From 0ebc2a746be415324f9adea30a05005763def0b1 Mon Sep 17 00:00:00 2001
From: Brendan <b.oconnell14@gmail.com>
Date: Wed, 14 Feb 2024 01:19:12 +0000
Subject: [PATCH] Add id-token=write permission, for Depot.dev connection

---
 .github/workflows/nightly.yml | 5 +++++
 .github/workflows/release.yml | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
index 2f4bb30a6a63..e6501305f384 100644
--- a/.github/workflows/nightly.yml
+++ b/.github/workflows/nightly.yml
@@ -22,6 +22,11 @@ jobs:
     permissions:
       contents: read
       packages: write
+      # The id-token write permission is needed to connect to Depot.dev
+      # as part of the partial-builder.yml action. It needs to be declared
+      # in the parent action, as noted here:
+      # https://github.com/orgs/community/discussions/76409#discussioncomment-8131390
+      id-token: write
     name: Build Tagged Release
     uses: ./.github/workflows/partial-builder.yml
     needs:
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 8417fff333b7..817ba3e8c14e 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -17,6 +17,11 @@ jobs:
     permissions:
       contents: read
       packages: write
+      # The id-token write permission is needed to connect to Depot.dev
+      # as part of the partial-builder.yml action. It needs to be declared
+      # in the parent action, as noted here:
+      # https://github.com/orgs/community/discussions/76409#discussioncomment-8131390
+      id-token: write
     name: Build Tagged Release
     uses: ./.github/workflows/partial-builder.yml
     needs: