fix systemd workflow during release

job level permissions were overriding global permissions and that was the reason it was failing. Signed-off-by: kranurag7 <[email protected]>
kubearmor · Apr 30, 2024 · 007b6ea · 007b6ea
1 parent 2e870f4
commit 007b6ea
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 8 deletions.
diff --git a/.github/workflows/ci-systemd-release.yml b/.github/workflows/ci-systemd-release.yml
@@ -5,17 +5,13 @@ on:
     tags:
       - "*"
 
-# Declare default permissions as read only.
-permissions:
-  id-token: write # requires for cosign keyless signing
-  contents: write # requires for goreleaser to write to GitHub release
-
 jobs:
   goreleaser:
     runs-on: ubuntu-20.04
     if: github.repository == 'kubearmor/kubearmor'
     permissions:
-      contents: write
+      id-token: write # requires for cosign keyless signing
+      contents: write # requires for goreleaser to write to GitHub release
     steps:
       - uses: actions/checkout@v3
         with:

diff --git a/KubeArmor/.goreleaser.yaml b/KubeArmor/.goreleaser.yaml
@@ -14,8 +14,6 @@ signs:
     certificate: '${artifact}.cert'
     args:
       - sign-blob
-      - '--oidc-issuer=https://token.actions.githubusercontent.com'
-      - '--oidc-provider=github-actions'
       - '--output-certificate=${certificate}' 
       - '--output-signature=${signature}'
       - '${artifact}'