valknar/pastel-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: add required permissions for GitHub Actions attestations

Browse Source 
Add id-token and attestations permissions to Docker workflow:
- id-token: write - Required for OIDC token generation
- attestations: write - Required for artifact attestations

Also add missing step ID to build-and-push step so attestation
step can reference the digest output.

Fixes: Error: Failed to get ID token: Unable to get
ACTIONS_ID_TOKEN_REQUEST_URL env variable

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
valknarness
2025-11-07 15:04:39 +01:00
parent 20ba0f94e6
commit 0c8f3e0d0f
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/docker.yml vendored
View File

@@ -20,6 +20,8 @@ jobs:
permissions: permissions:
contents: read contents: read
packages: write packages: write
id-token: write
attestations: write
steps: steps:
- name: Checkout repository - name: Checkout repository
@@ -51,6 +53,7 @@ jobs:
type=raw,value=latest,enable={{is_default_branch}} type=raw,value=latest,enable={{is_default_branch}}
- name: Build and push Docker image - name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@v5 uses: docker/build-push-action@v5
with: with:
context: . context: .