Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[bug] Broken workflow permissions #2315

Closed
funnelfiasco opened this issue Nov 25, 2024 · 3 comments · Fixed by #2338 or #2344
Closed

[bug] Broken workflow permissions #2315

funnelfiasco opened this issue Nov 25, 2024 · 3 comments · Fixed by #2338 or #2344
Labels
bug Something isn't working

Comments

@funnelfiasco
Copy link
Contributor

The workflow permission changes I made in #2276 probably include some overly-restricted permissions that will cause the workflow to fail. guac-visualizer has similar changes, so once we get those ironed out, I'll fix them here as well.
@funnelfiasco funnelfiasco added the bug Something isn't working label Nov 25, 2024
@funnelfiasco funnelfiasco mentioned this issue Dec 2, 2024
Merged
9 tasks
@kodiakhq kodiakhq bot closed this as completed in #2338 Dec 3, 2024
@funnelfiasco
Copy link
Contributor Author

Reopening because, looking at the release workflow history, it has failed with "Startup failure" since #2276 was merged. I can't see any indication why.

@pxp928 pxp928 reopened this Dec 3, 2024
@pxp928
Copy link
Collaborator

pxp928 commented Dec 3, 2024

Error reported:

The workflow is not valid. .github/workflows/release.yaml (Line: 174, Col: 3): Error calling workflow 'slsa-framework/slsa-github-generator/.github/workflows/[email protected]'. The workflow is requesting 'contents: read', but is only allowed 'contents: none'. .github/workflows/release.yaml (Line: 174, Col: 3): Error calling workflow 'slsa-framework/slsa-github-generator/.github/workflows/[email protected]'. The nested job 'detect-env' is requesting 'id-token: write', but is only allowed 'id-token: none'.

@funnelfiasco
Copy link
Contributor Author

#2341 should fix this

@funnelfiasco funnelfiasco mentioned this issue Dec 5, 2024
Merged
9 tasks
@kodiakhq kodiakhq bot closed this as completed in #2344 Dec 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
2 participants
@funnelfiasco @pxp928