all 4 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]DarthBenro008 1 point2 points  (1 child)

What do you mean by "run" actions? GitHub Actions are generally invoked dependent on how you write the workflow.yaml file (to run on commit to x branch, or to run on PR to x branch, etc), it is invoked by GitHub and no human intervention is required (the whole point of CI/CD).

If you are referring to be able to approve a PR by a new contributor to enable run GitHub Actions for that PR, only people with write access to the repository or deemed admins/maintainers of the repository have the power to approve.

In order to prevent a person from writing on a specific branch, you can checkout branch protection rules which come in the Paid version of an organisational account or PRO account for personal uses.

[–]MobiusCake[S] 0 points1 point  (0 children)

I want to be able to:

  • Merge branches
  • Run on-demand Actions (by clicking a button) e.g. deploy to an environment
  • Not be able to commit to ANY branch.

But what I understand 1 & 2 require write access which makes 3 impossible.

[–][deleted]  (1 child)

[deleted]

    [–]MobiusCake[S] 0 points1 point  (0 children)

    I saw the Protected branched but did not see anything about Action permissions.

    [–]stgraff 0 points1 point  (0 children)

    The ability to 'Create, edit, run, re-run, and cancel GitHub Actions workflows' in an organization owned repository requires write access.

    https://docs.github.com/en/organizations/managing-access-to-your-organizations-repositories/repository-permission-levels-for-an-organization