Skip to content

ci(npm-publish): add id-token write access#1571

Merged
vtsvetkov-splunk merged 2 commits intodevelopfrom
feature/npm-provenance-permissions
Feb 6, 2025
Merged

ci(npm-publish): add id-token write access#1571
vtsvetkov-splunk merged 2 commits intodevelopfrom
feature/npm-provenance-permissions

Conversation

@vtsvetkov-splunk
Copy link
Contributor

@vtsvetkov-splunk vtsvetkov-splunk commented Feb 5, 2025
edited
Loading

Issue number: ADDON-76810

PR Type

What kind of change does this PR introduce?

  • Feature
  • Bug Fix
  • Refactoring (no functional or API changes)
  • Documentation Update
  • Maintenance (dependency updates, CI, etc.)

Summary

npm notice Publishing to https://registry.npmjs.org/ with tag latest and public access
npm error code EUSAGE
npm error Provenance generation in GitHub Actions requires "write" access to the "id-token" permission

Changes

Added required permissions

User experience

No changes

Checklist

If an item doesn't apply to your changes, leave it unchecked.

@vtsvetkov-splunk
ci(npm-publish): add id-token write access
a11b35f 
Signed-off-by: Viktor Tsvetkov <142901247+vtsvetkov-splunk@users.noreply.github.com>
@vtsvetkov-splunk vtsvetkov-splunk requested a review from a team as a code owner February 5, 2025 13:46
@vtsvetkov-splunk vtsvetkov-splunk enabled auto-merge (squash) February 5, 2025 13:57
soleksy-splunk
soleksy-splunk approved these changes Feb 5, 2025
View reviewed changes
Copy link
Contributor

@soleksy-splunk soleksy-splunk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm,
For anyone else more info about this permissions
https://docs.github.com/en/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect#adding-permissions-settings

@vtsvetkov-splunk vtsvetkov-splunk requested a review from a team February 6, 2025 10:20
@vtsvetkov-splunk vtsvetkov-splunk merged commit 0748f36 into develop Feb 6, 2025
124 checks passed
@vtsvetkov-splunk vtsvetkov-splunk deleted the feature/npm-provenance-permissions branch February 6, 2025 13:04
@github-actions github-actions bot locked and limited conversation to collaborators Feb 6, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@soleksy-splunk soleksy-splunk soleksy-splunk approved these changes

+1 more reviewer

@rohanm-crest rohanm-crest rohanm-crest approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

size/XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@vtsvetkov-splunk @soleksy-splunk @rohanm-crest