Missing Scope in GITHUB_ACTIONS Checks

Question

Missing Scope in GITHUB_ACTIONS Checks

satellite-no opened this issue a month ago · comments

Sean commented a month ago

Is there an existing issue for this?

I have searched the existing issues

Current Behavior

Reports an error unknown permission scope "attestations" which is incorrect.

Expected Behavior

Should validate like all other scopes.

Super-Linter version

v6.4.1

Relevant log output

### Failed Workflow:

  .github/workflows/upload-deploy.yml:18:7: unknown permission scope "attestations". all available permission scopes are "actions", "checks", "contents", "deployments", "discussions", "id-token", "issues", "packages", "pages", "pull-requests", "repository-projects", "security-events", "statuses" [permissions]
     |
  18 |       attestations: read
     |       ^~~~~~~~~~~~~
  ------


### Following Workflow without attestations:
```text
Invalid workflow file: .github/workflows/upload-deploy.yml#L14
The workflow is not valid. .github/workflows/upload-deploy.yml (Line: 14, Col: 3): Error calling workflow 'org/repo/.github/workflows/lint-package-inspect.yml@b7547c86547eee07595a5f8cb0a9eed2737c7a2b'. The workflow is requesting 'attestations: read', but is only allowed 'attestations: none'.



### Steps To Reproduce

add below to `jobs` section.
```yaml
  lint-package-inspect:
    uses: ./.github/workflows/lint-package-inspect.yml
    permissions:
      actions: read
      attestations: read

Anything else?

NA

Sean · Answer 1 · Fri May 03 2024 00:39:11 GMT+0800 (China Standard Time)

Reference from upstream super-linter/super-linter#5601

Hugo van Kemenade · Answer 2 · Fri May 03 2024 01:27:09 GMT+0800 (China Standard Time)

Needed for https://github.blog/2024-05-02-introducing-artifact-attestations-now-in-public-beta/

Linda_pp · Answer 3 · Fri May 03 2024 01:38:18 GMT+0800 (China Standard Time)

This is already fixed by #418 and it will be included in the next release.