Skip to content

Commit a90a07b

Browse files
lacraig2lacraig2
committed
publish_docker: add permissions
1 parent afffe0b commit a90a07b

File tree

1 file changed

+9
-8
lines changed

1 file changed

+9
-8
lines changed

.github/workflows/publish_docker.yml

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ env:
1010
PANDA_CONTAINER_UBUNTU_VERSION: '20.04'
1111

1212
jobs:
13-
create_release:
13+
get_version:
1414
if: github.repository == 'panda-re/panda' && github.ref == 'refs/heads/dev'
1515
runs-on: panda-arc
1616
outputs:
@@ -26,7 +26,7 @@ jobs:
2626
use_api: true
2727

2828
build_docker:
29-
needs: create_release
29+
needs: get_version
3030
runs-on: panda-arc
3131
if: github.repository == 'panda-re/panda' && github.ref == 'refs/heads/dev'
3232
steps:
@@ -73,7 +73,7 @@ jobs:
7373
context: ${{ github.workspace }}
7474
tags: |
7575
pandare/panda:${{ github.sha }}
76-
pandare/panda:${{ needs.create_release.outputs.v-version }}
76+
pandare/panda:${{ needs.get_version.outputs.v-version }}
7777
pandare/panda:latest
7878
cache-from: |
7979
type=registry,ref=${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:cache,mode=max
@@ -90,7 +90,7 @@ jobs:
9090
context: ${{ github.workspace }}
9191
tags: |
9292
pandare/pandadev:${{ github.sha }}
93-
pandare/pandadev:${{ needs.create_release.outputs.v-version }}
93+
pandare/pandadev:${{ needs.get_version.outputs.v-version }}
9494
pandare/pandadev:latest
9595
cache-from: |
9696
type=registry,ref=${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:cache,mode=max
@@ -105,7 +105,7 @@ jobs:
105105
106106
build_release_assets:
107107
if: github.repository == 'panda-re/panda' && github.ref == 'refs/heads/dev'
108-
needs: create_release
108+
needs: get_version
109109
runs-on: panda-arc
110110
strategy:
111111
matrix:
@@ -189,14 +189,15 @@ jobs:
189189
name: Publish Python 🐍 distribution 📦 to PyPI and Make Release
190190
if: github.repository == 'panda-re/panda' && github.ref == 'refs/heads/dev'
191191
needs:
192-
- create_release
192+
- get_version
193193
- build_release_assets
194194
runs-on: ubuntu-latest
195195
environment:
196196
name: pypi
197197
url: https://pypi.org/p/pandare # Replace <package-name> with your PyPI project name
198198
permissions:
199199
id-token: write # IMPORTANT: mandatory for trusted publishing
200+
contents: write # IMPORTANT: mandatory for creating releases
200201

201202
steps:
202203
- name: Download all the artifacts
@@ -220,11 +221,11 @@ jobs:
220221
env:
221222
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
222223
with:
223-
tag_name: ${{ needs.create_release.outputs.v-version }}
224+
tag_name: ${{ needs.get_version.outputs.v-version }}
224225
draft: false
225226
generate_release_notes: true
226227
prerelease: false
227-
name: ${{ needs.create_release.outputs.v-version }} @ ${{ github.ref }}
228+
name: ${{ needs.get_version.outputs.v-version }} @ ${{ github.ref }}
228229
files: |
229230
dist/*
230231
debs/*

0 commit comments

Comments
 (0)