Skip to content

fix: add missing permissions to ci job in main-ci.yml#10

Merged
neilime merged 2 commits intomainfrom
copilot/fix-f86f565a-9bc4-4037-a91c-f2a2413b8ae8
Sep 27, 2025
Merged

fix: add missing permissions to ci job in main-ci.yml#10
neilime merged 2 commits intomainfrom
copilot/fix-f86f565a-9bc4-4037-a91c-f2a2413b8ae8

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Sep 27, 2025
edited
Loading

Problem

The main-ci.yml workflow was failing with the error:

The workflow is requesting 'actions: read, statuses: write', but is only allowed 'actions: none, statuses: none'

This occurred because the workflow calls the shared __shared-ci.yml workflow, but wasn't passing the required permissions that the shared workflow needs to execute properly.

Root Cause

The __shared-ci.yml workflow declares these required permissions:

permissions:
  actions: read
  contents: read
  security-events: write
  statuses: write
  id-token: write

However, the ci job in main-ci.yml was only passing a subset of these permissions:

permissions:
  contents: read
  security-events: write
  id-token: write

This left the shared workflow without the actions: read and statuses: write permissions it needs to function.

Solution

Added the missing actions: read and statuses: write permissions to the ci job in main-ci.yml so that the job-level permissions now match exactly what the shared workflow requires.

This approach is consistent with the existing security model and follows the same pattern used by other workflows in the repository that call shared workflows.

Validation

  • ✅ All workflow YAML files pass syntax validation
  • ✅ Project builds and lints successfully
  • ✅ Permissions now align between caller and shared workflow

Fixes the GitHub Actions workflow validation error while maintaining minimal changes and existing functionality.

Original prompt

This section details on the original issue you should resolve

<issue_title>fix: ci issue</issue_title>
<issue_description>Invalid workflow file: .github/workflows/main-ci.yml#L21
The workflow is not valid. .github/workflows/main-ci.yml (Line: 21, Col: 3): Error calling workflow 'hoverkraft-tech/docusaurus-theme/.github/workflows/__shared-ci.yml@6bf5d55'. The workflow is requesting 'actions: read, statuses: write', but is only allowed 'actions: none, statuses: none'.</issue_description>

Comments on the Issue (you are @copilot in this section)

Fixes #9

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

@neilime
fix: add missing permissions to ci job in main-ci.yml
7901435 
Co-authored-by: neilime <314088+neilime@users.noreply.github.com>
Copilot AI changed the title [WIP] fix: ci issue fix: add missing permissions to ci job in main-ci.yml Sep 27, 2025
Copilot AI requested a review from neilime September 27, 2025 18:30
@neilime neilime marked this pull request as ready for review September 27, 2025 22:21
@neilime neilime merged commit 653659b into main Sep 27, 2025
19 of 21 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@neilime neilime Awaiting requested review from neilime

Assignees

@neilime neilime

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

fix: ci issue

2 participants

@neilime