From 312eb70349cabbdbab55aaacc95d949acf341f6a Mon Sep 17 00:00:00 2001
From: "gcp-cherry-pick-bot[bot]"
 <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com>
Date: Fri, 3 Nov 2023 15:46:00 +0100
Subject: [PATCH] ci: explicitly give write permissions to packages
 (cherry-pick #7428) (#7430)

ci: explicitly give write permissions to packages (#7428)

* ci: explicitly give write permissions to packages



* run full CI on cherry-picks



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
---
 .github/workflows/ci-main.yml         | 5 +++++
 .github/workflows/ci-outpost.yml      | 3 +++
 .github/workflows/ci-web.yml          | 1 +
 .github/workflows/ci-website.yml      | 1 +
 .github/workflows/release-publish.yml | 4 ++++
 5 files changed, 14 insertions(+)

diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml
index 84e6f9f0c..75f935636 100644
--- a/.github/workflows/ci-main.yml
+++ b/.github/workflows/ci-main.yml
@@ -11,6 +11,7 @@ on:
   pull_request:
     branches:
       - main
+      - version-*
 
 env:
   POSTGRES_DB: authentik
@@ -184,6 +185,8 @@ jobs:
   build:
     needs: ci-core-mark
     runs-on: ubuntu-latest
+    permissions:
+      packages: write
     timeout-minutes: 120
     steps:
       - uses: actions/checkout@v3
@@ -229,6 +232,8 @@ jobs:
   build-arm64:
     needs: ci-core-mark
     runs-on: ubuntu-latest
+    permissions:
+      packages: write
     timeout-minutes: 120
     steps:
       - uses: actions/checkout@v3
diff --git a/.github/workflows/ci-outpost.yml b/.github/workflows/ci-outpost.yml
index 6520fd730..e67353d16 100644
--- a/.github/workflows/ci-outpost.yml
+++ b/.github/workflows/ci-outpost.yml
@@ -9,6 +9,7 @@ on:
   pull_request:
     branches:
       - main
+      - version-*
 
 jobs:
   lint-golint:
@@ -63,6 +64,8 @@ jobs:
           - ldap
           - radius
     runs-on: ubuntu-latest
+    permissions:
+      packages: write
     steps:
       - uses: actions/checkout@v3
         with:
diff --git a/.github/workflows/ci-web.yml b/.github/workflows/ci-web.yml
index 6a23127a7..cfdd80bd8 100644
--- a/.github/workflows/ci-web.yml
+++ b/.github/workflows/ci-web.yml
@@ -9,6 +9,7 @@ on:
   pull_request:
     branches:
       - main
+      - version-*
 
 jobs:
   lint-eslint:
diff --git a/.github/workflows/ci-website.yml b/.github/workflows/ci-website.yml
index 0445b4703..1551ae597 100644
--- a/.github/workflows/ci-website.yml
+++ b/.github/workflows/ci-website.yml
@@ -9,6 +9,7 @@ on:
   pull_request:
     branches:
       - main
+      - version-*
 
 jobs:
   lint-prettier:
diff --git a/.github/workflows/release-publish.yml b/.github/workflows/release-publish.yml
index b568486db..c686840a5 100644
--- a/.github/workflows/release-publish.yml
+++ b/.github/workflows/release-publish.yml
@@ -7,6 +7,8 @@ on:
 jobs:
   build-server:
     runs-on: ubuntu-latest
+    permissions:
+      packages: write
     steps:
       - uses: actions/checkout@v3
       - name: Set up QEMU
@@ -47,6 +49,8 @@ jobs:
             VERSION_FAMILY=${{ steps.ev.outputs.versionFamily }}
   build-outpost:
     runs-on: ubuntu-latest
+    permissions:
+      packages: write
     strategy:
       fail-fast: false
       matrix: