Skip to content

fix: add actions:read permission for reusable workflow#5

Merged
Arthurvdv merged 1 commit into
mainfrom
fix/workflow-actions-permission
Apr 24, 2026
Merged

fix: add actions:read permission for reusable workflow#5
Arthurvdv merged 1 commit into
mainfrom
fix/workflow-actions-permission

Conversation

@Arthurvdv

@Arthurvdv Arthurvdv commented Apr 24, 2026

Copy link
Copy Markdown
Member

Problem

The CI/CD workflow fails with:

The nested job 'report' is requesting 'actions: read', but is only allowed 'actions: none'.

Root Cause

build-and-release.yml sets explicit top-level permissions (contents: write, packages: write, checks: write) but omits actions. With explicit permissions, any unlisted permission defaults to none. The reusable build-test.yml workflow's report job declares actions: read at the job level, but the caller caps it at none, causing the validation error.

Fix

Add actions: read to the caller's permissions block in build-and-release.yml.

@Arthurvdv
fix: add actions:read permission for reusable workflow
d1c7793 
The build-test.yml reusable workflow's 'report' job requires
'actions: read' to download artifacts via dorny/test-reporter.
When the caller (build-and-release.yml) sets explicit permissions
without 'actions', it defaults to 'none', blocking the nested job.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@Arthurvdv Arthurvdv merged commit 24249ed into main Apr 24, 2026
9 checks passed
@Arthurvdv Arthurvdv deleted the fix/workflow-actions-permission branch April 24, 2026 16:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Arthurvdv