diff --git a/.github/workflows/license.yml b/.github/workflows/license.yml index 656e997a..91e45b1c 100644 --- a/.github/workflows/license.yml +++ b/.github/workflows/license.yml @@ -54,7 +54,8 @@ jobs: with: tools: go cache-go: false - - run: make upstream + - run: make prepare_local_workspace + continue-on-error: true - uses: pulumi/license-check-action@main with: module-path: provider diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index dadb1b88..d3bf5f83 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -60,9 +60,9 @@ jobs: continue-on-error: true # this fails if there are no go:embed directives run: | git grep -l 'go:embed' -- provider | xargs sed -i 's/go:embed/ goembed/g' - - name: prepare upstream + - name: prepare workspace continue-on-error: true - run: make upstream + run: make prepare_local_workspace - name: golangci-lint uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6 with: diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index 7c431529..a37fe70f 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -147,6 +147,9 @@ jobs: - prerequisites - build_provider - build_sdk + permissions: + contents: read + id-token: write secrets: inherit with: version: ${{ needs.prerequisites.outputs.version }} diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index c1b8c6ee..685d6b72 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -88,6 +88,9 @@ jobs: - prerequisites - build_provider - build_sdk + permissions: + contents: read + id-token: write secrets: inherit with: version: ${{ needs.prerequisites.outputs.version }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0b68054c..605abb64 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -94,6 +94,9 @@ jobs: - prerequisites - build_provider - build_sdk + permissions: + contents: read + id-token: write secrets: inherit with: version: ${{ needs.prerequisites.outputs.version }} diff --git a/.github/workflows/run-acceptance-tests.yml b/.github/workflows/run-acceptance-tests.yml index 7ff05555..9c3ee5ec 100644 --- a/.github/workflows/run-acceptance-tests.yml +++ b/.github/workflows/run-acceptance-tests.yml @@ -137,6 +137,9 @@ jobs: - prerequisites - build_provider - build_sdk + permissions: + contents: read + id-token: write secrets: inherit with: version: ${{ needs.prerequisites.outputs.version }}