schedule:
- cron: '$cron'
permissions: {}
jobs:
dispatch-ci:
name: Dispatch CI
# Only run cron on the $account account
if: (github.event_name == 'schedule' && github.repository_owner == '$account') || (github.event_name != 'schedule')
runs-on: ubuntu-latest
permissions:
contents: read
actions: write
steps:
- name: Dispatch CI
uses: silverstripe/gha-dispatch-ci@v1
Expand Down
4 changes: 4 additions & 0 deletions scripts/cms-any/keepalive.php
Original file line number Diff line number Diff line change
Expand Up @@ -20,12 +20,16 @@
- cron: '$cron'
workflow_dispatch:
permissions: {}
jobs:
keepalive:
name: Keepalive
# Only run cron on the $account account
if: (github.event_name == 'schedule' && github.repository_owner == '$account') || (github.event_name != 'schedule')
runs-on: ubuntu-latest
permissions:
actions: write
steps:
- name: Keepalive
uses: silverstripe/gha-keepalive@v1
Expand Down
5 changes: 5 additions & 0 deletions scripts/cms-any/merge-ups.php
Original file line number Diff line number Diff line change
Expand Up @@ -38,12 +38,17 @@
- cron: '$cron'
workflow_dispatch:
permissions: {}
jobs:
merge-up:
name: Merge-up
# Only run cron on the $account account
if: (github.event_name == 'schedule' && github.repository_owner == '$account') || (github.event_name != 'schedule')
runs-on: ubuntu-latest
permissions:
contents: write
actions: write
steps:
- name: Merge-up
uses: silverstripe/gha-merge-up@v1
Expand Down
6 changes: 6 additions & 0 deletions scripts/cms-any/update-js.php
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,18 @@
schedule:
- cron: '$runOnMinute $runOnHour $runOnDay */3 *'
permissions: {}
jobs:
update-js:
name: Update JS
# Only run cron on the $account account
if: (github.event_name == 'schedule' && github.repository_owner == '$account') || (github.event_name != 'schedule')
runs-on: ubuntu-latest
permissions:
contents: write
pull-request: write
actions: write
steps:
- name: Update JS
uses: silverstripe/gha-update-js@v1
Expand Down

0 comments on commit f737a5e

Please sign in to comment.