Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix MKDocs Build Workflow Permissions #333

Merged
merged 2 commits into from
Sep 12, 2023
Merged

Fix MKDocs Build Workflow Permissions #333

merged 2 commits into from
Sep 12, 2023

Conversation

nh916
Copy link
Contributor

@nh916 nh916 commented Sep 11, 2023
edited
Loading

Description

  • Giving GitHub workflow the permission to read from main and write to gh-pages
    • GitHub actions kept getting permission denied errors when trying to write to gh-pages branch, and the issue was that we did not specify that it has write permissions.

Changes

Tests

Known Issues

Notes

Checklist

  • My name is on the list of contributors (CONTRIBUTORS.md) in the pull request source branch.
  • I have updated the documentation to reflect my changes.

@nh916
Fix MKDocs Build Workflow Permissions
eea0156 
giving GitHub workflow the permission to read from `main` and write to `gh-pages`
@trunk-io
Copy link

trunk-io bot commented Sep 11, 2023
edited
Loading

🚫 This pull request was closed and has been removed from the merge queue (details).

@nh916 nh916 requested a review from InnocentBug September 11, 2023 23:42
@nh916
Copy link
Contributor Author

nh916 commented Sep 11, 2023

after this PR we'll need to make another merge from develop to main to deploy the SDK docs on gh-pages

@nh916
Copy link
Contributor Author

nh916 commented Sep 11, 2023
edited
Loading

trunk CI is giving

  ISSUES  

.github/workflows/build_and_deploy_docs.yaml:3:1
 3:1  high  Ensure top-level permissions are not set to write-all  checkov/CKV2_GHA_1

Checked 1 modified file
✖ 1 new issue
✖ Failed to post annotations to github: GitHub Error:403 Body:{"message":"Resource not accessible by integration","documentation_url":"https://docs.github.com/rest/checks/runs#create-a-check-run"}
Error: Process completed with exit code 1.

I think it is complaining that write-all is bad and the permissions should be much more granular. I agree with this and wanted to do the same thing, but I don't think there is a way in GitHub workflow files to specify read from main and write to gh-pages so I think it will have to remain as write-all

@InnocentBug if you have any better ideas feel free to let me know or push to the branch directly

@nh916 nh916 merged commit 6eae01c into develop Sep 12, 2023
13 checks passed
@nh916 nh916 deleted the fix-mkdocs-build-gh-action branch September 12, 2023 01:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@InnocentBug InnocentBug InnocentBug approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nh916 @InnocentBug