diff --git a/.github/workflows/build-debug.yml b/.github/workflows/build-debug.yaml similarity index 96% rename from .github/workflows/build-debug.yml rename to .github/workflows/build-debug.yaml index b7728b7..3dd9970 100644 --- a/.github/workflows/build-debug.yml +++ b/.github/workflows/build-debug.yaml @@ -10,7 +10,9 @@ on: jobs: build-dotnet: - runs-on: ubuntu-latest + permissions: + contents: read + runs-on: ubuntu-24.04 timeout-minutes: 10 steps: - uses: Cysharp/Actions/.github/actions/checkout@main @@ -25,7 +27,9 @@ jobs: max-parallel: 2 matrix: unity: ["2022.3.39f1", "6000.0.12f1"] # Test with LTS - runs-on: ubuntu-latest + permissions: + contents: read + runs-on: ubuntu-24.04 timeout-minutes: 30 # Unity build takes more than 20min. steps: - name: Load secrets diff --git a/.github/workflows/build-docs.yml b/.github/workflows/build-docs.yaml similarity index 91% rename from .github/workflows/build-docs.yml rename to .github/workflows/build-docs.yaml index eb946f8..5bbd25e 100644 --- a/.github/workflows/build-docs.yml +++ b/.github/workflows/build-docs.yaml @@ -8,7 +8,10 @@ on: jobs: run-docfx: - runs-on: ubuntu-latest + permissions: + contents: write + pages: write + runs-on: ubuntu-24.04 timeout-minutes: 10 steps: - uses: Cysharp/Actions/.github/actions/checkout@main diff --git a/.github/workflows/build-release.yml b/.github/workflows/build-release.yaml similarity index 94% rename from .github/workflows/build-release.yml rename to .github/workflows/build-release.yaml index bf61a72..ffec70b 100644 --- a/.github/workflows/build-release.yml +++ b/.github/workflows/build-release.yaml @@ -14,6 +14,8 @@ on: jobs: update-packagejson: + permissions: + contents: write uses: Cysharp/Actions/.github/workflows/update-packagejson.yaml@main with: file-path: ./src/UniTask/Assets/Plugins/UniTask/package.json @@ -22,7 +24,9 @@ jobs: build-dotnet: needs: [update-packagejson] - runs-on: ubuntu-latest + permissions: + contents: read + runs-on: ubuntu-24.04 timeout-minutes: 10 steps: - run: echo ${{ needs.update-packagejson.outputs.sha }} @@ -46,7 +50,9 @@ jobs: strategy: matrix: unity: ["2022.3.39f1"] - runs-on: ubuntu-latest + permissions: + contents: read + runs-on: ubuntu-24.04 timeout-minutes: 15 steps: - name: Load secrets @@ -92,6 +98,8 @@ jobs: # release create-release: needs: [update-packagejson, build-dotnet, build-unity] + permissions: + contents: write uses: Cysharp/Actions/.github/workflows/create-release.yaml@main with: commit-id: ${{ needs.update-packagejson.outputs.sha }} @@ -105,6 +113,8 @@ jobs: cleanup: if: ${{ needs.update-packagejson.outputs.is-branch-created == 'true' }} needs: [update-packagejson, build-dotnet, build-unity] + permissions: + contents: write uses: Cysharp/Actions/.github/workflows/clean-packagejson-branch.yaml@main with: branch: ${{ needs.update-packagejson.outputs.branch-name }} diff --git a/.github/workflows/prevent-github-change.yml b/.github/workflows/prevent-github-change.yaml similarity index 84% rename from .github/workflows/prevent-github-change.yml rename to .github/workflows/prevent-github-change.yaml index e654f3f..74573bb 100644 --- a/.github/workflows/prevent-github-change.yml +++ b/.github/workflows/prevent-github-change.yaml @@ -7,4 +7,6 @@ on: jobs: detect: + permissions: + contents: read uses: Cysharp/Actions/.github/workflows/prevent-github-change.yaml@main diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yaml similarity index 66% rename from .github/workflows/stale.yml rename to .github/workflows/stale.yaml index b480c3e..c333a85 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yaml @@ -7,4 +7,8 @@ on: jobs: stale: + permissions: + contents: read + pull-requests: write + issues: write uses: Cysharp/Actions/.github/workflows/stale-issue.yaml@main diff --git a/.github/workflows/toc.yml b/.github/workflows/toc.yaml similarity index 82% rename from .github/workflows/toc.yml rename to .github/workflows/toc.yaml index 77e0c74..9f77f93 100644 --- a/.github/workflows/toc.yml +++ b/.github/workflows/toc.yaml @@ -6,8 +6,9 @@ on: - 'README.md' jobs: - generateTOC: - name: TOC Generator + toc: + permissions: + contents: write uses: Cysharp/Actions/.github/workflows/toc-generator.yaml@main with: TOC_TITLE: "## Table of Contents"