You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hey all. In our organization we make a fairly extensive use of Github Actions for our CI/CD flows, and we set our workflow permissions through the org / repo settings. However, we also use dependabot which automatically opens PRs which go through our CI. These CI workflows may fail because by default the dependabot permissions are read-only and some actions may need write permissions. There are at least a couple of ways to circumvent this, such as adding permissions explicitly to the workflow or setting the token of the action explicitly, but we were wondering if it's not worth it to be able to set dependabot's default workflow permissions through the org / repo settings just the way you set them in the regular default workflow permissions section under Actions settings.
ActionsBuild, test, and automate your deployment pipeline with world-class CI/CDProduct Feedback
2 participants
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Menu
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Select Topic Area
Product Feedback
Body
Hey all. In our organization we make a fairly extensive use of Github Actions for our CI/CD flows, and we set our workflow permissions through the org / repo settings. However, we also use dependabot which automatically opens PRs which go through our CI. These CI workflows may fail because by default the dependabot permissions are read-only and some actions may need write permissions. There are at least a couple of ways to circumvent this, such as adding permissions explicitly to the workflow or setting the token of the action explicitly, but we were wondering if it's not worth it to be able to set dependabot's default workflow permissions through the org / repo settings just the way you set them in the regular default workflow permissions section under Actions settings.
Beta Was this translation helpful? Give feedback.
All reactions