From 90b6c926e7c64547b4b49b7613920d222c9736f0 Mon Sep 17 00:00:00 2001 From: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com> Date: Mon, 30 Aug 2021 10:38:48 +0200 Subject: [PATCH 01/15] Update workflow-commands-for-github-actions.md --- .../actions/reference/workflow-commands-for-github-actions.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md index 53eda7e544..28fec0be85 100644 --- a/content/actions/reference/workflow-commands-for-github-actions.md +++ b/content/actions/reference/workflow-commands-for-github-actions.md @@ -213,7 +213,7 @@ Stops processing any workflow commands. This special command allows you to log a ### Example stopping workflow commands ``` bash -echo "::stop-commands::pause-logging" +echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" ``` To start workflow commands, pass the token that you used to stop workflow commands. @@ -223,7 +223,7 @@ To start workflow commands, pass the token that you used to stop workflow comman ### Example starting workflow commands ``` bash -echo "::pause-logging::" +echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" ``` ## Sending values to the pre and post actions From bd044ac5a3f04d116c23d9a8c315e05ce1fe97d3 Mon Sep 17 00:00:00 2001 From: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com> Date: Mon, 30 Aug 2021 11:08:49 +0200 Subject: [PATCH 02/15] Update workflow-commands-for-github-actions.md --- .../actions/reference/workflow-commands-for-github-actions.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md index 28fec0be85..70665ac624 100644 --- a/content/actions/reference/workflow-commands-for-github-actions.md +++ b/content/actions/reference/workflow-commands-for-github-actions.md @@ -216,6 +216,10 @@ Stops processing any workflow commands. This special command allows you to log a echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" ``` +{% warning %} + +**Warning:** Make sure the token you're using is randomly generated and different between runs. A **hash** of your `github.token` is a good choice for this. + To start workflow commands, pass the token that you used to stop workflow commands. `::{endtoken}::` From d5c13c1157ac4579bcde89f94945f530f41bd7f5 Mon Sep 17 00:00:00 2001 From: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com> Date: Mon, 30 Aug 2021 11:18:23 +0200 Subject: [PATCH 03/15] Update workflow-commands-for-github-actions.md --- .../reference/workflow-commands-for-github-actions.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md index 70665ac624..46a49de692 100644 --- a/content/actions/reference/workflow-commands-for-github-actions.md +++ b/content/actions/reference/workflow-commands-for-github-actions.md @@ -220,12 +220,13 @@ echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" **Warning:** Make sure the token you're using is randomly generated and different between runs. A **hash** of your `github.token` is a good choice for this. -To start workflow commands, pass the token that you used to stop workflow commands. +{% endwarning %} -`::{endtoken}::` ### Example starting workflow commands +To start workflow commands, pass the token that you used to stop workflow commands. + ``` bash echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" ``` @@ -234,7 +235,7 @@ echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" You can use the `save-state` command to create environment variables for sharing with your workflow's `pre:` or `post:` actions. For example, you can create a file with the `pre:` action, pass the file location to the `main:` action, and then use the `post:` action to delete the file. Alternatively, you could create a file with the `main:` action, pass the file location to the `post:` action, and also use the `post:` action to delete the file. -If you have multiple `pre:` or `post:` actions, you can only access the saved value in the action where `save-state` was used. For more information on the `post:` action, see "[Metadata syntax for {% data variables.product.prodname_actions %}](/actions/creating-actions/metadata-syntax-for-github-actions#post)." +If you have multiple `pre:` or `post:` actions, you can only access the saved value in the action where `save-state` was used. For more information on the `post:` action, see "[Metadata syntax for data variables.product.prodname_actions %}](/actions/creating-actions/metadata-syntax-for-github-actions#post)." The `save-state` command can only be run within an action, and is not available to YAML files. The saved value is stored as an environment value with the `STATE_` prefix. From ca0fc236d538b09ad80aa0daa6b539f427815721 Mon Sep 17 00:00:00 2001 From: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com> Date: Mon, 30 Aug 2021 11:50:31 +0200 Subject: [PATCH 04/15] Update workflow-commands-for-github-actions.md --- .../actions/reference/workflow-commands-for-github-actions.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md index 46a49de692..d02c6070b7 100644 --- a/content/actions/reference/workflow-commands-for-github-actions.md +++ b/content/actions/reference/workflow-commands-for-github-actions.md @@ -212,7 +212,7 @@ Stops processing any workflow commands. This special command allows you to log a ### Example stopping workflow commands -``` bash +``` yaml echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" ``` @@ -227,7 +227,7 @@ echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" To start workflow commands, pass the token that you used to stop workflow commands. -``` bash +``` yaml echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" ``` From 5bb977abb54931fafe145a0838690012502cc937 Mon Sep 17 00:00:00 2001 From: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com> Date: Mon, 30 Aug 2021 12:16:26 +0200 Subject: [PATCH 05/15] Update workflow-commands-for-github-actions.md --- .../workflow-commands-for-github-actions.md | 29 +++++++++++-------- 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md index d02c6070b7..b48726db6d 100644 --- a/content/actions/reference/workflow-commands-for-github-actions.md +++ b/content/actions/reference/workflow-commands-for-github-actions.md @@ -210,30 +210,35 @@ echo "::add-mask::$MY_NAME" Stops processing any workflow commands. This special command allows you to log anything without accidentally running a workflow command. For example, you could stop logging to output an entire script that has comments. -### Example stopping workflow commands - -``` yaml -echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" -``` - {% warning %} **Warning:** Make sure the token you're using is randomly generated and different between runs. A **hash** of your `github.token` is a good choice for this. {% endwarning %} - -### Example starting workflow commands - To start workflow commands, pass the token that you used to stop workflow commands. -``` yaml -echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" +`::{endtoken}::` + +### Example stopping and starting workflow commands + +```yaml + workflow-command-job: + runs-on: ubuntu-latest + steps: + - name: disable workflow commands + run: | + echo '::warning:: this is a warning' + echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" + echo '::warning:: this will NOT be a warning' + echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" + echo '::warning:: this is a warning again' ``` ## Sending values to the pre and post actions -You can use the `save-state` command to create environment variables for sharing with your workflow's `pre:` or `post:` actions. For example, you can create a file with the `pre:` action, pass the file location to the `main:` action, and then use the `post:` action to delete the file. Alternatively, you could create a file with the `main:` action, pass the file location to the `post:` action, and also use the `post:` action to delete the file. +You can use the `save-state` command to create environment variables for sharing with your workflow's `pre:` or `post:` actions. For +, you can create a file with the `pre:` action, pass the file location to the `main:` action, and then use the `post:` action to delete the file. Alternatively, you could create a file with the `main:` action, pass the file location to the `post:` action, and also use the `post:` action to delete the file. If you have multiple `pre:` or `post:` actions, you can only access the saved value in the action where `save-state` was used. For more information on the `post:` action, see "[Metadata syntax for data variables.product.prodname_actions %}](/actions/creating-actions/metadata-syntax-for-github-actions#post)." From 7167d4a39f64052ca3ec4fe5aa35faee3d8c1ffc Mon Sep 17 00:00:00 2001 From: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com> Date: Mon, 30 Aug 2021 12:18:09 +0200 Subject: [PATCH 06/15] Update workflow-commands-for-github-actions.md --- .../actions/reference/workflow-commands-for-github-actions.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md index b48726db6d..6b00bf66c5 100644 --- a/content/actions/reference/workflow-commands-for-github-actions.md +++ b/content/actions/reference/workflow-commands-for-github-actions.md @@ -240,7 +240,7 @@ To start workflow commands, pass the token that you used to stop workflow comman You can use the `save-state` command to create environment variables for sharing with your workflow's `pre:` or `post:` actions. For , you can create a file with the `pre:` action, pass the file location to the `main:` action, and then use the `post:` action to delete the file. Alternatively, you could create a file with the `main:` action, pass the file location to the `post:` action, and also use the `post:` action to delete the file. -If you have multiple `pre:` or `post:` actions, you can only access the saved value in the action where `save-state` was used. For more information on the `post:` action, see "[Metadata syntax for data variables.product.prodname_actions %}](/actions/creating-actions/metadata-syntax-for-github-actions#post)." +If you have multiple `pre:` or `post:` actions, you can only access the saved value in the action where `save-state` was used. For more information on the `post:` action, see "[Metadata syntax for {% data variables.product.prodname_actions %}](/actions/creating-actions/metadata-syntax-for-github-actions#post)." The `save-state` command can only be run within an action, and is not available to YAML files. The saved value is stored as an environment value with the `STATE_` prefix. From 999381c94d9b98364db6cc899a89f85e9c310a7f Mon Sep 17 00:00:00 2001 From: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com> Date: Mon, 30 Aug 2021 12:19:07 +0200 Subject: [PATCH 07/15] Update workflow-commands-for-github-actions.md --- .../actions/reference/workflow-commands-for-github-actions.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md index 6b00bf66c5..6612f262d8 100644 --- a/content/actions/reference/workflow-commands-for-github-actions.md +++ b/content/actions/reference/workflow-commands-for-github-actions.md @@ -237,8 +237,7 @@ To start workflow commands, pass the token that you used to stop workflow comman ## Sending values to the pre and post actions -You can use the `save-state` command to create environment variables for sharing with your workflow's `pre:` or `post:` actions. For -, you can create a file with the `pre:` action, pass the file location to the `main:` action, and then use the `post:` action to delete the file. Alternatively, you could create a file with the `main:` action, pass the file location to the `post:` action, and also use the `post:` action to delete the file. +You can use the `save-state` command to create environment variables for sharing with your workflow's `pre:` or `post:` actions. For example, you can create a file with the `pre:` action, pass the file location to the `main:` action, and then use the `post:` action to delete the file. Alternatively, you could create a file with the `main:` action, pass the file location to the `post:` action, and also use the `post:` action to delete the file. If you have multiple `pre:` or `post:` actions, you can only access the saved value in the action where `save-state` was used. For more information on the `post:` action, see "[Metadata syntax for {% data variables.product.prodname_actions %}](/actions/creating-actions/metadata-syntax-for-github-actions#post)." From 3f7d31198ed20811566bd80478c4b7f8277281ba Mon Sep 17 00:00:00 2001 From: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com> Date: Mon, 30 Aug 2021 12:34:22 +0200 Subject: [PATCH 08/15] Update workflow-commands-for-github-actions.md --- .../workflow-commands-for-github-actions.md | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md index 6612f262d8..1140b44963 100644 --- a/content/actions/reference/workflow-commands-for-github-actions.md +++ b/content/actions/reference/workflow-commands-for-github-actions.md @@ -223,16 +223,16 @@ To start workflow commands, pass the token that you used to stop workflow comman ### Example stopping and starting workflow commands ```yaml - workflow-command-job: - runs-on: ubuntu-latest - steps: - - name: disable workflow commands - run: | - echo '::warning:: this is a warning' - echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" - echo '::warning:: this will NOT be a warning' - echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" - echo '::warning:: this is a warning again' +workflow-command-job: + runs-on: ubuntu-latest + steps: + - name: disable workflow commands + run: | + echo '::warning:: this is a warning' + echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" + echo '::warning:: this will NOT be a warning' + echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" + echo '::warning:: this is a warning again' ``` ## Sending values to the pre and post actions From ba237b6c2e372b2c757fe79ac08e479e9a48e2a0 Mon Sep 17 00:00:00 2001 From: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com> Date: Mon, 30 Aug 2021 12:45:50 +0200 Subject: [PATCH 09/15] Update workflow-commands-for-github-actions.md --- .../actions/reference/workflow-commands-for-github-actions.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md index 1140b44963..acb5e4607e 100644 --- a/content/actions/reference/workflow-commands-for-github-actions.md +++ b/content/actions/reference/workflow-commands-for-github-actions.md @@ -229,7 +229,7 @@ workflow-command-job: - name: disable workflow commands run: | echo '::warning:: this is a warning' - echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" + echo "::stop-commands::`echo -n ${{ notgithub.token }} | sha256sum | head -c 64`" echo '::warning:: this will NOT be a warning' echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" echo '::warning:: this is a warning again' From 8c5c91ed455b9d053ccd3fc28cb3e6ba8621530f Mon Sep 17 00:00:00 2001 From: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com> Date: Mon, 30 Aug 2021 12:46:19 +0200 Subject: [PATCH 10/15] Update workflow-commands-for-github-actions.md --- .../actions/reference/workflow-commands-for-github-actions.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md index acb5e4607e..c3136eb852 100644 --- a/content/actions/reference/workflow-commands-for-github-actions.md +++ b/content/actions/reference/workflow-commands-for-github-actions.md @@ -231,7 +231,7 @@ workflow-command-job: echo '::warning:: this is a warning' echo "::stop-commands::`echo -n ${{ notgithub.token }} | sha256sum | head -c 64`" echo '::warning:: this will NOT be a warning' - echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" + echo "::`echo -n ${{ something.else }} | sha256sum | head -c 64`::" echo '::warning:: this is a warning again' ``` From 43eb535a46c4911908291899f34d8f551b55cfa2 Mon Sep 17 00:00:00 2001 From: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com> Date: Mon, 30 Aug 2021 13:13:53 +0200 Subject: [PATCH 11/15] Update workflow-commands-for-github-actions.md --- .../reference/workflow-commands-for-github-actions.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md index c3136eb852..91d32bd493 100644 --- a/content/actions/reference/workflow-commands-for-github-actions.md +++ b/content/actions/reference/workflow-commands-for-github-actions.md @@ -222,6 +222,8 @@ To start workflow commands, pass the token that you used to stop workflow comman ### Example stopping and starting workflow commands +{% raw %} + ```yaml workflow-command-job: runs-on: ubuntu-latest @@ -229,12 +231,14 @@ workflow-command-job: - name: disable workflow commands run: | echo '::warning:: this is a warning' - echo "::stop-commands::`echo -n ${{ notgithub.token }} | sha256sum | head -c 64`" + echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" echo '::warning:: this will NOT be a warning' - echo "::`echo -n ${{ something.else }} | sha256sum | head -c 64`::" + echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" echo '::warning:: this is a warning again' ``` +{% endraw %} + ## Sending values to the pre and post actions You can use the `save-state` command to create environment variables for sharing with your workflow's `pre:` or `post:` actions. For example, you can create a file with the `pre:` action, pass the file location to the `main:` action, and then use the `post:` action to delete the file. Alternatively, you could create a file with the `main:` action, pass the file location to the `post:` action, and also use the `post:` action to delete the file. From 6479a7ffa6f3819c65dffd2bb4fcb48fdcbd3e26 Mon Sep 17 00:00:00 2001 From: Martin Lopes Date: Thu, 9 Sep 2021 16:09:29 +1000 Subject: [PATCH 12/15] Updated YAML syntax --- .../workflow-commands-for-github-actions.md | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md index 91d32bd493..c7d864fb37 100644 --- a/content/actions/reference/workflow-commands-for-github-actions.md +++ b/content/actions/reference/workflow-commands-for-github-actions.md @@ -225,16 +225,17 @@ To start workflow commands, pass the token that you used to stop workflow comman {% raw %} ```yaml -workflow-command-job: +jobs: + workflow-command-job: runs-on: ubuntu-latest steps: - - name: disable workflow commands - run: | - echo '::warning:: this is a warning' - echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" - echo '::warning:: this will NOT be a warning' - echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" - echo '::warning:: this is a warning again' + - name: disable workflow commands + run: | + echo '::warning:: this is a warning' + echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" + echo '::warning:: this will NOT be a warning' + echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" + echo '::warning:: this is a warning again' ``` {% endraw %} From 0c74c4b9b2e762828e07b8ed40b8f77a16050246 Mon Sep 17 00:00:00 2001 From: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com> Date: Thu, 9 Sep 2021 09:51:22 +0200 Subject: [PATCH 13/15] Update content/actions/reference/workflow-commands-for-github-actions.md Co-authored-by: Martin Lopes --- .../actions/reference/workflow-commands-for-github-actions.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md index c7d864fb37..ba1c61534b 100644 --- a/content/actions/reference/workflow-commands-for-github-actions.md +++ b/content/actions/reference/workflow-commands-for-github-actions.md @@ -212,7 +212,7 @@ Stops processing any workflow commands. This special command allows you to log a {% warning %} -**Warning:** Make sure the token you're using is randomly generated and different between runs. A **hash** of your `github.token` is a good choice for this. +**Warning:** Make sure the token you're using is randomly generated and unique for each run. As demonstrated in the example below, you can generate a unique hash of your `github.token` for each run. {% endwarning %} From f65d9ee714bc32eb31c7f5a06ccadedba451b009 Mon Sep 17 00:00:00 2001 From: Martin Lopes Date: Fri, 10 Sep 2021 08:40:58 +1000 Subject: [PATCH 14/15] Update workflow-commands-for-github-actions.md --- .../actions/reference/workflow-commands-for-github-actions.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/actions/reference/workflow-commands-for-github-actions.md b/content/actions/reference/workflow-commands-for-github-actions.md index ba1c61534b..72cf065576 100644 --- a/content/actions/reference/workflow-commands-for-github-actions.md +++ b/content/actions/reference/workflow-commands-for-github-actions.md @@ -210,14 +210,14 @@ echo "::add-mask::$MY_NAME" Stops processing any workflow commands. This special command allows you to log anything without accidentally running a workflow command. For example, you could stop logging to output an entire script that has comments. +To stop the processing of workflow commands, pass a unique token to `stop-commands`. To resume processing workflow commands, pass the same token that you used to stop workflow commands. + {% warning %} **Warning:** Make sure the token you're using is randomly generated and unique for each run. As demonstrated in the example below, you can generate a unique hash of your `github.token` for each run. {% endwarning %} -To start workflow commands, pass the token that you used to stop workflow commands. - `::{endtoken}::` ### Example stopping and starting workflow commands From 6ece37e9e4d623f3ce22556d9b8a2b69504b3dff Mon Sep 17 00:00:00 2001 From: Martin Lopes Date: Tue, 14 Sep 2021 13:21:08 +1000 Subject: [PATCH 15/15] Update authentication-in-a-workflow.md --- content/actions/reference/authentication-in-a-workflow.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/actions/reference/authentication-in-a-workflow.md b/content/actions/reference/authentication-in-a-workflow.md index ebaa65a81a..a9b3ba0796 100644 --- a/content/actions/reference/authentication-in-a-workflow.md +++ b/content/actions/reference/authentication-in-a-workflow.md @@ -19,7 +19,7 @@ shortTitle: Authentication in a workflow ## About the `GITHUB_TOKEN` secret -{% data variables.product.prodname_dotcom %} automatically creates a `GITHUB_TOKEN` secret to use in your workflow. You can use the `GITHUB_TOKEN` to authenticate in a workflow run. +At the start of each workflow run, {% data variables.product.prodname_dotcom %} automatically creates a unique `GITHUB_TOKEN` secret to use in your workflow. You can use the `GITHUB_TOKEN` to authenticate in a workflow run. When you enable {% data variables.product.prodname_actions %}, {% data variables.product.prodname_dotcom %} installs a {% data variables.product.prodname_github_app %} on your repository. The `GITHUB_TOKEN` secret is a {% data variables.product.prodname_github_app %} installation access token. You can use the installation access token to authenticate on behalf of the {% data variables.product.prodname_github_app %} installed on your repository. The token's permissions are limited to the repository that contains your workflow. For more information, see "[Permissions for the `GITHUB_TOKEN`](#permissions-for-the-github_token)."