ci: fix permissions for release-publish pipeline

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2025-01-29 19:24:17 +01:00
parent 6c7f901220
commit af0a314e0b
1 changed files with 6 additions and 0 deletions
--- a/.github/workflows/release-publish.yml
+++ b/.github/workflows/release-publish.yml
@ -9,6 +9,12 @@ jobs:
  build-server:
    uses: ./.github/workflows/_reusable-docker-build.yaml
    secrets: inherit
+    permissions:
+      # Needed to upload container images to ghcr.io
+      packages: write
+      # Needed for attestation
+      id-token: write
+      attestations: write
    with:
      image_name: ghcr.io/goauthentik/server,beryju/authentik
      release: true