我正在尝试使用他们的构建/推荐的 GitHub 操作来实现用于版本控制和发布的自动变更集。他们的文档中没有任何关于更改
GITHUB_TOKENname: Release
on:
push:
branches:
- main
concurrency: ${{ github.workflow }}-${{ github.ref }}
jobs:
release:
name: Release
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Install Dependencies
uses: ./.github/workflows/install
- name: Create Release Pull Request or Publish to npm
id: changesets
uses: changesets/action@v1
with:
# release script must build and call changeset publish
publish: pnpm release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
老实说,将
writecontentspull-requests这确实有点远了,但仍然存在权限问题:
Create Release Pull Request or Publish to npm
Run changesets/action@v1
with:
publish: pnpm release
setupGitUser: true
createGithubReleases: true
env:
PNPM_HOME: /home/runner/setup-pnpm/node_modules/.bin
GITHUB_TOKEN: ***
NPM_TOKEN: ***
# ...
creating pull request
Error: HttpError: GitHub Actions is not permitted to create or approve pull requests.
Error: GitHub Actions is not permitted to create or approve pull requests.
注意,我在存储库上启用了“允许 GitHub Actions 创建和批准拉取请求”,但我想我不需要这样做,因为这对所有 GitHub Actions 都是如此? 有人成功地让自动变更集操作发挥作用,并知道我必须设置哪些权限以及在哪里才能使其发挥作用?
GITHUB_TOKEN是一个托管秘密,它会自动生成并注入到工作流程中。无需为变更集创建单独的令牌。
请参阅 https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication#about-the-github_token-secrethttps://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token