Of late, I’ve been working on fixing the security vulnerabilities in my projects (three of them) that SNYK reported. I noticed that one of the repository’s workflow isn’t latest as per my organization. So, I added the missing steps; all three were for uploading Jacoco badges. Lo and behold, my builds started to fail.
Oopsie!
Should I not add these steps as part of my workflow? What am I missing?
A quick google landed me on an article on medium.com. If you’re here, you might have already read through this nice article. Sadly, it wasn’t the case for me. The Settings/Actions/Workflow Permissions was fine for my repository.
So, what next?
I had to change the permissions as below, note the italicized ones.
permissions:
contents: read
id-token: write
issues: read
checks: write
pull-requests: write
That resolved the 403 error. Yuppie!
Until next time…
Shabana Mukhtar