openremote icon indicating copy to clipboard operation
openremote copied to clipboard
verified publisher icon openremote

CI/CD broken in custom projects outside of the OpenRemote organisation

Open MartinaeyNL opened this issue 2 months ago • 3 comments

Describe the bug

I tried to use the Custom Project template for creating my own repository outside of the OpenRemote GitHub organization. It works, which is great, however the CI/CD fails within a second. See this error message:

The workflow is not valid. .github/workflows/ci_cd.yml (Line: 43, Col: 3): Error calling workflow 'openremote/openremote/.github/workflows/ci_cd.yml@master'. The workflow is requesting 'security-events: write, id-token: write', but is only allowed 'security-events: none, id-token: none'.

According to @denniskuijs, recently @ebariaux made some required security changes in the CI/CD. Apparently this broke the CI/CD runs for custom projects outside of the OpenRemote GitHub organization.

To Reproduce

Push to main branch, to let the default GitHub Actions task run.

Additional context

Note: I used the template about 2 weeks ago on Oct 10th.

MartinaeyNL avatar Oct 24 '25 14:10 MartinaeyNL

I think this is a regression of #2006

denniskuijs avatar Oct 24 '25 14:10 denniskuijs

I had seen that fork of openremote repo were not building properly but #2176 should have fixed that. Would need to understand what's the difference in this case.

One option might be to just rollback all the changes and clean-up our pipelines before doing any further modifications, this is too complicated / brittle.

ebariaux avatar Oct 27 '25 07:10 ebariaux

Possibly related to openremote/openremote#2040

richturner avatar Nov 26 '25 15:11 richturner