Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include minimum permission needs in README.md #72

Open
Bekreth opened this issue May 8, 2021 · 1 comment
Open

Include minimum permission needs in README.md #72

Bekreth opened this issue May 8, 2021 · 1 comment

Comments

@Bekreth
Copy link

Bekreth commented May 8, 2021

Given that this project can use the GITHUB_TOKEN, I think the README should include the minimum necessary permissions for the actions to run successfully. Something like this

permissions:
  actions: none
  checks: none
  contents: none
  deployments: none
  issues: write
  packages: none
  pull-requests: write
  repository-projects: write
  security-events: none
  statuses: none

(assuming this is the correct minimum permissions filter for the operation of the action)
@chadfawcett
Copy link

Thought I'd chime in here. I was able to get away with an even more minimal permission. I'm adding PRs to a repo project board. Since the action uses the event data to know which PR it is, it doesn't need to make any requests for it (ie pull-requests: none). I assume this would be similar for issues.

My permissions were as follows (Omitting permissions will default most of them to none):

permissions:
  repository-projects: write

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chadfawcett @Bekreth