Skip to content

fix: add auto-approval for file writes in polish-release-notes workflow #505

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
TabishB merged 1 commit into from
Jan 14, 2026
Merged

fix: add auto-approval for file writes in polish-release-notes workflow #505

TabishB merged 1 commit into from
Jan 14, 2026

Conversation

@TabishB
Copy link
Contributor

@TabishB TabishB commented Jan 14, 2026
edited by coderabbitai bot
Loading

Problem

The polish-release-notes workflow is failing when Claude tries to write the output files:

❌ Error: Claude requested permissions to write to /home/runner/work/OpenSpec/OpenSpec/release-title.txt, but you haven't granted it yet.

In GitHub Actions automation mode, there's no interactive user to approve file operations.

Solution

Added claude_args: "--allowedTools Write,Read" to pre-approve file write and read operations.

This tells Claude Code it can use the Write and Read tools without requesting permission, which is necessary for automation contexts.

Testing

After merging, re-run the workflow for v0.20.0 to verify it can now write the polished notes files successfully.

Related to: https://github.com/Fission-AI/OpenSpec/actions/runs/20985495417

Summary by CodeRabbit

  • Chores
    • Updated internal CI/CD workflow configuration to enhance tool permissions and workflow reliability.

✏️ Tip: You can customize this high-level summary in your review settings.

@TabishB
fix: add auto-approval for file writes in polish-release-notes workflow
dcd7fc6 
The workflow was failing because Claude Code requested permission to write files
(release-title.txt and polished-notes.md) but there was no interactive user to approve.

Added claude_args: "--allowedTools Write,Read" to pre-approve file operations
in automation mode.
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Jan 14, 2026
edited
Loading

Caution

Review failed

The pull request is closed.

📝 Walkthrough

Walkthrough

Added a new input parameter claude_args with value "--allowedTools Write,Read" to the Claude code-action step in the Polish Release Notes workflow, restricting the tools that Claude can invoke during release note transformation.

Changes

Cohort / File(s) Summary
GitHub Actions Workflow Configuration
\.github/workflows/polish-release-notes\.yml		 Added claude_args: "--allowedTools Write,Read" input parameter to the "Transform release notes with Claude" step, restricting Claude's tool access to Write and Read operations

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

Poem

🐰 A little tweak to Claude's command,
Write and Read, now understand!
Tools restricted, safe and sound,
Better notes on solid ground.

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c57e421 and dcd7fc6.

📒 Files selected for processing (1)
  • .github/workflows/polish-release-notes.yml

✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@TabishB TabishB merged commit bf4bc24 into main Jan 14, 2026
6 of 7 checks passed
@TabishB TabishB deleted the fix/polish-workflow-permissions branch January 14, 2026 07:09
@vibe-kanban-cloud
Copy link

vibe-kanban-cloud bot commented Jan 15, 2026

Review Complete

Your review story is ready!

View Story

Comment !reviewfast on this PR to re-generate the story.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@TabishB