diff --git a/.github/workflows/generate-code-coverage.yaml b/.github/workflows/generate-code-coverage.yaml index 9ac03b674b..89725c6084 100644 --- a/.github/workflows/generate-code-coverage.yaml +++ b/.github/workflows/generate-code-coverage.yaml @@ -19,6 +19,7 @@ jobs: cover-base: name: Generate Base Coverage runs-on: ubuntu-latest + permissions: write-all steps: - name: Checkout base uses: actions/checkout@v4 @@ -44,6 +45,7 @@ jobs: cover-pr: name: Generate PR Coverage runs-on: ubuntu-latest + permissions: write-all steps: - name: Checkout PR uses: actions/checkout@v4 diff --git a/.github/workflows/helm-chart-release.yaml b/.github/workflows/helm-chart-release.yaml index 8b27262c54..78e6ab96ec 100644 --- a/.github/workflows/helm-chart-release.yaml +++ b/.github/workflows/helm-chart-release.yaml @@ -24,6 +24,7 @@ on: jobs: release: runs-on: ubuntu-latest + permissions: write-all steps: - name: Checkout uses: actions/checkout@v4 diff --git a/.github/workflows/output-code-coverage.yaml b/.github/workflows/output-code-coverage.yaml index 7411d0fd89..fe073ddad0 100644 --- a/.github/workflows/output-code-coverage.yaml +++ b/.github/workflows/output-code-coverage.yaml @@ -22,6 +22,7 @@ jobs: output-code-coverage: name: Output Code Coverage runs-on: ubuntu-latest + permissions: write-all if: ${{ github.event.workflow_run.conclusion == 'success' }} steps: # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#using-data-from-the-triggering-workflow diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 7ef6bbbd18..49fa877860 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -22,6 +22,7 @@ jobs: build: name: Release runs-on: ubuntu-latest + permissions: write-all steps: - name: Create Release id: create-release