logo Windmill Hub
Login
All items

Set default workflow permissions for a repository

Sets the default workflow permissions granted to the `GITHUB_TOKEN` when running workflows in a repository, and sets if GitHub Actions can submit approving pull request reviews.

Script github Verified

by hugo697 ยท 10/25/2023

Use in Windmill

The script

Submitted by hugo697 Typescript (fetch-only)
Verified 367 days ago
All edits
Permalink
1 
type Github = {
2 
  token: string;
3 
};
4 
/**
5 
 * Set default workflow permissions for a repository
6 
 * Sets the default workflow permissions granted to the `GITHUB_TOKEN` when running workflows in a repository, and sets if GitHub Actions
7 
can submit approving pull request reviews.
8 
 */
9 
export async function main(
10 
  auth: Github,
11 
  owner: string,
12 
  repo: string,
13 
  body: {
14 
    can_approve_pull_request_reviews?: boolean;
15 
    default_workflow_permissions?: "read" | "write";
16 
    [k: string]: unknown;
17 
  }
18 
) {
19 
  const url = new URL(
20 
    `https://api.github.com/repos/${owner}/${repo}/actions/permissions/workflow`
21 
  );
22
23 
  const response = await fetch(url, {
24 
    method: "PUT",
25 
    headers: {
26 
      "Content-Type": "application/json",
27 
      Authorization: "Bearer " + auth.token,
28 
    },
29 
    body: JSON.stringify(body),
30 
  });
31 
  if (!response.ok) {
32 
    const text = await response.text();
33 
    throw new Error(`${response.status} ${text}`);
34 
  }
35 
  return await response.text();
36 
}
37