GitHub Action workflows breaks with the transition to a read-only GITHUB_TOKEN

Azure / CanadaPubSecALZ

This reference implementation is based on Cloud Adoption Framework for Azure and provides an opinionated implementation that enables ITSG-33 regulatory compliance by using NIST SP 800-53 Rev. 4 and Canada Federal PBMM Regulatory Compliance Policy Sets.

MIT License

121 stars 87 forks source link

GitHub Action workflows breaks with the transition to a read-only GITHUB_TOKEN #397

Closed aporodnov closed 2 months ago

aporodnov commented 5 months ago

Is your feature request related to a problem? Please describe. I can see this already impacting at least two workflows: Consistency Check and Pull Request Check.

Describe the solution you'd like Here is the article on how to mitigate the issue: https://docs.opensource.microsoft.com/github/apps/permission-changes/ Looks like we need to add permissions block to each actions with the least privileges assignments for the jobs to make it work.

github-actions[bot] commented 2 months ago

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 7 days.