Skip to content

readme: add action permission settings #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

readme: add action permission settings #7

wants to merge 1 commit into from

Conversation

@MattSturgeon
Copy link

@MattSturgeon MattSturgeon commented Sep 5, 2025
edited by coderabbitai bot
Loading

When creating a new repo from the template, you must also edit the GitHub Actions workflow permission settings or the workflow job will run into 403 permission errors.

For example, this run (https://github.com/MattSturgeon/test-update-flake-lock/actions/runs/17505282300) has three attempts; during the first the repo settings were left as default, during the second I enabled "allow creating PRs", during the third I also selected "allow write". The third was the only one that didn't 403.

Aside: this should probably also be documented on the main action's README, if it isn't already. It wouldn't apply to anyone using a PAT or a GH App, of course, so that may be worth caveating.

Summary by CodeRabbit

  • Documentation
    • Updated README Usage with explicit steps to configure GitHub Actions workflow permissions.
    • Added navigation: Settings → Actions → General → Workflow permissions.
    • Instructed to enable “Read and write permissions” so Actions can create and approve pull requests, then save.
    • Clarified these steps go after modifying the workflow and before visiting the Actions tab.

@coderabbitai
Copy link

coderabbitai bot commented Sep 5, 2025
edited
Loading

Walkthrough

README.md updated to add steps in the Usage section for configuring GitHub Actions workflow permissions, including navigation path and specific permission settings, placed after editing .github/workflows/update.yml and before visiting the Actions tab.

Changes

Cohort / File(s) Summary
Documentation
README.md		 Added instructions to set GitHub Actions workflow permissions: navigate to Settings → Actions → General → Workflow permissions; enable Read and write permissions; allow Actions to create and approve pull requests; click Save. Placed after modifying .github/workflows/update.yml and before proceeding to the Actions tab.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

I hopped through docs with nimble care,
Toggled perms so Actions dare,
Read and write to weave and start,
Approve pull dreams with rabbit heart.
A tiny paw, a final tap—let CI depart. 🐇✨

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

  • MCP integration is disabled by default for public repositories
  • Jira integration is disabled by default for public repositories
  • Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 321df53 and 0faa39f.

📒 Files selected for processing (1)
  • README.md (1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
  • README.md
✨ Finishing Touches
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Sep 5, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
README.md (1)

20-20: Typo: “real-word” → “real-world”.

User-facing docs; please correct.

-flake.lock in a simulation of a real-word use case. If the action succeeds, you
+flake.lock in a simulation of a real-world use case. If the action succeeds, you
🧹 Nitpick comments (1)
README.md (1)

38-38: Consider updating to actions/checkout@v4.

The example uses v2; v4 is current and recommended.

Would you like me to open a follow-up PR to bump example action versions after confirming the latest tags?

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

  • MCP integration is disabled by default for public repositories
  • Jira integration is disabled by default for public repositories
  • Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 5555ec4 and 321df53.

📒 Files selected for processing (1)
  • README.md (1 hunks)

@MattSturgeon
readme: add action permission settings
0faa39f 
When creating a new repo from the template, you must also edit the
GitHub Actions workflow permissions.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@MattSturgeon