Add permissions block to workflow

github · aeisenberg · May 2, 2022 · May 2, 2022 · May 2, 2022 · 06d4e82bd27643a253ce347ed90b34c283c69b1e
commit 06d4e82bd27643a253ce347ed90b34c283c69b1e
@@ -22,13 +22,15 @@ jobs:
       run: echo "$GITHUB_CONTEXT"
 
     - name: Update checks
+      env:
+        GITHUB_TOKEN: "${{ secrets.CODEQL_CI_TOKEN }}"
       run: |
         # Update the required checks based on the current branch.
         # Typically, this will be main.
         echo "Getting checks for $GITHUB_SHA"
 
         # Ignore any checks with "https://", CodeQL, LGTM, and Update checks.
-        CHECKS="$(gh api repos/github/codeql-action/commits/${GITHUB_SHA}/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or contains("Update") | not)] | sort')"
+        CHECKS="$(gh api repos/github/codeql-action/commits/${GITHUB_SHA}/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or contains("Update") or contains("update-") | not)] | sort')"
 
         echo "::group::New Checks"
         echo "$CHECKS" | jq