From 6284a122dbe567f0d5b1a611d1d6a94779e1facd Mon Sep 17 00:00:00 2001 From: Sukesh Date: Wed, 8 Jan 2025 14:56:49 +0000 Subject: [PATCH 1/4] Fix missing GITHUB_TOKEN environment variable in workflow --- .github/workflows/generate-dependabot-file.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/generate-dependabot-file.yml b/.github/workflows/generate-dependabot-file.yml index 24bc2998bfc..5d9ee33a7ff 100644 --- a/.github/workflows/generate-dependabot-file.yml +++ b/.github/workflows/generate-dependabot-file.yml @@ -30,6 +30,8 @@ jobs: - name: Commit changes to GitHub run: bash ./scripts/git-setup.sh - run: bash ./scripts/git-commit.sh .github + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: bash ./scripts/git-pull-request.sh dependabot env: SECRET: ${{ secrets.GITHUB_TOKEN }} From d6c7a85b8980b350126696bf73c918227defdf63 Mon Sep 17 00:00:00 2001 From: Sukesh Date: Wed, 8 Jan 2025 15:09:27 +0000 Subject: [PATCH 2/4] Upate workflow permissions --- .github/workflows/generate-dependabot-file.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/generate-dependabot-file.yml b/.github/workflows/generate-dependabot-file.yml index 5d9ee33a7ff..004f4d0a987 100644 --- a/.github/workflows/generate-dependabot-file.yml +++ b/.github/workflows/generate-dependabot-file.yml @@ -16,7 +16,7 @@ defaults: shell: bash permissions: - contents: read + contents: write jobs: create-and-commit-dependabot-file: From 7d3b1a9acc8319c4617fd6f845e05a239ced05c5 Mon Sep 17 00:00:00 2001 From: Sukesh Date: Wed, 8 Jan 2025 15:42:54 +0000 Subject: [PATCH 3/4] removed the job-level permissions and added them globally --- .github/workflows/generate-dependabot-file.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/generate-dependabot-file.yml b/.github/workflows/generate-dependabot-file.yml index 004f4d0a987..2f82299784b 100644 --- a/.github/workflows/generate-dependabot-file.yml +++ b/.github/workflows/generate-dependabot-file.yml @@ -17,11 +17,10 @@ defaults: permissions: contents: write + pull-requests: write jobs: - create-and-commit-dependabot-file: - permissions: - pull-requests: write + create-and-commit-dependabot-file: runs-on: ubuntu-latest steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 From d8a3fc291994710fb45dc26bc8a8bb2eab0235c3 Mon Sep 17 00:00:00 2001 From: Sukesh Date: Wed, 8 Jan 2025 15:47:49 +0000 Subject: [PATCH 4/4] Removed GITHUB_TOKEN env variable --- .github/workflows/generate-dependabot-file.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/generate-dependabot-file.yml b/.github/workflows/generate-dependabot-file.yml index 2f82299784b..473b3053bf3 100644 --- a/.github/workflows/generate-dependabot-file.yml +++ b/.github/workflows/generate-dependabot-file.yml @@ -29,8 +29,6 @@ jobs: - name: Commit changes to GitHub run: bash ./scripts/git-setup.sh - run: bash ./scripts/git-commit.sh .github - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: bash ./scripts/git-pull-request.sh dependabot env: SECRET: ${{ secrets.GITHUB_TOKEN }}