weirdan
commented
1 year ago the Workflow Permissions must be set to Read and write permissions either in this repository
It was. However, the package repo (organization-wide) did not allow the source repository to upload docker images. I had to fix it in the package repo settings:
After it was done, the workflow succeeded: https://github.com/psalm/psalm-github-security-scan/actions/runs/4260734607
eroullit
The docker image publication workflow watch.yml now uses
GITHUB_TOKENto push updated images to Psalm's GitHub Container Registry.Though the permissions are explicitly defined in workflow file, the Workflow Permissions must be set to
Read and write permissionseither in this repository or in the Psalm's organisation settings to grantpackages: writeaccess to theGITHUB_TOKEN.Once done, the next workflow trigger should successfully push the image on the container registry thus finalising the work started in #8.