Closed eroullit closed 1 year ago
the Workflow Permissions must be set to Read and write permissions either in this repository
It was. However, the package repo (organization-wide) did not allow the source repository to upload docker images. I had to fix it in the package repo settings:
After it was done, the workflow succeeded: https://github.com/psalm/psalm-github-security-scan/actions/runs/4260734607
Great news ! 🙌
The docker image publication workflow watch.yml now uses
GITHUB_TOKEN
to push updated images to Psalm's GitHub Container Registry.Though the permissions are explicitly defined in workflow file, the Workflow Permissions must be set to
Read and write permissions
either in this repository or in the Psalm's organisation settings to grantpackages: write
access to theGITHUB_TOKEN
.Once done, the next workflow trigger should successfully push the image on the container registry thus finalising the work started in #8.