From aa8390da49664890820df757c6ad23f3a4feb99e Mon Sep 17 00:00:00 2001
From: TeamSPoon <logicmoo@gmail.com>
Date: Wed, 14 Aug 2024 17:24:48 -0700
Subject: [PATCH 1/2] Enhance CI workflow to handle permissions for pull
 requests effectively

---
 .github/workflows/ci.yml | 35 ++++++++++++++++-------------------
 1 file changed, 16 insertions(+), 19 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index fc176d6345f..9064c74a298 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -9,8 +9,8 @@ on:
       - main
 
 permissions:
-  contents: write
-  checks: write
+  contents: read  # Read contents is usually sufficient for most operations
+  pull-requests: write  # Explicitly grant write permissions for pull requests
 
 jobs:
   generate-reports:
@@ -33,41 +33,41 @@ jobs:
       run: chmod +x scripts/run_commit_tests.sh
 
     - name: Run Shell Script to Generate Input File
-      continue-on-error: true  # extra: Continue even if this step fails
+      continue-on-error: true
       run: |
         ./scripts/run_commit_tests.sh
 
     - name: Run JUnit Report Generation Script
-      continue-on-error: true  # extra: Continue even if this step fails
+      continue-on-error: true
       run: |
         python scripts/into_junit.py /tmp/SHARED.UNITS > junit.xml
 
     - name: Convert JUnit XML to Standard HTML Report
-      continue-on-error: true  # extra: Continue even if this step fails
+      continue-on-error: true
       run: |
         junit2html junit.xml junit-standard-report.html
 
     - name: Convert JUnit XML to Matrix HTML Report
-      continue-on-error: true  # extra: Continue even if this step fails
+      continue-on-error: true
       run: |
-        junit2html --report-matrix junit-matrix-report.html junit.xml
+        junit2html --report-matrix junit.xml junit-matrix-report.html
 
     - name: Upload JUnit XML Report
-      continue-on-error: true  # extra: Continue even if this step fails
+      continue-on-error: true
       uses: actions/upload-artifact@v3
       with:
         name: junit-report
         path: junit.xml
 
     - name: Upload Standard HTML Report
-      continue-on-error: true  # extra: Continue even if this step fails
+      continue-on-error: true
       uses: actions/upload-artifact@v3
       with:
         name: junit-standard-html-report
         path: junit-standard-report.html
 
     - name: Upload Matrix HTML Report
-      continue-on-error: true  # extra: Continue even if this step fails
+      continue-on-error: true
       uses: actions/upload-artifact@v3
       with:
         name: junit-matrix-html-report
@@ -78,11 +78,11 @@ jobs:
       with:
         name: 'JUnit Results'
         path: 'junit.xml'
-        reporter: 'java-junit'  # Correct reporter type for JUnit XML
-        fail-on-error: false  # Do not fail the job if tests fail
+        reporter: 'java-junit'
+        fail-on-error: false
 
     - name: Download Previous JUnit Results
-      continue-on-error: true  # extra: Continue even if this step fails
+      continue-on-error: true
       uses: actions/download-artifact@v3
       with:
         name: junit-report
@@ -94,13 +94,10 @@ jobs:
 
     - name: Compare JUnit Test Results with ReportGenerator
       run: |
-        reportgenerator \
-          -reports:"previous-junit.xml;junit.xml" \
-          -targetdir:"./comparison-report" \
-          -reporttypes:"HtmlSummary;HtmlChart"
+        reportgenerator           -reports:"previous-junit.xml;junit.xml"           -targetdir:"./comparison-report"           -reporttypes:"HtmlSummary;HtmlChart"
 
     - name: Upload JUnit Comparison Report
-      continue-on-error: true  # extra: Continue even if this step fails
+      continue-on-error: true
       uses: actions/upload-artifact@v3
       with:
         name: junit-comparison-html-report
@@ -126,7 +123,7 @@ jobs:
         allure generate --clean --output ./allure-report ./allure-results
 
     - name: Upload Allure Report as Artifact
-      continue-on-error: true  # extra: Continue even if this step fails
+      continue-on-error: true
       uses: actions/upload-artifact@v3
       with:
         name: allure-html-report

From 1f9fd487b396af78addf702014ec468e160363e9 Mon Sep 17 00:00:00 2001
From: TeamSPoon <logicmoo@gmail.com>
Date: Wed, 14 Aug 2024 17:28:29 -0700
Subject: [PATCH 2/2] Updated CI workflow to handle permissions for PRs with
 full write access

---
 .github/workflows/ci.yml | 25 +++++++++++++------------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9064c74a298..67da52f8524 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -9,7 +9,8 @@ on:
       - main
 
 permissions:
-  contents: read  # Read contents is usually sufficient for most operations
+  contents: write  # Grant write permissions for contents
+  checks: write    # Grant write permissions for checks
   pull-requests: write  # Explicitly grant write permissions for pull requests
 
 jobs:
@@ -33,41 +34,41 @@ jobs:
       run: chmod +x scripts/run_commit_tests.sh
 
     - name: Run Shell Script to Generate Input File
-      continue-on-error: true
+      continue-on-error: true  # extra: Continue even if this step fails
       run: |
         ./scripts/run_commit_tests.sh
 
     - name: Run JUnit Report Generation Script
-      continue-on-error: true
+      continue-on-error: true  # extra: Continue even if this step fails
       run: |
         python scripts/into_junit.py /tmp/SHARED.UNITS > junit.xml
 
     - name: Convert JUnit XML to Standard HTML Report
-      continue-on-error: true
+      continue-on-error: true  # extra: Continue even if this step fails
       run: |
         junit2html junit.xml junit-standard-report.html
 
     - name: Convert JUnit XML to Matrix HTML Report
-      continue-on-error: true
+      continue-on-error: true  # extra: Continue even if this step fails
       run: |
         junit2html --report-matrix junit.xml junit-matrix-report.html
 
     - name: Upload JUnit XML Report
-      continue-on-error: true
+      continue-on-error: true  # extra: Continue even if this step fails
       uses: actions/upload-artifact@v3
       with:
         name: junit-report
         path: junit.xml
 
     - name: Upload Standard HTML Report
-      continue-on-error: true
+      continue-on-error: true  # extra: Continue even if this step fails
       uses: actions/upload-artifact@v3
       with:
         name: junit-standard-html-report
         path: junit-standard-report.html
 
     - name: Upload Matrix HTML Report
-      continue-on-error: true
+      continue-on-error: true  # extra: Continue even if this step fails
       uses: actions/upload-artifact@v3
       with:
         name: junit-matrix-html-report
@@ -79,10 +80,10 @@ jobs:
         name: 'JUnit Results'
         path: 'junit.xml'
         reporter: 'java-junit'
-        fail-on-error: false
+        fail-on-error: false  # Do not fail the job if tests fail
 
     - name: Download Previous JUnit Results
-      continue-on-error: true
+      continue-on-error: true  # extra: Continue even if this step fails
       uses: actions/download-artifact@v3
       with:
         name: junit-report
@@ -97,7 +98,7 @@ jobs:
         reportgenerator           -reports:"previous-junit.xml;junit.xml"           -targetdir:"./comparison-report"           -reporttypes:"HtmlSummary;HtmlChart"
 
     - name: Upload JUnit Comparison Report
-      continue-on-error: true
+      continue-on-error: true  # extra: Continue even if this step fails
       uses: actions/upload-artifact@v3
       with:
         name: junit-comparison-html-report
@@ -123,7 +124,7 @@ jobs:
         allure generate --clean --output ./allure-report ./allure-results
 
     - name: Upload Allure Report as Artifact
-      continue-on-error: true
+      continue-on-error: true  # extra: Continue even if this step fails
       uses: actions/upload-artifact@v3
       with:
         name: allure-html-report