Skip to content

chore: onboard stepsecurity and apply security best practice #99

chore: onboard stepsecurity and apply security best practice

chore: onboard stepsecurity and apply security best practice #99

Triggered via pull request November 6, 2025 15:26
Status Failure
Total duration 30m 46s
Artifacts

ci.yml

on: pull_request
analyze-message-transmitter
25s
analyze-message-transmitter
analyze-message-transmitter-v2
30m 40s
analyze-message-transmitter-v2
analyze-token-messenger-minter
36s
analyze-token-messenger-minter
release-sbom  /  release_attach_assets
release-sbom / release_attach_assets
scan  /  scan
scan / scan
Fit to window
Zoom out
Zoom in

Annotations

7 errors and 4 warnings
analyze-message-transmitter
Process completed with exit code 2.
analyze-message-transmitter
Policy store requires id-token write permission as it uses OIDC to fetch the policy from StepSecurity API. Please add "id-token: write" to your job permissions.
analyze-token-messenger-minter
Process completed with exit code 2.
analyze-token-messenger-minter
Policy store requires id-token write permission as it uses OIDC to fetch the policy from StepSecurity API. Please add "id-token: write" to your job permissions.
lint-and-test
Process completed with exit code 1.
lint-and-test
Policy store requires id-token write permission as it uses OIDC to fetch the policy from StepSecurity API. Please add "id-token: write" to your job permissions.
analyze-message-transmitter-v2
Policy store requires id-token write permission as it uses OIDC to fetch the policy from StepSecurity API. Please add "id-token: write" to your job permissions.
analyze-message-transmitter
egress-policy is set to block (default) and allowed-endpoints is empty. No outbound traffic will be allowed for job steps.
analyze-token-messenger-minter
egress-policy is set to block (default) and allowed-endpoints is empty. No outbound traffic will be allowed for job steps.
lint-and-test
egress-policy is set to block (default) and allowed-endpoints is empty. No outbound traffic will be allowed for job steps.
analyze-message-transmitter-v2
egress-policy is set to block (default) and allowed-endpoints is empty. No outbound traffic will be allowed for job steps.