Skip to content

Commit

Permalink
Fix workflow permissions for publishing security assets to releases
Browse files Browse the repository at this point in the history
  • Loading branch information
saisatishkarra committed Apr 26, 2024
1 parent 05dc4d0 commit 1e4232e
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@ jobs:
check:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
contents: write # publish sbom to GH releases/tag assets
steps:
- name: Checkout repository
uses: actions/checkout@v3
Expand All @@ -46,6 +46,7 @@ jobs:
dir: .
upload-sbom-release-assets: true


# Build docker images
build-images:
runs-on: ubuntu-latest
Expand Down Expand Up @@ -108,7 +109,7 @@ jobs:
scan-images:
runs-on: ubuntu-latest
permissions:
contents: read
contents: write # For publishing assets to releases
packages: write
needs: [check, build-images]
if: >
Expand Down

0 comments on commit 1e4232e

Please sign in to comment.