diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index fef1bd65ab..826aefd092 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -9,11 +9,8 @@ on: # Allows you to run this workflow manually from the Actions tab workflow_dispatch: -# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages permissions: contents: read - pages: write - id-token: write # Allow one concurrent deployment concurrency: @@ -76,6 +73,12 @@ jobs: url: ${{ steps.deployment.outputs.page_url }} runs-on: ${{ github.repository_owner == 'oneapi-src' && 'intel-ubuntu-22.04' || 'ubuntu-latest' }} needs: build + + # Sets permissions to allow deployment to GitHub Pages + permissions: + pages: write + id-token: write + steps: - name: Deploy to GitHub Pages id: deployment diff --git a/.github/workflows/pr-migration-auto-close.yml b/.github/workflows/pr-migration-auto-close.yml index 6bbb2d24f6..19b6afd8fb 100644 --- a/.github/workflows/pr-migration-auto-close.yml +++ b/.github/workflows/pr-migration-auto-close.yml @@ -7,12 +7,15 @@ on: workflow_dispatch: permissions: - pull-requests: write - issues: write + contents: read jobs: close-stale-prs: runs-on: ubuntu-latest + permissions: + pull-requests: write + issues: write + steps: - name: Close PRs labeled "auto-close" uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 diff --git a/.github/workflows/pr-migration-warn.yml b/.github/workflows/pr-migration-warn.yml index fedf40b943..65cd622466 100644 --- a/.github/workflows/pr-migration-warn.yml +++ b/.github/workflows/pr-migration-warn.yml @@ -7,12 +7,15 @@ on: workflow_dispatch: permissions: - pull-requests: write - issues: write + contents: read jobs: label-and-comment: runs-on: ubuntu-latest + permissions: + pull-requests: write + issues: write + steps: - name: Label and comment on open PRs uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0