From e5ccf9ccbb6093543f86aa11e1c36718f8072d00 Mon Sep 17 00:00:00 2001
From: Aditi Juneja <1509aditi@gmail.com>
Date: Sat, 5 Jul 2025 02:33:04 +0530
Subject: [PATCH] adding permissions in ci.yml

---
 .github/workflows/build-docs.yml | 35 ++++++++++++++++----------------
 .github/workflows/ci.yml         |  5 +++++
 2 files changed, 22 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/build-docs.yml b/.github/workflows/build-docs.yml
index c056d61..70bc210 100644
--- a/.github/workflows/build-docs.yml
+++ b/.github/workflows/build-docs.yml
@@ -52,21 +52,20 @@ jobs:
         with:
           path: docs/build/html
 
-  # Comment out deploy job for now due to missing permissions.
-  # deploy:
-  #   needs: build
-  #   runs-on: ubuntu-latest
-  #   if: inputs.deploy
-  #
-  #   permissions:
-  #     pages: write      # to deploy to Pages
-  #     id-token: write   # to verify the deployment originates from an appropriate source
-  #
-  #   # Deploy to the github-pages environment
-  #   environment:
-  #     name: github-pages
-  #     url: ${{ steps.deployment.outputs.page_url }}
-  #
-  #   steps:
-  #     - uses: actions/deploy-pages@v4
-  #       if: inputs.deploy
+  deploy:
+    needs: build
+    runs-on: ubuntu-latest
+    if: inputs.deploy
+
+    permissions:
+      pages: write      # to deploy to Pages
+      id-token: write   # to verify the deployment originates from an appropriate source
+
+    # Deploy to the github-pages environment
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+
+    steps:
+      - uses: actions/deploy-pages@v4
+        if: inputs.deploy
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index edc8b3e..b984f4e 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -7,6 +7,11 @@ on:
     branches:
       - main
 
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true