From 4a19f239ce63268d813601a912eb6105027ce84e Mon Sep 17 00:00:00 2001 From: Ben Henning Date: Thu, 13 Feb 2025 13:31:55 -0800 Subject: [PATCH] Fix #5699: Update wiki deployment permissions (#5700) ## Explanation Fixes #5699 This attempts to fix #5699 by updating the job permissions for wiki deployment to include access to content writing (which is now off by default at the Oppia organization level--see #5699). It's not clear whether this will fix the issue since GitHub's documentation is unclear as to which permissions are required in order to be able to push to the wiki, but it seems likely that 'contents' is the correct permission per https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token#overview. Unfortunately, the fix can't be verified until after the PR is merged as the deployment job only runs manually or upon a PR merging. Note that the permission is intentionally being set job-specific to avoid over-subscribing permissions at the workflow level (since the other job and potentially future jobs in this workflow do not need content write access). ## Essential Checklist - [x] The PR title and explanation each start with "Fix #bugnum: " (If this PR fixes part of an issue, prefix the title with "Fix part of #bugnum: ...".) - [x] Any changes to [scripts/assets](https://github.com/oppia/oppia-android/tree/develop/scripts/assets) files have their rationale included in the PR explanation. - [x] The PR follows the [style guide](https://github.com/oppia/oppia-android/wiki/Coding-style-guide). - [x] The PR does not contain any unnecessary code changes from Android Studio ([reference](https://github.com/oppia/oppia-android/wiki/Guidance-on-submitting-a-PR#undo-unnecessary-changes)). - [x] The PR is made from a branch that's **not** called "develop" and is up-to-date with "develop". - [x] The PR is **assigned** to the appropriate reviewers ([reference](https://github.com/oppia/oppia-android/wiki/Guidance-on-submitting-a-PR#clarification-regarding-assignees-and-reviewers-section)). ## For UI-specific PRs only N/A -- this is an infrastructure-only change that also only affects wiki deployment and verification workflows. --- .github/workflows/wiki.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/wiki.yml b/.github/workflows/wiki.yml index 5816c9a7e9a..67da9814fe8 100644 --- a/.github/workflows/wiki.yml +++ b/.github/workflows/wiki.yml @@ -36,6 +36,8 @@ jobs: bazel run //scripts:wiki_table_of_contents_check -- ${GITHUB_WORKSPACE} wiki-deploy: + permissions: + contents: write runs-on: ${{ matrix.os }} strategy: matrix: