This is an automated email from the ASF dual-hosted git repository.
yhu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/beam.git
The following commit(s) were added to refs/heads/master by this push:
new 42b04bdfef9 Fix check permission for GHA XVR workflows (#29291)
42b04bdfef9 is described below
commit 42b04bdfef911dce48a2e2208881774236ebdf61
Author: Yi Hu <ya...@google.com>
AuthorDate: Fri Nov 3 14:36:15 2023 -0400
Fix check permission for GHA XVR workflows (#29291)
* Fix check permission for GHA XVR workflows
* Add missing PostCommit_Singlestore_IOIT to change.md
* Fix readme copy-paste leftover
---
.github/workflows/README.md | 1 +
.github/workflows/beam_CloudML_Benchmarks_Dataflow.yml | 2 +-
.github/workflows/beam_PostCommit_XVR_Direct.yml | 4 ++--
.github/workflows/beam_PostCommit_XVR_Flink.yml | 4 ++--
.github/workflows/beam_PostCommit_XVR_JavaUsingPython_Dataflow.yml | 4 ++--
.github/workflows/beam_PostCommit_XVR_Samza.yml | 4 ++--
.github/workflows/beam_PostCommit_XVR_Spark3.yml | 4 ++--
7 files changed, 12 insertions(+), 11 deletions(-)
diff --git a/.github/workflows/README.md b/.github/workflows/README.md
index e8ec3ce1832..5afbae8677d 100644
--- a/.github/workflows/README.md
+++ b/.github/workflows/README.md
@@ -294,6 +294,7 @@ Please note that jobs with matrix need to have matrix
element in the comment. Ex
| [ PostCommit Java Nexmark Spark
](https://github.com/apache/beam/actions/workflows/beam_PostCommit_Java_Nexmark_Spark.yml)
| N/A |`Run Spark Runner Nexmark Tests`|
[](https://github.com/apache/beam/actions/workflows/beam_PostCommit_Java_Nexmark_Spark.yml?query=event%3Aschedule)
|
| [ PostCommit Java PVR Flink Streaming
](https://github.com/apache/beam/actions/workflows/beam_PostCommit_Java_PVR_Flink_Streaming.yml)
| N/A |`Run Java Flink PortableValidatesRunner Streaming`|
[](https://github.com/apache/beam/actions/workflows/beam_PostCommit_Java_PVR_Flink_Streaming.yml?query=event%3A
[...]
| [ PostCommit Java PVR Samza
](https://github.com/apache/beam/actions/workflows/beam_PostCommit_Java_PVR_Samza.yml)
| N/A |`Run Java Samza PortableValidatesRunner`|
[](https://github.com/apache/beam/actions/workflows/beam_PostCommit_Java_PVR_Samza.yml?query=event%3Aschedule)
|
+| [ PostCommit Java SingleStoreIO IT
](https://github.com/apache/beam/actions/workflows/beam_PostCommit_Java_SingleStoreIO_IT.yml)
| N/A |`Run Java SingleStoreIO_IT`|
[](https://github.com/apache/beam/actions/workflows/beam_PostCommit_Java_SingleStoreIO_IT.yml?query=event%3Aschedule)
|
| [ PostCommit Java PVR Spark3 Streaming
](https://github.com/apache/beam/actions/workflows/beam_PostCommit_Java_PVR_Spark3_Streaming.yml)
| N/A |`Run Java Spark v3 PortableValidatesRunner Streaming`|
[](https://github.com/apache/beam/actions/workflows/beam_PostCommit_Java_PVR_Spark3_Streaming.yml?query=
[...]
| [ PostCommit Java PVR Spark Batch
](https://github.com/apache/beam/actions/workflows/beam_PostCommit_Java_PVR_Spark_Batch.yml)
| N/A |`Run Java Spark PortableValidatesRunner Batch`|
[](https://github.com/apache/beam/actions/workflows/beam_PostCommit_Java_PVR_Spark_Batch.yml?query=event%3Aschedule)
|
| [ PostCommit Java Sickbay
](https://github.com/apache/beam/actions/workflows/beam_PostCommit_Java_Sickbay.yml)
| N/A |`Run Java Sickbay`|
[](https://github.com/apache/beam/actions/workflows/beam_PostCommit_Java_Sickbay.yml?query=event%3Aschedule)
|
diff --git a/.github/workflows/beam_CloudML_Benchmarks_Dataflow.yml
b/.github/workflows/beam_CloudML_Benchmarks_Dataflow.yml
index 65e388c8a72..4902062d392 100644
--- a/.github/workflows/beam_CloudML_Benchmarks_Dataflow.yml
+++ b/.github/workflows/beam_CloudML_Benchmarks_Dataflow.yml
@@ -40,7 +40,7 @@ permissions:
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
- group: '${{ github.workflow }} @ ${{ github.event.issue.number || github.sha
|| github.head_ref || github.ref }}-${{ github.event.schedule ||
github.event.comment.body || github.event.sender.login }}'
+ group: '${{ github.workflow }} @ ${{ github.event.issue.number || github.sha
|| github.head_ref || github.ref }}-${{ github.event.schedule ||
github.event.comment.id || github.event.sender.login }}'
cancel-in-progress: true
env:
diff --git a/.github/workflows/beam_PostCommit_XVR_Direct.yml
b/.github/workflows/beam_PostCommit_XVR_Direct.yml
index dcb6d3b3b0b..ee90f9176f6 100644
--- a/.github/workflows/beam_PostCommit_XVR_Direct.yml
+++ b/.github/workflows/beam_PostCommit_XVR_Direct.yml
@@ -25,8 +25,8 @@ on:
#Setting explicit permissions for the action to avoid the default permissions
which are `write-all` in case of pull_request_target event
permissions:
actions: write
- pull-requests: read
- checks: read
+ pull-requests: write
+ checks: write
contents: read
deployments: read
id-token: none
diff --git a/.github/workflows/beam_PostCommit_XVR_Flink.yml
b/.github/workflows/beam_PostCommit_XVR_Flink.yml
index abb77eeee97..75d3353e8a1 100644
--- a/.github/workflows/beam_PostCommit_XVR_Flink.yml
+++ b/.github/workflows/beam_PostCommit_XVR_Flink.yml
@@ -25,8 +25,8 @@ on:
#Setting explicit permissions for the action to avoid the default permissions
which are `write-all` in case of pull_request_target event
permissions:
actions: write
- pull-requests: read
- checks: read
+ pull-requests: write
+ checks: write
contents: read
deployments: read
id-token: none
diff --git a/.github/workflows/beam_PostCommit_XVR_JavaUsingPython_Dataflow.yml
b/.github/workflows/beam_PostCommit_XVR_JavaUsingPython_Dataflow.yml
index 0b81a444d58..113c5162607 100644
--- a/.github/workflows/beam_PostCommit_XVR_JavaUsingPython_Dataflow.yml
+++ b/.github/workflows/beam_PostCommit_XVR_JavaUsingPython_Dataflow.yml
@@ -25,8 +25,8 @@ on:
#Setting explicit permissions for the action to avoid the default permissions
which are `write-all` in case of pull_request_target event
permissions:
actions: write
- pull-requests: read
- checks: read
+ pull-requests: write
+ checks: write
contents: read
deployments: read
id-token: none
diff --git a/.github/workflows/beam_PostCommit_XVR_Samza.yml
b/.github/workflows/beam_PostCommit_XVR_Samza.yml
index 239d3c849b2..b05b588e0cf 100644
--- a/.github/workflows/beam_PostCommit_XVR_Samza.yml
+++ b/.github/workflows/beam_PostCommit_XVR_Samza.yml
@@ -25,8 +25,8 @@ on:
#Setting explicit permissions for the action to avoid the default permissions
which are `write-all` in case of pull_request_target event
permissions:
actions: write
- pull-requests: read
- checks: read
+ pull-requests: write
+ checks: write
contents: read
deployments: read
id-token: none
diff --git a/.github/workflows/beam_PostCommit_XVR_Spark3.yml
b/.github/workflows/beam_PostCommit_XVR_Spark3.yml
index 720900b7a08..0742196a696 100644
--- a/.github/workflows/beam_PostCommit_XVR_Spark3.yml
+++ b/.github/workflows/beam_PostCommit_XVR_Spark3.yml
@@ -25,8 +25,8 @@ on:
#Setting explicit permissions for the action to avoid the default permissions
which are `write-all` in case of pull_request_target event
permissions:
actions: write
- pull-requests: read
- checks: read
+ pull-requests: write
+ checks: write
contents: read
deployments: read
id-token: none
