Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update workflow permissions block #296

Merged
merged 1 commit into from
Mar 8, 2023
Merged

Update workflow permissions block #296

merged 1 commit into from
Mar 8, 2023

Conversation

ajschmidt8
Copy link
Contributor

This PR is a continuation of #294.

Omitting the other keys in the permissions block sets them to none (src).

This is probably not a concern for nv-morpheus, but it caused issues for some private RAPIDS repositories so I wanted to update the nv-morpheus repos for consistency.

To remedy this, this PR includes the following changes:

  • Keeps the id-token permission as write, but sets the remaining permissions as described in the restricted column here
    • Also sets pull_request to read so that fetch_base_branch in common.sh can use it
  • Moves the permissions blocks to the top of the workflows to DRY them up

@ajschmidt8
Update workflow permissions block
6873f0a 
This PR is a continuation of nv-morpheus#294.

Omitting the other keys in the `permissions` block sets them to `none` ([src](https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs#overview)).

This is probably not a concern for `nv-morpheus`, but it caused issues for some private RAPIDS repositories so I wanted to update the `nv-morpheus` repos for consistency.

To remedy this, this PR includes the following changes:

- Keeps the `id-token` permission as `write`, but sets the remaining permissions as described in the `restricted` column [here](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token)
  - Also sets `pull_request` to `read` so that `fetch_base_branch` in `common.sh` can use it
- Moves the `permissions` blocks to the top of the workflows to DRY them up
@ajschmidt8 ajschmidt8 requested a review from a team as a code owner March 8, 2023 01:01
@ajschmidt8 ajschmidt8 added improvement Improvement to existing functionality non-breaking Non-breaking change labels Mar 8, 2023
@codecov
Copy link

codecov bot commented Mar 8, 2023

Codecov Report

Merging #296 (6873f0a) into branch-23.03 (8747af7) will increase coverage by 22.63%.
The diff coverage is n/a.

Additional details and impacted files

Impacted file tree graph

@@                Coverage Diff                @@
##           branch-23.03     #296       +/-   ##
=================================================
+ Coverage         50.34%   72.97%   +22.63%     
=================================================
  Files               345      381       +36     
  Lines             10756    13117     +2361     
  Branches            909      991       +82     
=================================================
+ Hits               5415     9572     +4157     
+ Misses             5341     3545     -1796
Flag Coverage Δ
cpp 68.72% <ø> (+27.29%) ⬆️
py 41.04% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
cpp/mrc/include/mrc/benchmarking/tracer.hpp 76.74% <0.00%> (-2.33%) ⬇️
cpp/mrc/include/mrc/core/fiber_pool.hpp 100.00% <0.00%> (ø)
...pp/mrc/include/mrc/runnable/detail/type_traits.hpp 0.00% <0.00%> (ø)
cpp/mrc/src/tests/nodes/common_nodes.hpp 0.00% <0.00%> (ø)
cpp/mrc/src/internal/system/thread_pool.hpp 80.00% <0.00%> (ø)
cpp/mrc/src/tests/test_main.cpp 100.00% <0.00%> (ø)
cpp/mrc/src/tests/test_topology.cpp 98.46% <0.00%> (ø)
cpp/mrc/src/tests/test_reusable_pool.cpp 100.00% <0.00%> (ø)
...pp/mrc/src/tests/test_control_plane_components.cpp 90.32% <0.00%> (ø)
cpp/mrc/src/tests/test_next.cpp 87.80% <0.00%> (ø)
... and 155 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 8747af7...6873f0a. Read the comment docs.

@ajschmidt8
Copy link
Contributor Author

/merge

@rapids-bot rapids-bot bot merged commit d3f9d4c into nv-morpheus:branch-23.03 Mar 8, 2023
@ajschmidt8 ajschmidt8 deleted the update-permissions branch March 8, 2023 17:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dagardner-nv dagardner-nv dagardner-nv approved these changes

Assignees
No one assigned
Labels
improvement Improvement to existing functionality non-breaking Non-breaking change
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ajschmidt8 @dagardner-nv