Add permissions block to workflow

aeisenberg · aeisenberg · commit 06d4e82bd276 · 2022-05-02T12:01:19.000-07:00
diff --git a/.github/workflows/update-required-checks.yml b/.github/workflows/update-required-checks.yml
@@ -22,13 +22,15 @@ jobs:
       run: echo "$GITHUB_CONTEXT"
 
     - name: Update checks
+      env:
+        GITHUB_TOKEN: "${{ secrets.CODEQL_CI_TOKEN }}"
       run: |
         # Update the required checks based on the current branch.
         # Typically, this will be main.
         echo "Getting checks for $GITHUB_SHA"
 
         # Ignore any checks with "https://", CodeQL, LGTM, and Update checks.
-        CHECKS="$(gh api repos/github/codeql-action/commits/${GITHUB_SHA}/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or contains("Update") | not)] | sort')"
+        CHECKS="$(gh api repos/github/codeql-action/commits/${GITHUB_SHA}/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or contains("Update") or contains("update-") | not)] | sort')"
 
         echo "::group::New Checks"
         echo "$CHECKS" | jq
