It turns out that, regardless of the repository's default settings for workflow permissions, any workflows triggered by dependabot are limited to read-only.
packages: read to access the docker image (we should just make that public)
This PR also completes the integration from https://github.com/uclahs-cds/tool-Nextflow-action/pull/29 by including another workflow that responds to "/fix-tests" comments and automatically fixes any testing problems. This workflow has the exact same permissions as the original.
[x] The name of the branch is meaningful and well formatted following the standards, using [AD_username (or 5 letters of AD if AD is too long)]-[brief_description_of_branch].
[x] I have set up or verified the branch protection rule following the github standards before opening this pull request.
[x] I have added my name to the contributors listings in the manifest block in the nextflow.config as part of this pull request; I am listed already, or do not wish to be listed. (This acknowledgement is optional.)
[x] I have added the changes included in this pull request to the CHANGELOG.md under the next release version or unreleased, and updated the date.
[ ] I have updated the version number in the metadata.yaml and manifest block of the nextflow.config file following semver, or the version number has already been updated. (Leave it unchecked if you are unsure about new version number and discuss it with the infrastructure team in this PR.)
[ ] I have tested the pipeline on at least one A-mini sample.
It turns out that, regardless of the repository's default settings for workflow permissions, any workflows triggered by dependabot are limited to read-only.
That means that, by default, dependabot PRs like #279 cannot use the fancy new
/fix-testscomment from https://github.com/uclahs-cds/tool-Nextflow-action/pull/29.This change explicitly adds in the required permissions for that workflow:
content: writefor pushing new commitspull-requests: writefor creating reviewspackages: readto access the docker image (we should just make that public)This PR also completes the integration from https://github.com/uclahs-cds/tool-Nextflow-action/pull/29 by including another workflow that responds to "/fix-tests" comments and automatically fixes any testing problems. This workflow has the exact same permissions as the original.
[x] I have read the code review guidelines and the code review best practice on GitHub check-list.
[x] I have reviewed the Nextflow pipeline standards.
[x] The name of the branch is meaningful and well formatted following the standards, using [AD_username (or 5 letters of AD if AD is too long)]-[brief_description_of_branch].
[x] I have set up or verified the branch protection rule following the github standards before opening this pull request.
[x] I have added my name to the contributors listings in the
manifestblock in thenextflow.configas part of this pull request; I am listed already, or do not wish to be listed. (This acknowledgement is optional.)[x] I have added the changes included in this pull request to the
CHANGELOG.mdunder the next release version or unreleased, and updated the date.[ ] I have updated the version number in the
metadata.yamlandmanifestblock of thenextflow.configfile following semver, or the version number has already been updated. (Leave it unchecked if you are unsure about new version number and discuss it with the infrastructure team in this PR.)[ ] I have tested the pipeline on at least one A-mini sample.