Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

github-actions: add missing permissions #8059

Merged
merged 1 commit into from
Oct 3, 2024
Merged

github-actions: add missing permissions #8059

merged 1 commit into from
Oct 3, 2024

Conversation

v1v
Copy link
Member

@v1v v1v commented Oct 3, 2024
edited by cee-chen
Loading

Summary

Fixes the required permissions for the GitHub actions in charge of managing the stale issues or PRs

There are some missing permissions and some error annotations in the GitHub workflow:

image

I discovered these errors as part of the CICD Observability for GitHub actions that we enabled some time ago and with some alerting when searching for Resource not accessible by integration

image image

For further details please see actions/stale#840

QA

N/A, internal only

@v1v v1v requested a review from a team as a code owner October 3, 2024 10:41
tkajtoch
tkajtoch approved these changes Oct 3, 2024
View reviewed changes
Copy link
Member

@tkajtoch tkajtoch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is interesting. Our actions seem to work just fine, but these errors are printed out. I'm happy to merge it to get rid of these error logs!

@cee-chen cee-chen merged commit 2960963 into elastic:main Oct 3, 2024
7 of 8 checks passed
@cee-chen cee-chen mentioned this pull request Oct 14, 2024
Merged
@cee-chen
Copy link
Member

Reverted in #8076 - unfortunately stalebot went rogue as a result of these changes and auto-closed a bunch of issues we didn't want it to.

@v1v
Copy link
Member Author

v1v commented Oct 15, 2024

Reverted in #8076 - unfortunately stalebot went rogue as a result of these changes and auto-closed a bunch of issues we didn't want it to.

That's a shame... the current alerting we have in place for the CICD Observability will keep reporting these errors, in my view, it will be better if those errors are fixed to get the most out of the alerting - I'll add an exclusion if service is not eui

@cee-chen
Copy link
Member

cee-chen commented Oct 15, 2024
edited
Loading

We can change permissions to read instead of write if needed which will omit the errors, but I don't see the point of that frankly - we don't need those specific jobs to even waste API calls reading issues, we just need them to look at PRs (or vice versa, depending on the job). Please do exclude EUI from your alerting!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tkajtoch tkajtoch tkajtoch approved these changes

Assignees
No one assigned
Labels
skip-changelog tech debt
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@v1v @cee-chen @tkajtoch