From 5f717eb5c1e0a3644308caeaad0226e9d075abe6 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 27 Feb 2023 12:12:53 -0800 Subject: [PATCH 1/8] Update update.yml --- .github/workflows/update.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index 5de410d27..dbf0442ef 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -27,6 +27,8 @@ jobs: name: Update Release Build Parameters timeout-minutes: 15 runs-on: ubuntu-20.04 + permissions: + pull-requests: write steps: - name: Checkout uses: actions/checkout@v2 @@ -54,6 +56,8 @@ jobs: name: Update Matrix Json timeout-minutes: 15 runs-on: ubuntu-20.04 + permissions: + pull-requests: write steps: - name: Checkout uses: actions/checkout@v2 From e08ecf14901ec2b08d8efb16060ddb6407f106c5 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 27 Feb 2023 12:37:31 -0800 Subject: [PATCH 2/8] Update update.yml --- .github/workflows/update.yml | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index dbf0442ef..c758e27be 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -39,19 +39,20 @@ jobs: - name: Create Pull Request if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' id: cpr - uses: peter-evans/create-pull-request@v3 + uses: peter-evans/create-pull-request@v4 env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + GITHUB_TOKEN: "${{ secrets.PR_PAT }}" with: commit-message: "Update the release build yaml with the latest versions" - committer: GitHub - author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com> + committer: PwshBot + author: PwshBot title: "Update the release build yaml with the latest versions" assignees: travisez13 reviewers: travisez13 base: master draft: false branch: update-release-build + push-to-fork: pwshBot/PowerShell-Docker update-matrix-json: name: Update Matrix Json timeout-minutes: 15 @@ -74,16 +75,17 @@ jobs: - name: Create Pull Request if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' id: cpr - uses: peter-evans/create-pull-request@v3 + uses: peter-evans/create-pull-request@v4 env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + GITHUB_TOKEN: "${{ secrets.PR_PAT }}" with: commit-message: "Update the matrix json" - committer: GitHub - author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com> + committer: PwshBot + author: PwshBot title: "Update the matrix json" assignees: travisez13 reviewers: travisez13 base: master draft: false branch: update-matrix-json + push-to-fork: pwshBot/PowerShell-Docker From 7a76ccc9f5de7225f96fe193d9b89858946f0554 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 27 Feb 2023 12:43:50 -0800 Subject: [PATCH 3/8] Update update.yml --- .github/workflows/update.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index c758e27be..b47e27fb5 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -1,7 +1,7 @@ # Copyright (c) Microsoft Corporation. # Licensed under the MIT license. -name: Update Release Build Parameters +name: Daily Updates on: workflow_dispatch: @@ -29,6 +29,7 @@ jobs: runs-on: ubuntu-20.04 permissions: pull-requests: write + contents: write # for peter-evans/create-pull-request to create branch steps: - name: Checkout uses: actions/checkout@v2 @@ -59,6 +60,7 @@ jobs: runs-on: ubuntu-20.04 permissions: pull-requests: write + contents: write # for peter-evans/create-pull-request to create branch steps: - name: Checkout uses: actions/checkout@v2 From bcbd11528eb4f0f858ecc1e0f67382ba6aba2871 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 27 Feb 2023 12:54:39 -0800 Subject: [PATCH 4/8] Update update.yml --- .github/workflows/update.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index b47e27fb5..c1dd0e356 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -41,9 +41,8 @@ jobs: if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' id: cpr uses: peter-evans/create-pull-request@v4 - env: - GITHUB_TOKEN: "${{ secrets.PR_PAT }}" with: + token: "${{ secrets.PR_PAT }}" commit-message: "Update the release build yaml with the latest versions" committer: PwshBot author: PwshBot @@ -78,9 +77,8 @@ jobs: if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' id: cpr uses: peter-evans/create-pull-request@v4 - env: - GITHUB_TOKEN: "${{ secrets.PR_PAT }}" with: + token: "${{ secrets.PR_PAT }}" commit-message: "Update the matrix json" committer: PwshBot author: PwshBot From 0db53b24d790c7c1e84840e4f10ac672b867ee6d Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 27 Feb 2023 14:10:03 -0800 Subject: [PATCH 5/8] Update update.yml --- .github/workflows/update.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index c1dd0e356..7c461062c 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -47,8 +47,6 @@ jobs: committer: PwshBot author: PwshBot title: "Update the release build yaml with the latest versions" - assignees: travisez13 - reviewers: travisez13 base: master draft: false branch: update-release-build @@ -83,8 +81,6 @@ jobs: committer: PwshBot author: PwshBot title: "Update the matrix json" - assignees: travisez13 - reviewers: travisez13 base: master draft: false branch: update-matrix-json From 67cafe00a4a7ee87923e36fb89d014680d4b934f Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 27 Feb 2023 14:32:18 -0800 Subject: [PATCH 6/8] Update update.yml --- .github/workflows/update.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index 7c461062c..4fae09edd 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -3,6 +3,9 @@ name: Daily Updates +permissions: + contents: read + on: workflow_dispatch: push: From 8110647aa992a6725153475542c6ceb876d0b538 Mon Sep 17 00:00:00 2001 From: travis plunk Date: Mon, 27 Feb 2023 14:50:46 -0800 Subject: [PATCH 7/8] Fix code scanning issues --- .github/workflows/createReminder.yml | 3 +++ .github/workflows/processReminders.yml | 3 +++ .github/workflows/rebase.yml | 4 ++++ 3 files changed, 10 insertions(+) diff --git a/.github/workflows/createReminder.yml b/.github/workflows/createReminder.yml index b779e19d5..79f8a30bb 100644 --- a/.github/workflows/createReminder.yml +++ b/.github/workflows/createReminder.yml @@ -1,5 +1,8 @@ name: 'Create reminder' +permissions: + contents: read + on: issue_comment: types: [created, edited] diff --git a/.github/workflows/processReminders.yml b/.github/workflows/processReminders.yml index 65322ebd7..9bf1a17a6 100644 --- a/.github/workflows/processReminders.yml +++ b/.github/workflows/processReminders.yml @@ -1,5 +1,8 @@ name: 'Process reminders' +permissions: + contents: read + on: schedule: - cron: '*/15 * * * *' diff --git a/.github/workflows/rebase.yml b/.github/workflows/rebase.yml index f610e1b53..2114de9b3 100644 --- a/.github/workflows/rebase.yml +++ b/.github/workflows/rebase.yml @@ -4,6 +4,10 @@ on: issue_comment: types: [created] + +permissions: + contents: read + name: Automatic Rebase jobs: rebase: From da3f34e4a35d6467bca661dfac82164bffdd8937 Mon Sep 17 00:00:00 2001 From: Travis Plunk Date: Mon, 27 Feb 2023 15:01:32 -0800 Subject: [PATCH 8/8] Update update.yml --- .github/workflows/update.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index 4fae09edd..df911b167 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -8,15 +8,6 @@ permissions: on: workflow_dispatch: - push: - paths: - - '.github/workflows/update.yml' - branches: - - master - - add-gh-action - pull_request: - paths: - - '.github/workflows/update.yml' schedule: # At 20:20 UTC on every day-of-week from Monday through Friday. - cron: '0 0/4 * * *'