Skip to content

security: remove workflow_dispatch from publish workflow (#3583) #168

security: remove workflow_dispatch from publish workflow (#3583)

security: remove workflow_dispatch from publish workflow (#3583) #168

Workflow file for this run

name: Release
on:
push:
tags:
- "v*.*.*"
permissions:
contents: write # Required to create GitHub releases
jobs:
build:
uses: ./.github/workflows/build.yaml
package:
needs:
- build
uses: ./.github/workflows/package.yaml
archive:
needs:
- build
uses: ./.github/workflows/archive.yaml
upload:

Check failure on line 19 in .github/workflows/release.yaml

View workflow run for this annotation

GitHub Actions / Release

Invalid workflow file

The workflow is not valid. .github/workflows/release.yaml (Line: 19, Col: 3): Error calling workflow 'posit-dev/publisher/.github/workflows/upload.yaml@d02d996f6a5341b48664f1ffc35565013f09dc5a'. The workflow is requesting 'id-token: write', but is only allowed 'id-token: none'.
needs:
- archive
- package
uses: ./.github/workflows/upload.yaml
secrets: inherit
release:
runs-on: ubuntu-latest
needs:
- archive
- package
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- uses: extractions/setup-just@v3
- uses: actions/download-artifact@v7
with:
name: archives
path: archives
- uses: actions/download-artifact@v7
with:
name: dist
path: dist
- id: get-prerelease
run: echo "prerelease=$(just pre-release)" >> "$GITHUB_OUTPUT"
- uses: softprops/action-gh-release@v2
with:
draft: false
prerelease: ${{ steps.get-prerelease.outputs.prerelease == 'true' }}
files: |
archives/**/*
dist/**/*