CI: The NPM action needs perms to upload GitHub Release artifacts

Also, don't include the checksum files generated by the build process.
Oyelowo · Jul 11, 2024 · 07801c8 · 07801c8
1 parent a4a0663
commit 07801c8
Showing 1 changed file with 10 additions and 2 deletions.
diff --git a/.github/workflows/npm.yml b/.github/workflows/npm.yml
@@ -107,7 +107,9 @@ jobs:
       uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
       with:
         name: Debug info (${{matrix.os}})
-        path: node/*-debuginfo.*
+        path: |
+          node/*-debuginfo.*
+          !node/*.sha256
 
   build-docker:
     name: Build (Ubuntu via Docker)
@@ -133,7 +135,9 @@ jobs:
       uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
       with:
         name: Debug info (${{matrix.os}})
-        path: node/*-debuginfo.*
+        path: |
+          node/*-debuginfo.*
+          !node/*.sha256
 
   verify-rust:
     name: Verify Node bindings
@@ -156,6 +160,10 @@ jobs:
   publish:
     name: Publish
 
+    permissions:
+      # Needed for ncipollo/release-action.
+      contents: 'write'
+
     runs-on: ubuntu-latest
 
     needs: [build, build-docker, verify-rust]