From 8664ada51d4ff54ed7b33e74d8c53cdc2b45c427 Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Sat, 3 Feb 2024 18:21:23 +0100 Subject: [PATCH 1/8] check permissions module workflow --- .github/workflows/avm.res.analysis-services.server.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/avm.res.analysis-services.server.yml b/.github/workflows/avm.res.analysis-services.server.yml index 91269939d3..2b36d51569 100644 --- a/.github/workflows/avm.res.analysis-services.server.yml +++ b/.github/workflows/avm.res.analysis-services.server.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -32,6 +31,10 @@ on: - "avm/utilities/pipelines/**" - "!*/**/README.md" +permissions: + id-token: write # For OIDC + contents: write # For release tags + env: modulePath: "avm/res/analysis-services/server" workflowPath: ".github/workflows/avm.res.analysis-services.server.yml" From 6edcb6d9b387a18324987345ae04ee510b6fceed Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Sat, 3 Feb 2024 18:24:59 +0100 Subject: [PATCH 2/8] check permissions module workflow no template --- .github/workflows/avm.template.module.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/avm.template.module.yml b/.github/workflows/avm.template.module.yml index 8629d675fe..531181fd7d 100644 --- a/.github/workflows/avm.template.module.yml +++ b/.github/workflows/avm.template.module.yml @@ -20,9 +20,9 @@ on: description: "Relative path to the module folder" required: true -permissions: - id-token: write # For OIDC - contents: write # For release tags +# permissions: +# id-token: write # For OIDC +# contents: write # For release tags env: ARM_SUBSCRIPTION_ID: "${{ secrets.ARM_SUBSCRIPTION_ID }}" From a2c7b3cd216d20fd147a96385132f2255f8ffc8e Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Sat, 3 Feb 2024 18:30:49 +0100 Subject: [PATCH 3/8] check permissions module partial workflow template on job --- .github/workflows/avm.res.network.private-endpoint.yml | 4 ++++ .github/workflows/avm.template.module.yml | 3 +++ 2 files changed, 7 insertions(+) diff --git a/.github/workflows/avm.res.network.private-endpoint.yml b/.github/workflows/avm.res.network.private-endpoint.yml index 26342bef74..fe51f55765 100644 --- a/.github/workflows/avm.res.network.private-endpoint.yml +++ b/.github/workflows/avm.res.network.private-endpoint.yml @@ -32,6 +32,10 @@ on: - "avm/utilities/pipelines/**" - "!*/**/README.md" +permissions: + id-token: write # For OIDC + # contents: write # For release tags + env: modulePath: "avm/res/network/private-endpoint" workflowPath: ".github/workflows/avm.res.network.private-endpoint.yml" diff --git a/.github/workflows/avm.template.module.yml b/.github/workflows/avm.template.module.yml index 531181fd7d..b50a2cbb69 100644 --- a/.github/workflows/avm.template.module.yml +++ b/.github/workflows/avm.template.module.yml @@ -116,6 +116,9 @@ jobs: job_publish_module: # Note: Please don't change this job name. It is used by the setEnvironment action to define which PS modules to install on runners. name: "Publishing" runs-on: ubuntu-latest + permissions: + id-token: write # For OIDC + contents: write # For release tags if: github.ref == 'refs/heads/main' && success() needs: - job_module_deploy_validation From 52ab7dfad72deaa1d53676ceed005d19d3959e64 Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Sat, 3 Feb 2024 18:33:17 +0100 Subject: [PATCH 4/8] check permissions module on call template none --- .github/workflows/avm.res.network.public-ip-address.yml | 3 +++ .github/workflows/avm.template.module.yml | 3 --- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/avm.res.network.public-ip-address.yml b/.github/workflows/avm.res.network.public-ip-address.yml index b49c78f72a..823f4916af 100644 --- a/.github/workflows/avm.res.network.public-ip-address.yml +++ b/.github/workflows/avm.res.network.public-ip-address.yml @@ -72,6 +72,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.template.module.yml b/.github/workflows/avm.template.module.yml index b50a2cbb69..531181fd7d 100644 --- a/.github/workflows/avm.template.module.yml +++ b/.github/workflows/avm.template.module.yml @@ -116,9 +116,6 @@ jobs: job_publish_module: # Note: Please don't change this job name. It is used by the setEnvironment action to define which PS modules to install on runners. name: "Publishing" runs-on: ubuntu-latest - permissions: - id-token: write # For OIDC - contents: write # For release tags if: github.ref == 'refs/heads/main' && success() needs: - job_module_deploy_validation From bb8ec80ff5b396dd73657b2da68e1993dd96b7d1 Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Sun, 4 Feb 2024 16:19:37 +0100 Subject: [PATCH 5/8] cleanup --- .github/workflows/avm.res.analysis-services.server.yml | 4 ---- .github/workflows/avm.res.network.private-endpoint.yml | 4 ---- .github/workflows/avm.template.module.yml | 4 ---- 3 files changed, 12 deletions(-) diff --git a/.github/workflows/avm.res.analysis-services.server.yml b/.github/workflows/avm.res.analysis-services.server.yml index 2b36d51569..937c0646e5 100644 --- a/.github/workflows/avm.res.analysis-services.server.yml +++ b/.github/workflows/avm.res.analysis-services.server.yml @@ -31,10 +31,6 @@ on: - "avm/utilities/pipelines/**" - "!*/**/README.md" -permissions: - id-token: write # For OIDC - contents: write # For release tags - env: modulePath: "avm/res/analysis-services/server" workflowPath: ".github/workflows/avm.res.analysis-services.server.yml" diff --git a/.github/workflows/avm.res.network.private-endpoint.yml b/.github/workflows/avm.res.network.private-endpoint.yml index fe51f55765..26342bef74 100644 --- a/.github/workflows/avm.res.network.private-endpoint.yml +++ b/.github/workflows/avm.res.network.private-endpoint.yml @@ -32,10 +32,6 @@ on: - "avm/utilities/pipelines/**" - "!*/**/README.md" -permissions: - id-token: write # For OIDC - # contents: write # For release tags - env: modulePath: "avm/res/network/private-endpoint" workflowPath: ".github/workflows/avm.res.network.private-endpoint.yml" diff --git a/.github/workflows/avm.template.module.yml b/.github/workflows/avm.template.module.yml index 531181fd7d..48fe6ab9f6 100644 --- a/.github/workflows/avm.template.module.yml +++ b/.github/workflows/avm.template.module.yml @@ -20,10 +20,6 @@ on: description: "Relative path to the module folder" required: true -# permissions: -# id-token: write # For OIDC -# contents: write # For release tags - env: ARM_SUBSCRIPTION_ID: "${{ secrets.ARM_SUBSCRIPTION_ID }}" ARM_MGMTGROUP_ID: "${{ secrets.ARM_MGMTGROUP_ID }}" From 662055f6a3d971c273bc7b0406fdbcd5954b51bc Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Sun, 4 Feb 2024 16:26:31 +0100 Subject: [PATCH 6/8] apply all --- .github/workflows/avm.res.analysis-services.server.yml | 3 +++ .github/workflows/avm.res.api-management.service.yml | 4 +++- .github/workflows/avm.res.app.container-app.yml | 6 ++++-- .github/workflows/avm.res.app.managed-environment.yml | 6 ++++-- .github/workflows/avm.res.automation.automation-account.yml | 4 +++- .github/workflows/avm.res.batch.batch-account.yml | 4 +++- .github/workflows/avm.res.cache.redis.yml | 4 +++- .github/workflows/avm.res.cognitive-services.account.yml | 4 +++- .github/workflows/avm.res.compute.availability-set.yml | 4 +++- .github/workflows/avm.res.compute.disk-encryption-set.yml | 4 +++- .github/workflows/avm.res.compute.disk.yml | 4 +++- .github/workflows/avm.res.compute.gallery.yml | 4 +++- .github/workflows/avm.res.compute.image.yml | 4 +++- .../workflows/avm.res.compute.proximity-placement-group.yml | 4 +++- .github/workflows/avm.res.compute.ssh-public-key.yml | 4 +++- .github/workflows/avm.res.compute.virtual-machine.yml | 4 +++- .github/workflows/avm.res.consumption.budget.yml | 4 +++- .github/workflows/avm.res.container-registry.registry.yml | 4 +++- .../workflows/avm.res.container-service.managed-cluster.yml | 6 ++++-- .github/workflows/avm.res.data-factory.factory.yml | 4 +++- .github/workflows/avm.res.data-protection.backup-vault.yml | 4 +++- .github/workflows/avm.res.databricks.access-connector.yml | 4 +++- .github/workflows/avm.res.databricks.workspace.yml | 4 +++- .github/workflows/avm.res.db-for-my-sql.flexible-server.yml | 4 +++- .../avm.res.db-for-postgre-sql.flexible-server.yml | 4 +++- .../avm.res.desktop-virtualization.application-group.yml | 4 +++- .../avm.res.desktop-virtualization.scaling-plan.yml | 4 +++- .github/workflows/avm.res.document-db.database-account.yml | 4 +++- .github/workflows/avm.res.event-grid.domain.yml | 4 +++- .github/workflows/avm.res.event-grid.system-topic.yml | 4 +++- .github/workflows/avm.res.event-grid.topic.yml | 4 +++- .github/workflows/avm.res.health-bot.health-bot.yml | 4 +++- .github/workflows/avm.res.insights.action-group.yml | 4 +++- .github/workflows/avm.res.insights.activity-log-alert.yml | 4 +++- .github/workflows/avm.res.insights.component.yml | 4 +++- .../workflows/avm.res.insights.data-collection-endpoint.yml | 4 +++- .github/workflows/avm.res.insights.data-collection-rule.yml | 4 +++- .github/workflows/avm.res.insights.diagnostic-setting.yml | 4 +++- .github/workflows/avm.res.insights.metric-alert.yml | 4 +++- .github/workflows/avm.res.insights.scheduled-query-rule.yml | 4 +++- .github/workflows/avm.res.insights.webtest.yml | 4 +++- .github/workflows/avm.res.key-vault.vault.yml | 4 +++- .../avm.res.kubernetes-configuration.extension.yml | 4 +++- .../avm.res.kubernetes-configuration.flux-configuration.yml | 4 +++- .github/workflows/avm.res.logic.workflow.yml | 4 +++- .../avm.res.maintenance.maintenance-configuration.yml | 4 +++- .../avm.res.managed-identity.user-assigned-identity.yml | 4 +++- .github/workflows/avm.res.net-app.net-app-account.yml | 4 +++- .../avm.res.network.application-security-group.yml | 4 +++- .github/workflows/avm.res.network.bastion-host.yml | 4 +++- .github/workflows/avm.res.network.connection.yml | 4 +++- .github/workflows/avm.res.network.ddos-protection-plan.yml | 4 +++- .../workflows/avm.res.network.dns-forwarding-ruleset.yml | 4 +++- .github/workflows/avm.res.network.dns-resolver.yml | 4 +++- .github/workflows/avm.res.network.dns-zone.yml | 4 +++- .github/workflows/avm.res.network.express-route-circuit.yml | 4 +++- .github/workflows/avm.res.network.express-route-gateway.yml | 4 +++- .github/workflows/avm.res.network.firewall-policy.yml | 4 +++- ...s.network.front-door-web-application-firewall-policy.yml | 4 +++- .github/workflows/avm.res.network.front-door.yml | 4 +++- .github/workflows/avm.res.network.load-balancer.yml | 4 +++- .github/workflows/avm.res.network.local-network-gateway.yml | 4 +++- .github/workflows/avm.res.network.nat-gateway.yml | 6 ++++-- .github/workflows/avm.res.network.network-interface.yml | 4 +++- .../workflows/avm.res.network.network-security-group.yml | 4 +++- .github/workflows/avm.res.network.private-dns-zone.yml | 4 +++- .github/workflows/avm.res.network.private-endpoint.yml | 4 +++- .github/workflows/avm.res.network.public-ip-address.yml | 1 - .github/workflows/avm.res.network.public-ip-prefix.yml | 4 +++- .github/workflows/avm.res.network.route-table.yml | 4 +++- .github/workflows/avm.res.network.trafficmanagerprofile.yml | 4 +++- .../workflows/avm.res.network.virtual-network-gateway.yml | 4 +++- .github/workflows/avm.res.network.virtual-network.yml | 4 +++- .github/workflows/avm.res.network.vpn-gateway.yml | 4 +++- .github/workflows/avm.res.network.vpn-site.yml | 4 +++- .../workflows/avm.res.operational-insights.workspace.yml | 4 +++- .../workflows/avm.res.operations-management.solution.yml | 4 +++- .github/workflows/avm.res.power-bi-dedicated.capacity.yml | 4 +++- .github/workflows/avm.res.resource-graph.query.yml | 4 +++- .github/workflows/avm.res.resources.deployment-script.yml | 4 +++- .github/workflows/avm.res.resources.resource-group.yml | 4 +++- .github/workflows/avm.res.search.search-service.yml | 4 +++- .github/workflows/avm.res.service-bus.namespace.yml | 4 +++- .github/workflows/avm.res.sql.server.yml | 4 +++- .github/workflows/avm.res.storage.storage-account.yml | 4 +++- .github/workflows/avm.res.web.serverfarm.yml | 4 +++- .github/workflows/avm.res.web.site.yml | 4 +++- .github/workflows/avm.res.web.static-site.yml | 4 +++- 88 files changed, 265 insertions(+), 91 deletions(-) diff --git a/.github/workflows/avm.res.analysis-services.server.yml b/.github/workflows/avm.res.analysis-services.server.yml index 937c0646e5..d4fb75c88c 100644 --- a/.github/workflows/avm.res.analysis-services.server.yml +++ b/.github/workflows/avm.res.analysis-services.server.yml @@ -71,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.api-management.service.yml b/.github/workflows/avm.res.api-management.service.yml index 7167b2cfe5..e076b66d14 100644 --- a/.github/workflows/avm.res.api-management.service.yml +++ b/.github/workflows/avm.res.api-management.service.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.app.container-app.yml b/.github/workflows/avm.res.app.container-app.yml index ce37875211..ebe9a53b02 100644 --- a/.github/workflows/avm.res.app.container-app.yml +++ b/.github/workflows/avm.res.app.container-app.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -71,7 +70,10 @@ jobs: # Call reusable workflow # ############################## call-workflow-passing-data: - name: "Module" + name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.app.managed-environment.yml b/.github/workflows/avm.res.app.managed-environment.yml index 181cad0eb7..1abf7ed421 100644 --- a/.github/workflows/avm.res.app.managed-environment.yml +++ b/.github/workflows/avm.res.app.managed-environment.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -71,7 +70,10 @@ jobs: # Call reusable workflow # ############################## call-workflow-passing-data: - name: "Module" + name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.automation.automation-account.yml b/.github/workflows/avm.res.automation.automation-account.yml index 723678d25f..4b1c846214 100644 --- a/.github/workflows/avm.res.automation.automation-account.yml +++ b/.github/workflows/avm.res.automation.automation-account.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.batch.batch-account.yml b/.github/workflows/avm.res.batch.batch-account.yml index c273da81e1..bc2c84337b 100644 --- a/.github/workflows/avm.res.batch.batch-account.yml +++ b/.github/workflows/avm.res.batch.batch-account.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.cache.redis.yml b/.github/workflows/avm.res.cache.redis.yml index af698f3a67..27878ecb1c 100644 --- a/.github/workflows/avm.res.cache.redis.yml +++ b/.github/workflows/avm.res.cache.redis.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.cognitive-services.account.yml b/.github/workflows/avm.res.cognitive-services.account.yml index f0ccf35524..7ce13dc9e0 100644 --- a/.github/workflows/avm.res.cognitive-services.account.yml +++ b/.github/workflows/avm.res.cognitive-services.account.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.compute.availability-set.yml b/.github/workflows/avm.res.compute.availability-set.yml index ffac2bd040..954ad6d863 100644 --- a/.github/workflows/avm.res.compute.availability-set.yml +++ b/.github/workflows/avm.res.compute.availability-set.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.compute.disk-encryption-set.yml b/.github/workflows/avm.res.compute.disk-encryption-set.yml index 7cb2062e38..6ebcb587cb 100644 --- a/.github/workflows/avm.res.compute.disk-encryption-set.yml +++ b/.github/workflows/avm.res.compute.disk-encryption-set.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.compute.disk.yml b/.github/workflows/avm.res.compute.disk.yml index 655ecd505f..e7ffab5ca5 100644 --- a/.github/workflows/avm.res.compute.disk.yml +++ b/.github/workflows/avm.res.compute.disk.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.compute.gallery.yml b/.github/workflows/avm.res.compute.gallery.yml index 3b0ac41f9f..234cb2df96 100644 --- a/.github/workflows/avm.res.compute.gallery.yml +++ b/.github/workflows/avm.res.compute.gallery.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.compute.image.yml b/.github/workflows/avm.res.compute.image.yml index bd2660c54f..cb9f4a0ea8 100644 --- a/.github/workflows/avm.res.compute.image.yml +++ b/.github/workflows/avm.res.compute.image.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.compute.proximity-placement-group.yml b/.github/workflows/avm.res.compute.proximity-placement-group.yml index 4ac58ccad9..d5c7c38252 100644 --- a/.github/workflows/avm.res.compute.proximity-placement-group.yml +++ b/.github/workflows/avm.res.compute.proximity-placement-group.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.compute.ssh-public-key.yml b/.github/workflows/avm.res.compute.ssh-public-key.yml index 29ce626d08..b4a494abaf 100644 --- a/.github/workflows/avm.res.compute.ssh-public-key.yml +++ b/.github/workflows/avm.res.compute.ssh-public-key.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.compute.virtual-machine.yml b/.github/workflows/avm.res.compute.virtual-machine.yml index 7127a3fdd8..5e831a9034 100644 --- a/.github/workflows/avm.res.compute.virtual-machine.yml +++ b/.github/workflows/avm.res.compute.virtual-machine.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.consumption.budget.yml b/.github/workflows/avm.res.consumption.budget.yml index 8ac628e2ab..f93a5da2d3 100644 --- a/.github/workflows/avm.res.consumption.budget.yml +++ b/.github/workflows/avm.res.consumption.budget.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.container-registry.registry.yml b/.github/workflows/avm.res.container-registry.registry.yml index efae26aaed..d7e65d9705 100644 --- a/.github/workflows/avm.res.container-registry.registry.yml +++ b/.github/workflows/avm.res.container-registry.registry.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.container-service.managed-cluster.yml b/.github/workflows/avm.res.container-service.managed-cluster.yml index a2eb2dd467..d2ab01232f 100644 --- a/.github/workflows/avm.res.container-service.managed-cluster.yml +++ b/.github/workflows/avm.res.container-service.managed-cluster.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -71,7 +70,10 @@ jobs: # Call reusable workflow # ############################## call-workflow-passing-data: - name: "Module" + name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.data-factory.factory.yml b/.github/workflows/avm.res.data-factory.factory.yml index 1573643157..ce1f6e6402 100644 --- a/.github/workflows/avm.res.data-factory.factory.yml +++ b/.github/workflows/avm.res.data-factory.factory.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.data-protection.backup-vault.yml b/.github/workflows/avm.res.data-protection.backup-vault.yml index 2daff5bff2..4f43ab3885 100644 --- a/.github/workflows/avm.res.data-protection.backup-vault.yml +++ b/.github/workflows/avm.res.data-protection.backup-vault.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.databricks.access-connector.yml b/.github/workflows/avm.res.databricks.access-connector.yml index 95371deef7..5b672a4384 100644 --- a/.github/workflows/avm.res.databricks.access-connector.yml +++ b/.github/workflows/avm.res.databricks.access-connector.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.databricks.workspace.yml b/.github/workflows/avm.res.databricks.workspace.yml index acc3945634..e9a182ba0f 100644 --- a/.github/workflows/avm.res.databricks.workspace.yml +++ b/.github/workflows/avm.res.databricks.workspace.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.db-for-my-sql.flexible-server.yml b/.github/workflows/avm.res.db-for-my-sql.flexible-server.yml index de2784a190..67f321a9de 100644 --- a/.github/workflows/avm.res.db-for-my-sql.flexible-server.yml +++ b/.github/workflows/avm.res.db-for-my-sql.flexible-server.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.db-for-postgre-sql.flexible-server.yml b/.github/workflows/avm.res.db-for-postgre-sql.flexible-server.yml index 5ceb5ec41a..95e584231b 100644 --- a/.github/workflows/avm.res.db-for-postgre-sql.flexible-server.yml +++ b/.github/workflows/avm.res.db-for-postgre-sql.flexible-server.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.desktop-virtualization.application-group.yml b/.github/workflows/avm.res.desktop-virtualization.application-group.yml index b3e2624566..f3392cacf2 100644 --- a/.github/workflows/avm.res.desktop-virtualization.application-group.yml +++ b/.github/workflows/avm.res.desktop-virtualization.application-group.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.desktop-virtualization.scaling-plan.yml b/.github/workflows/avm.res.desktop-virtualization.scaling-plan.yml index f6bd3f9be4..de7552a17a 100644 --- a/.github/workflows/avm.res.desktop-virtualization.scaling-plan.yml +++ b/.github/workflows/avm.res.desktop-virtualization.scaling-plan.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.document-db.database-account.yml b/.github/workflows/avm.res.document-db.database-account.yml index 4f407adf88..9ddf9963a7 100644 --- a/.github/workflows/avm.res.document-db.database-account.yml +++ b/.github/workflows/avm.res.document-db.database-account.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.event-grid.domain.yml b/.github/workflows/avm.res.event-grid.domain.yml index 1536a406b7..805d86382a 100644 --- a/.github/workflows/avm.res.event-grid.domain.yml +++ b/.github/workflows/avm.res.event-grid.domain.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.event-grid.system-topic.yml b/.github/workflows/avm.res.event-grid.system-topic.yml index 30fcb4ee9c..4098fe7bb3 100644 --- a/.github/workflows/avm.res.event-grid.system-topic.yml +++ b/.github/workflows/avm.res.event-grid.system-topic.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.event-grid.topic.yml b/.github/workflows/avm.res.event-grid.topic.yml index dc16b2a7a5..4a698ff8d4 100644 --- a/.github/workflows/avm.res.event-grid.topic.yml +++ b/.github/workflows/avm.res.event-grid.topic.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.health-bot.health-bot.yml b/.github/workflows/avm.res.health-bot.health-bot.yml index 292d0b255e..fbe7dd559c 100644 --- a/.github/workflows/avm.res.health-bot.health-bot.yml +++ b/.github/workflows/avm.res.health-bot.health-bot.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.insights.action-group.yml b/.github/workflows/avm.res.insights.action-group.yml index dc40921b56..de5630285f 100644 --- a/.github/workflows/avm.res.insights.action-group.yml +++ b/.github/workflows/avm.res.insights.action-group.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.insights.activity-log-alert.yml b/.github/workflows/avm.res.insights.activity-log-alert.yml index fe2d36215f..dc088352d5 100644 --- a/.github/workflows/avm.res.insights.activity-log-alert.yml +++ b/.github/workflows/avm.res.insights.activity-log-alert.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.insights.component.yml b/.github/workflows/avm.res.insights.component.yml index bd2778fa42..877f4d4440 100644 --- a/.github/workflows/avm.res.insights.component.yml +++ b/.github/workflows/avm.res.insights.component.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.insights.data-collection-endpoint.yml b/.github/workflows/avm.res.insights.data-collection-endpoint.yml index b3c882c92b..11af5da538 100644 --- a/.github/workflows/avm.res.insights.data-collection-endpoint.yml +++ b/.github/workflows/avm.res.insights.data-collection-endpoint.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.insights.data-collection-rule.yml b/.github/workflows/avm.res.insights.data-collection-rule.yml index 690bfad44e..4e1a5ba34f 100644 --- a/.github/workflows/avm.res.insights.data-collection-rule.yml +++ b/.github/workflows/avm.res.insights.data-collection-rule.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.insights.diagnostic-setting.yml b/.github/workflows/avm.res.insights.diagnostic-setting.yml index d2cb23c00a..04a17f3706 100644 --- a/.github/workflows/avm.res.insights.diagnostic-setting.yml +++ b/.github/workflows/avm.res.insights.diagnostic-setting.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.insights.metric-alert.yml b/.github/workflows/avm.res.insights.metric-alert.yml index 53bc687320..7b45d7709c 100644 --- a/.github/workflows/avm.res.insights.metric-alert.yml +++ b/.github/workflows/avm.res.insights.metric-alert.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.insights.scheduled-query-rule.yml b/.github/workflows/avm.res.insights.scheduled-query-rule.yml index 1acc4275e0..95f4e28d9f 100644 --- a/.github/workflows/avm.res.insights.scheduled-query-rule.yml +++ b/.github/workflows/avm.res.insights.scheduled-query-rule.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.insights.webtest.yml b/.github/workflows/avm.res.insights.webtest.yml index f7060f7144..169f66747e 100644 --- a/.github/workflows/avm.res.insights.webtest.yml +++ b/.github/workflows/avm.res.insights.webtest.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.key-vault.vault.yml b/.github/workflows/avm.res.key-vault.vault.yml index 489f216068..35c2a196ca 100644 --- a/.github/workflows/avm.res.key-vault.vault.yml +++ b/.github/workflows/avm.res.key-vault.vault.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.kubernetes-configuration.extension.yml b/.github/workflows/avm.res.kubernetes-configuration.extension.yml index 7130c14889..255370b8c4 100644 --- a/.github/workflows/avm.res.kubernetes-configuration.extension.yml +++ b/.github/workflows/avm.res.kubernetes-configuration.extension.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.kubernetes-configuration.flux-configuration.yml b/.github/workflows/avm.res.kubernetes-configuration.flux-configuration.yml index 3fbff8c764..e00e543251 100644 --- a/.github/workflows/avm.res.kubernetes-configuration.flux-configuration.yml +++ b/.github/workflows/avm.res.kubernetes-configuration.flux-configuration.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.logic.workflow.yml b/.github/workflows/avm.res.logic.workflow.yml index 3ab29fde16..c5c823eb5e 100644 --- a/.github/workflows/avm.res.logic.workflow.yml +++ b/.github/workflows/avm.res.logic.workflow.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.maintenance.maintenance-configuration.yml b/.github/workflows/avm.res.maintenance.maintenance-configuration.yml index e832984ac4..9ba597eb51 100644 --- a/.github/workflows/avm.res.maintenance.maintenance-configuration.yml +++ b/.github/workflows/avm.res.maintenance.maintenance-configuration.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.managed-identity.user-assigned-identity.yml b/.github/workflows/avm.res.managed-identity.user-assigned-identity.yml index e8a11686d4..4c953bb184 100644 --- a/.github/workflows/avm.res.managed-identity.user-assigned-identity.yml +++ b/.github/workflows/avm.res.managed-identity.user-assigned-identity.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.net-app.net-app-account.yml b/.github/workflows/avm.res.net-app.net-app-account.yml index 8eabd526d2..983aa5bf30 100644 --- a/.github/workflows/avm.res.net-app.net-app-account.yml +++ b/.github/workflows/avm.res.net-app.net-app-account.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.application-security-group.yml b/.github/workflows/avm.res.network.application-security-group.yml index 249d5e6934..c4cad4cf66 100644 --- a/.github/workflows/avm.res.network.application-security-group.yml +++ b/.github/workflows/avm.res.network.application-security-group.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.bastion-host.yml b/.github/workflows/avm.res.network.bastion-host.yml index 26845eb1e7..6dd2ecf7cf 100644 --- a/.github/workflows/avm.res.network.bastion-host.yml +++ b/.github/workflows/avm.res.network.bastion-host.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.connection.yml b/.github/workflows/avm.res.network.connection.yml index 30739b985b..4c7108516f 100644 --- a/.github/workflows/avm.res.network.connection.yml +++ b/.github/workflows/avm.res.network.connection.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.ddos-protection-plan.yml b/.github/workflows/avm.res.network.ddos-protection-plan.yml index 16865930a0..6007a83daf 100644 --- a/.github/workflows/avm.res.network.ddos-protection-plan.yml +++ b/.github/workflows/avm.res.network.ddos-protection-plan.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.dns-forwarding-ruleset.yml b/.github/workflows/avm.res.network.dns-forwarding-ruleset.yml index 6af4d63f36..14831d3af5 100644 --- a/.github/workflows/avm.res.network.dns-forwarding-ruleset.yml +++ b/.github/workflows/avm.res.network.dns-forwarding-ruleset.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.dns-resolver.yml b/.github/workflows/avm.res.network.dns-resolver.yml index 0876340400..00ade7479a 100644 --- a/.github/workflows/avm.res.network.dns-resolver.yml +++ b/.github/workflows/avm.res.network.dns-resolver.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.dns-zone.yml b/.github/workflows/avm.res.network.dns-zone.yml index 2f61dd3e20..4249d6a6bb 100644 --- a/.github/workflows/avm.res.network.dns-zone.yml +++ b/.github/workflows/avm.res.network.dns-zone.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.express-route-circuit.yml b/.github/workflows/avm.res.network.express-route-circuit.yml index 4f8773ba12..05a6f9a77a 100644 --- a/.github/workflows/avm.res.network.express-route-circuit.yml +++ b/.github/workflows/avm.res.network.express-route-circuit.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.express-route-gateway.yml b/.github/workflows/avm.res.network.express-route-gateway.yml index e5a6b555ed..32ee0d53fd 100644 --- a/.github/workflows/avm.res.network.express-route-gateway.yml +++ b/.github/workflows/avm.res.network.express-route-gateway.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.firewall-policy.yml b/.github/workflows/avm.res.network.firewall-policy.yml index 5279706f7b..297f00f196 100644 --- a/.github/workflows/avm.res.network.firewall-policy.yml +++ b/.github/workflows/avm.res.network.firewall-policy.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.front-door-web-application-firewall-policy.yml b/.github/workflows/avm.res.network.front-door-web-application-firewall-policy.yml index b060d5bbd2..cce205fd07 100644 --- a/.github/workflows/avm.res.network.front-door-web-application-firewall-policy.yml +++ b/.github/workflows/avm.res.network.front-door-web-application-firewall-policy.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.front-door.yml b/.github/workflows/avm.res.network.front-door.yml index 1e5d911076..7e9c2b065c 100644 --- a/.github/workflows/avm.res.network.front-door.yml +++ b/.github/workflows/avm.res.network.front-door.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.load-balancer.yml b/.github/workflows/avm.res.network.load-balancer.yml index 8372a46550..b7b9c2c9e7 100644 --- a/.github/workflows/avm.res.network.load-balancer.yml +++ b/.github/workflows/avm.res.network.load-balancer.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.local-network-gateway.yml b/.github/workflows/avm.res.network.local-network-gateway.yml index 308c94c182..7a5d795615 100644 --- a/.github/workflows/avm.res.network.local-network-gateway.yml +++ b/.github/workflows/avm.res.network.local-network-gateway.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.nat-gateway.yml b/.github/workflows/avm.res.network.nat-gateway.yml index 492c3f09d1..ae2862141e 100644 --- a/.github/workflows/avm.res.network.nat-gateway.yml +++ b/.github/workflows/avm.res.network.nat-gateway.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -71,7 +70,10 @@ jobs: # Call reusable workflow # ############################## call-workflow-passing-data: - name: "Module" + name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.network-interface.yml b/.github/workflows/avm.res.network.network-interface.yml index 990716e4ce..39687b1d28 100644 --- a/.github/workflows/avm.res.network.network-interface.yml +++ b/.github/workflows/avm.res.network.network-interface.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.network-security-group.yml b/.github/workflows/avm.res.network.network-security-group.yml index 37f10e3260..bb8af63b9b 100644 --- a/.github/workflows/avm.res.network.network-security-group.yml +++ b/.github/workflows/avm.res.network.network-security-group.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.private-dns-zone.yml b/.github/workflows/avm.res.network.private-dns-zone.yml index f676fe1d85..767024712f 100644 --- a/.github/workflows/avm.res.network.private-dns-zone.yml +++ b/.github/workflows/avm.res.network.private-dns-zone.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.private-endpoint.yml b/.github/workflows/avm.res.network.private-endpoint.yml index 26342bef74..e833da872f 100644 --- a/.github/workflows/avm.res.network.private-endpoint.yml +++ b/.github/workflows/avm.res.network.private-endpoint.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.public-ip-address.yml b/.github/workflows/avm.res.network.public-ip-address.yml index 823f4916af..2bdc24293d 100644 --- a/.github/workflows/avm.res.network.public-ip-address.yml +++ b/.github/workflows/avm.res.network.public-ip-address.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main diff --git a/.github/workflows/avm.res.network.public-ip-prefix.yml b/.github/workflows/avm.res.network.public-ip-prefix.yml index dda5497914..862a95a251 100644 --- a/.github/workflows/avm.res.network.public-ip-prefix.yml +++ b/.github/workflows/avm.res.network.public-ip-prefix.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.route-table.yml b/.github/workflows/avm.res.network.route-table.yml index 3008e69f13..d287d86799 100644 --- a/.github/workflows/avm.res.network.route-table.yml +++ b/.github/workflows/avm.res.network.route-table.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.trafficmanagerprofile.yml b/.github/workflows/avm.res.network.trafficmanagerprofile.yml index ffbde12777..9cdaa3afdd 100644 --- a/.github/workflows/avm.res.network.trafficmanagerprofile.yml +++ b/.github/workflows/avm.res.network.trafficmanagerprofile.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.virtual-network-gateway.yml b/.github/workflows/avm.res.network.virtual-network-gateway.yml index 6090d0ccce..f72cd8ec3b 100644 --- a/.github/workflows/avm.res.network.virtual-network-gateway.yml +++ b/.github/workflows/avm.res.network.virtual-network-gateway.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.virtual-network.yml b/.github/workflows/avm.res.network.virtual-network.yml index d4135cfeee..5162d2e3dd 100644 --- a/.github/workflows/avm.res.network.virtual-network.yml +++ b/.github/workflows/avm.res.network.virtual-network.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.vpn-gateway.yml b/.github/workflows/avm.res.network.vpn-gateway.yml index 9b830e2feb..7d38ba8802 100644 --- a/.github/workflows/avm.res.network.vpn-gateway.yml +++ b/.github/workflows/avm.res.network.vpn-gateway.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.network.vpn-site.yml b/.github/workflows/avm.res.network.vpn-site.yml index d6590ba2c6..b80c8d13f8 100644 --- a/.github/workflows/avm.res.network.vpn-site.yml +++ b/.github/workflows/avm.res.network.vpn-site.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.operational-insights.workspace.yml b/.github/workflows/avm.res.operational-insights.workspace.yml index 9b1d0c0d95..3eff0bc498 100644 --- a/.github/workflows/avm.res.operational-insights.workspace.yml +++ b/.github/workflows/avm.res.operational-insights.workspace.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.operations-management.solution.yml b/.github/workflows/avm.res.operations-management.solution.yml index 269a392869..29224ff36f 100644 --- a/.github/workflows/avm.res.operations-management.solution.yml +++ b/.github/workflows/avm.res.operations-management.solution.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.power-bi-dedicated.capacity.yml b/.github/workflows/avm.res.power-bi-dedicated.capacity.yml index 55da3cefa0..23fcce45cc 100644 --- a/.github/workflows/avm.res.power-bi-dedicated.capacity.yml +++ b/.github/workflows/avm.res.power-bi-dedicated.capacity.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.resource-graph.query.yml b/.github/workflows/avm.res.resource-graph.query.yml index f4616927ea..3a4d5a2c9b 100644 --- a/.github/workflows/avm.res.resource-graph.query.yml +++ b/.github/workflows/avm.res.resource-graph.query.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.resources.deployment-script.yml b/.github/workflows/avm.res.resources.deployment-script.yml index 87ebb210d8..1169625faa 100644 --- a/.github/workflows/avm.res.resources.deployment-script.yml +++ b/.github/workflows/avm.res.resources.deployment-script.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.resources.resource-group.yml b/.github/workflows/avm.res.resources.resource-group.yml index 9c0d5f1f89..aeededb915 100644 --- a/.github/workflows/avm.res.resources.resource-group.yml +++ b/.github/workflows/avm.res.resources.resource-group.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.search.search-service.yml b/.github/workflows/avm.res.search.search-service.yml index b71d10cdfd..6b6139d7ee 100644 --- a/.github/workflows/avm.res.search.search-service.yml +++ b/.github/workflows/avm.res.search.search-service.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.service-bus.namespace.yml b/.github/workflows/avm.res.service-bus.namespace.yml index d3dd45d9ec..3fb712c511 100644 --- a/.github/workflows/avm.res.service-bus.namespace.yml +++ b/.github/workflows/avm.res.service-bus.namespace.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.sql.server.yml b/.github/workflows/avm.res.sql.server.yml index 860972c5f8..af8118e4a7 100644 --- a/.github/workflows/avm.res.sql.server.yml +++ b/.github/workflows/avm.res.sql.server.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.storage.storage-account.yml b/.github/workflows/avm.res.storage.storage-account.yml index d6c72b0bdd..3b39de874a 100644 --- a/.github/workflows/avm.res.storage.storage-account.yml +++ b/.github/workflows/avm.res.storage.storage-account.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.web.serverfarm.yml b/.github/workflows/avm.res.web.serverfarm.yml index eccac95c47..18071040a0 100644 --- a/.github/workflows/avm.res.web.serverfarm.yml +++ b/.github/workflows/avm.res.web.serverfarm.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.web.site.yml b/.github/workflows/avm.res.web.site.yml index 20395f7a61..05714787a4 100644 --- a/.github/workflows/avm.res.web.site.yml +++ b/.github/workflows/avm.res.web.site.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml diff --git a/.github/workflows/avm.res.web.static-site.yml b/.github/workflows/avm.res.web.static-site.yml index 71c245fd0f..e55d55bcfc 100644 --- a/.github/workflows/avm.res.web.static-site.yml +++ b/.github/workflows/avm.res.web.static-site.yml @@ -20,7 +20,6 @@ on: description: "Remove deployed module" required: false default: true - push: branches: - main @@ -72,6 +71,9 @@ jobs: ############################## call-workflow-passing-data: name: "Run" + permissions: + id-token: write # For OIDC + contents: write # For release tags needs: - job_initialize_pipeline uses: ./.github/workflows/avm.template.module.yml From 8c8df38f6acc6a9a16fbbb894adc2351429c1936 Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Sun, 4 Feb 2024 16:46:28 +0100 Subject: [PATCH 7/8] temp test on push --- .github/workflows/avm.res.network.public-ip-address.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/avm.res.network.public-ip-address.yml b/.github/workflows/avm.res.network.public-ip-address.yml index 2bdc24293d..8e2b5a5012 100644 --- a/.github/workflows/avm.res.network.public-ip-address.yml +++ b/.github/workflows/avm.res.network.public-ip-address.yml @@ -23,6 +23,7 @@ on: push: branches: - main + - fix/eriqua/gh-token paths: - ".github/actions/templates/avm-**" - ".github/workflows/avm.template.module.yml" From fd89a8773ccdc63b1008a03a2d2e8132e8f86aa4 Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Sun, 4 Feb 2024 16:49:11 +0100 Subject: [PATCH 8/8] cleanup --- .github/workflows/avm.res.network.public-ip-address.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/avm.res.network.public-ip-address.yml b/.github/workflows/avm.res.network.public-ip-address.yml index 8e2b5a5012..2bdc24293d 100644 --- a/.github/workflows/avm.res.network.public-ip-address.yml +++ b/.github/workflows/avm.res.network.public-ip-address.yml @@ -23,7 +23,6 @@ on: push: branches: - main - - fix/eriqua/gh-token paths: - ".github/actions/templates/avm-**" - ".github/workflows/avm.template.module.yml"