logo Windmill Hub
Login
All items

Set default workflow permissions for an organization

Sets the default workflow permissions granted to the `GITHUB_TOKEN` when running workflows in an organization, and sets if GitHub Actions can submit approving pull request reviews.

Script github Verified

by hugo697 ยท 10/25/2023

Use in Windmill

The script

Submitted by hugo697 Typescript (fetch-only)
Verified 367 days ago
All edits
Permalink
1 
type Github = {
2 
  token: string;
3 
};
4 
/**
5 
 * Set default workflow permissions for an organization
6 
 * Sets the default workflow permissions granted to the `GITHUB_TOKEN` when running workflows in an organization, and sets if GitHub Actions
7 
can submit approving pull request reviews.
8 
 */
9 
export async function main(
10 
  auth: Github,
11 
  org: string,
12 
  body: {
13 
    can_approve_pull_request_reviews?: boolean;
14 
    default_workflow_permissions?: "read" | "write";
15 
    [k: string]: unknown;
16 
  }
17 
) {
18 
  const url = new URL(
19 
    `https://api.github.com/orgs/${org}/actions/permissions/workflow`
20 
  );
21
22 
  const response = await fetch(url, {
23 
    method: "PUT",
24 
    headers: {
25 
      "Content-Type": "application/json",
26 
      Authorization: "Bearer " + auth.token,
27 
    },
28 
    body: JSON.stringify(body),
29 
  });
30 
  if (!response.ok) {
31 
    const text = await response.text();
32 
    throw new Error(`${response.status} ${text}`);
33 
  }
34 
  return await response.text();
35 
}
36