commit b55e65980ab44c7e0e0999b79bec8c06240489d2
parent 0c02e8a62b1570be15db01d45969d2759a7f37bf
Author: Javier López <graulopezjavier@gmail.com>
Date: Mon, 21 Mar 2022 22:40:24 -0500
fix(ci): provide necessary permissions for calling workflow
Also error on the side of security adding an extra check on the
automatic PR step.
Diffstat:
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/api-docs-check.yml b/.github/workflows/api-docs-check.yml
@@ -12,6 +12,9 @@ on:
jobs:
call-regen-api-docs:
if: github.event.pull_request.draft == false
+ permissions:
+ contents: write
+ pull-requests: write
uses: ./.github/workflows/api-docs.yml
with:
check_only: true
diff --git a/.github/workflows/api-docs.yml b/.github/workflows/api-docs.yml
@@ -60,7 +60,7 @@ jobs:
exit 1
- name: Automatic PR
- if: ${{ steps.docs.outputs.UPDATED_DOCS != 0 }}
+ if: ${{ steps.docs.outputs.UPDATED_DOCS != 0 && !inputs.check_only }}
run: |
git add -u
git commit -m 'docs: regenerate [skip ci]'
