From 2f799dc425ad0eaf9e5a32259b7f342443bd9174 Mon Sep 17 00:00:00 2001 From: Javier Cortejoso Date: Tue, 16 Jan 2024 18:02:36 +0100 Subject: [PATCH] Workflow permission updated --- .github/workflows/cron.yml | 13 +++++++++++++ .github/workflows/publish.yml | 13 +------------ 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/.github/workflows/cron.yml b/.github/workflows/cron.yml index a7dd7b8..65ab1b3 100644 --- a/.github/workflows/cron.yml +++ b/.github/workflows/cron.yml @@ -5,6 +5,7 @@ on: schedule: # Daily at 9AM - cron: "0 9 * * *" + jobs: update_ofac_list: @@ -15,7 +16,19 @@ jobs: contents: write steps: + - name: Get GitHub Token from Akeyless + id: get_github_token + uses: + docker://us-west1-docker.pkg.dev/devopsre/akeyless-public/akeyless-action:latest + with: + api-url: https://api.gateway.akeyless.celo-networks-dev.org + access-id: p-kf9vjzruht6l + dynamic-secrets: '{"/dynamic-secrets/keys/github/compliance/contents=write,pull_requests=write":"PAT"}' + - uses: actions/checkout@v4 + with: + token: ${{ env.PAT }} + - uses: actions/setup-node@v3 with: node-version: "18.x" diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 0e8f022..ac4f4c5 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -14,14 +14,7 @@ jobs: repository-projects: write steps: - - name: Get GitHub Token from Akeyless - id: get_github_token - uses: - docker://us-west1-docker.pkg.dev/devopsre/akeyless-public/akeyless-action:latest - with: - api-url: https://api.gateway.akeyless.celo-networks-dev.org - access-id: p-kf9vjzruht6l - dynamic-secrets: '{"/dynamic-secrets/keys/github/compliance/contents=write,pull_requests=write":"PAT"}' + - uses: actions/checkout@v4 - name: Get NPM Token from Akeyless id: get_npmjs_token @@ -31,10 +24,6 @@ jobs: access-id: p-kf9vjzruht6l static-secrets: '{"/static-secrets/NPM/npm-publish-token":"NPM_TOKEN"}' - - uses: actions/checkout@v4 - with: - token: ${{ env.PAT }} - - uses: actions/setup-node@v3 with: node-version: "18.x"