Allow build-tags to run on forks

build-tags uses: PowerDNS/pdns/.github/workflows/build-packages.yml@master As of f107ec6, that workflow requires: permissions: actions: read # To read the workflow path. id-token: write # To sign the provenance. contents: write # To be able to upload assets as release artifacts Per https://docs.github.com/en/actions/using-workflows/reusing-workflows in order for this to work, the calling job (in build-tags) needs to have the maximum required permissions in order for the calling workflow to be run.
PowerDNS · Mar 22, 2024 · 8c4888c · 8c4888c
1 parent f107ec6
commit 8c4888c
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/.github/workflows/build-tags.yml b/.github/workflows/build-tags.yml
@@ -8,6 +8,11 @@ on:
     - 'dnsdist-*'
     - 'rec-*'
 
+permissions:
+  actions: read
+  id-token: write
+  contents: write
+
 jobs:
   call-build-packages-auth:
     uses: PowerDNS/pdns/.github/workflows/build-packages.yml@master