From 40afc97edb4f7aa666818d6f8922823f5da5080d Mon Sep 17 00:00:00 2001 From: Loic Nageleisen Date: Tue, 26 Nov 2024 10:01:45 +0100 Subject: [PATCH 1/2] Declare workflow permissions --- .github/workflows/build-ruby.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build-ruby.yml b/.github/workflows/build-ruby.yml index 520efe3..ca85f52 100644 --- a/.github/workflows/build-ruby.yml +++ b/.github/workflows/build-ruby.yml @@ -206,6 +206,8 @@ jobs: libc: centos arch: ["x86_64", "aarch64"] runs-on: ubuntu-latest + permissions: + packages: write name: Build (${{ matrix.engine }} ${{ matrix.version }} ${{ matrix.libc }}) steps: - name: Set up Docker From 36d49922c954da6d38183dc72db0bc2231514b7f Mon Sep 17 00:00:00 2001 From: Loic Nageleisen Date: Tue, 26 Nov 2024 10:03:57 +0100 Subject: [PATCH 2/2] Eschew creating git credentials on filesystem --- .github/workflows/build-ruby.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build-ruby.yml b/.github/workflows/build-ruby.yml index ca85f52..c4aae95 100644 --- a/.github/workflows/build-ruby.yml +++ b/.github/workflows/build-ruby.yml @@ -230,6 +230,8 @@ jobs: echo "DOCKER_PLATFORMS=$(echo ${{ join(matrix.arch) }} | tr ',' '\n' | sed 's/^/linux\//' | paste -s -d, -)" >> $GITHUB_OUTPUT - name: Checkout uses: actions/checkout@v4 + with: + persist-credentials: false # First, build image for x86_64 as it will fail fast #