From 7568061eda8a84e7127011b0f4bee3b3fa4ca010 Mon Sep 17 00:00:00 2001 From: Ikiru Yoshizaki <3856350+guitarrapc@users.noreply.github.com> Date: Wed, 14 May 2025 12:39:03 +0900 Subject: [PATCH] ci: fix ghalint --- .../{build-debug.yml => build-debug.yaml} | 8 ++++++-- .../workflows/{build-docs.yml => build-docs.yaml} | 5 ++++- .../{build-release.yml => build-release.yaml} | 14 ++++++++++++-- ...ithub-change.yml => prevent-github-change.yaml} | 2 ++ .github/workflows/{stale.yml => stale.yaml} | 4 ++++ .github/workflows/{toc.yml => toc.yaml} | 5 +++-- 6 files changed, 31 insertions(+), 7 deletions(-) rename .github/workflows/{build-debug.yml => build-debug.yaml} (96%) rename .github/workflows/{build-docs.yml => build-docs.yaml} (91%) rename .github/workflows/{build-release.yml => build-release.yaml} (94%) rename .github/workflows/{prevent-github-change.yml => prevent-github-change.yaml} (84%) rename .github/workflows/{stale.yml => stale.yaml} (66%) rename .github/workflows/{toc.yml => toc.yaml} (82%) diff --git a/.github/workflows/build-debug.yml b/.github/workflows/build-debug.yaml similarity index 96% rename from .github/workflows/build-debug.yml rename to .github/workflows/build-debug.yaml index b7728b7..3dd9970 100644 --- a/.github/workflows/build-debug.yml +++ b/.github/workflows/build-debug.yaml @@ -10,7 +10,9 @@ on: jobs: build-dotnet: - runs-on: ubuntu-latest + permissions: + contents: read + runs-on: ubuntu-24.04 timeout-minutes: 10 steps: - uses: Cysharp/Actions/.github/actions/checkout@main @@ -25,7 +27,9 @@ jobs: max-parallel: 2 matrix: unity: ["2022.3.39f1", "6000.0.12f1"] # Test with LTS - runs-on: ubuntu-latest + permissions: + contents: read + runs-on: ubuntu-24.04 timeout-minutes: 30 # Unity build takes more than 20min. steps: - name: Load secrets diff --git a/.github/workflows/build-docs.yml b/.github/workflows/build-docs.yaml similarity index 91% rename from .github/workflows/build-docs.yml rename to .github/workflows/build-docs.yaml index eb946f8..5bbd25e 100644 --- a/.github/workflows/build-docs.yml +++ b/.github/workflows/build-docs.yaml @@ -8,7 +8,10 @@ on: jobs: run-docfx: - runs-on: ubuntu-latest + permissions: + contents: write + pages: write + runs-on: ubuntu-24.04 timeout-minutes: 10 steps: - uses: Cysharp/Actions/.github/actions/checkout@main diff --git a/.github/workflows/build-release.yml b/.github/workflows/build-release.yaml similarity index 94% rename from .github/workflows/build-release.yml rename to .github/workflows/build-release.yaml index bf61a72..ffec70b 100644 --- a/.github/workflows/build-release.yml +++ b/.github/workflows/build-release.yaml @@ -14,6 +14,8 @@ on: jobs: update-packagejson: + permissions: + contents: write uses: Cysharp/Actions/.github/workflows/update-packagejson.yaml@main with: file-path: ./src/UniTask/Assets/Plugins/UniTask/package.json @@ -22,7 +24,9 @@ jobs: build-dotnet: needs: [update-packagejson] - runs-on: ubuntu-latest + permissions: + contents: read + runs-on: ubuntu-24.04 timeout-minutes: 10 steps: - run: echo ${{ needs.update-packagejson.outputs.sha }} @@ -46,7 +50,9 @@ jobs: strategy: matrix: unity: ["2022.3.39f1"] - runs-on: ubuntu-latest + permissions: + contents: read + runs-on: ubuntu-24.04 timeout-minutes: 15 steps: - name: Load secrets @@ -92,6 +98,8 @@ jobs: # release create-release: needs: [update-packagejson, build-dotnet, build-unity] + permissions: + contents: write uses: Cysharp/Actions/.github/workflows/create-release.yaml@main with: commit-id: ${{ needs.update-packagejson.outputs.sha }} @@ -105,6 +113,8 @@ jobs: cleanup: if: ${{ needs.update-packagejson.outputs.is-branch-created == 'true' }} needs: [update-packagejson, build-dotnet, build-unity] + permissions: + contents: write uses: Cysharp/Actions/.github/workflows/clean-packagejson-branch.yaml@main with: branch: ${{ needs.update-packagejson.outputs.branch-name }} diff --git a/.github/workflows/prevent-github-change.yml b/.github/workflows/prevent-github-change.yaml similarity index 84% rename from .github/workflows/prevent-github-change.yml rename to .github/workflows/prevent-github-change.yaml index e654f3f..74573bb 100644 --- a/.github/workflows/prevent-github-change.yml +++ b/.github/workflows/prevent-github-change.yaml @@ -7,4 +7,6 @@ on: jobs: detect: + permissions: + contents: read uses: Cysharp/Actions/.github/workflows/prevent-github-change.yaml@main diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yaml similarity index 66% rename from .github/workflows/stale.yml rename to .github/workflows/stale.yaml index b480c3e..c333a85 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yaml @@ -7,4 +7,8 @@ on: jobs: stale: + permissions: + contents: read + pull-requests: write + issues: write uses: Cysharp/Actions/.github/workflows/stale-issue.yaml@main diff --git a/.github/workflows/toc.yml b/.github/workflows/toc.yaml similarity index 82% rename from .github/workflows/toc.yml rename to .github/workflows/toc.yaml index 77e0c74..9f77f93 100644 --- a/.github/workflows/toc.yml +++ b/.github/workflows/toc.yaml @@ -6,8 +6,9 @@ on: - 'README.md' jobs: - generateTOC: - name: TOC Generator + toc: + permissions: + contents: write uses: Cysharp/Actions/.github/workflows/toc-generator.yaml@main with: TOC_TITLE: "## Table of Contents"