Skip to content

fix: doc-deploy-dev needs pr write permission#1392

Open
inimaz wants to merge 2 commits into
mainfrom
fix/doc-deploy-dev-permissions
Open

fix: doc-deploy-dev needs pr write permission#1392
inimaz wants to merge 2 commits into
mainfrom
fix/doc-deploy-dev-permissions

Conversation

@inimaz

@inimaz inimaz commented Jun 30, 2026

Copy link
Copy Markdown

Closes #1391. But I am not sure, how to test this?

@inimaz inimaz requested a review from a team as a code owner June 30, 2026 07:53
@github-actions github-actions Bot added the fix Pull requests related to resolving problems or errors label Jun 30, 2026
@inimaz inimaz mentioned this pull request Jun 30, 2026
2 tasks

@SMoraisAnsys SMoraisAnsys left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Many of our actions do require specific permissions and that's documented both in the associated examples and the actions description (see my "Here" comment). I'm not opposed to adding this kind of error handling but we would have to do it for the other actions too if that's the case :)

Comment thread doc-deploy-dev/action.yml
.. important:: **Required GitHub Permissions**

- **contents**: ``write`` - Required to push documentation to the gh-pages branch
- **pull-requests**: ``write`` - Required to add comments on pull requests about documentation deployment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here

@SMoraisAnsys

Copy link
Copy Markdown
Contributor

Closes #1391. But I am not sure, how to test this?

You can just try your branch on a public repo you manage / have access to. Instead of pointing to the tag with its hash, you can leverage your branch name.

@inimaz

inimaz commented Jun 30, 2026

Copy link
Copy Markdown
Author

Ah nice, thanks for the review @SMoraisAnsys !
My problem was that it did work for long time without the pull-requests: write permission. Then when I added the other deploy-doc-pr job, it suddenly stopped working with no warning/error. Maybe we can add a common check to all jobs and fail or add a warning if the permissions are not there? It might be overkill.

@SMoraisAnsys

Copy link
Copy Markdown
Contributor

Ah nice, thanks for the review @SMoraisAnsys ! My problem was that it did work for long time without the pull-requests: write permission. Then when I added the other deploy-doc-pr job, it suddenly stopped working with no warning/error. Maybe we can add a common check to all jobs and fail or add a warning if the permissions are not there? It might be overkill.

I'm fine with adding that check but we should be consistent and apply it in other locations where we are the one managing the code that requires specific permission. In the cases where we consume third party actions (with specific permissions requirements), I wouldn't want to add things like continue-on-error just to log an error message that is probably already explained by the third party action.

@inimaz

inimaz commented Jun 30, 2026

Copy link
Copy Markdown
Author

I'm fine with adding that check but we should be consistent and apply it in other locations where we are the one managing the code that requires specific permission. In the cases where we consume third party actions (with specific permissions requirements), I wouldn't want to add things like continue-on-error just to log an error message that is probably already explained by the third party action.

I completely agree. I would say just check the permissions that are in the description and we know are needed for the part of the action we manage.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

fix Pull requests related to resolving problems or errors

Projects

None yet

Development

Successfully merging this pull request may close these issues.

deploy-docs-dev fails silently

3 participants