{ "name": "ConfigureGithubTokenPermissions", "fully_qualified_name": "GithubApi.ConfigureGithubTokenPermissions@0.1.0", "description": "Set default workflow permissions for a repository's GitHub Actions.\n\nThis tool updates the default permissions granted to the `GITHUB_TOKEN` when workflows run in a GitHub repository. It also configures GitHub Actions' ability to submit approving pull request reviews. Authentication with a token having `repo` scope is required, or GitHub Apps must have `administration` permission.", "toolkit": { "name": "ArcadeGithubApi", "description": null, "version": "0.1.0" }, "input": { "parameters": [ { "name": "repository_owner", "required": true, "description": "The account owner of the repository. This is not case sensitive.", "value_schema": { "val_type": "string", "inner_val_type": null, "enum": null, "properties": null, "inner_properties": null, "description": "The account owner of the repository. The name is not case sensitive." }, "inferrable": true, "http_endpoint_parameter_name": "owner" }, { "name": "repository_name", "required": true, "description": "The name of the repository. The name is not case sensitive.", "value_schema": { "val_type": "string", "inner_val_type": null, "enum": null, "properties": null, "inner_properties": null, "description": "The name of the repository. The name is not case sensitive." }, "inferrable": true, "http_endpoint_parameter_name": "repo" }, { "name": "default_workflow_permissions", "required": false, "description": "Specify the default permissions ('read' or 'write') for the GITHUB_TOKEN when running workflows.", "value_schema": { "val_type": "string", "inner_val_type": null, "enum": [ "read", "write" ], "properties": null, "inner_properties": null, "description": "The default workflow permissions granted to the GITHUB_TOKEN when running workflows." }, "inferrable": true, "http_endpoint_parameter_name": "default_workflow_permissions" }, { "name": "enable_pull_request_approval", "required": false, "description": "Set to true to allow GitHub Actions to approve pull requests. Enabling this may pose a security risk.", "value_schema": { "val_type": "boolean", "inner_val_type": null, "enum": null, "properties": null, "inner_properties": null, "description": "Whether GitHub Actions can approve pull requests. Enabling this can be a security risk." }, "inferrable": true, "http_endpoint_parameter_name": "can_approve_pull_request_reviews" } ] }, "output": { "description": "Response from the API endpoint 'actions/set-github-actions-default-workflow-permissions-repository'.", "available_modes": [ "value", "error", "null" ], "value_schema": { "val_type": "json", "inner_val_type": null, "enum": null, "properties": null, "inner_properties": null, "description": null } }, "requirements": { "authorization": { "provider_id": "arcade-github", "provider_type": "oauth2", "id": null, "oauth2": null }, "secrets": [ { "key": "GIT_SERVER_URL" } ], "metadata": null }, "deprecation_message": null, "metadata": { "object_type": "api_wrapper_tool", "version": "1.1.0", "description": "Tools that enable LLMs to interact directly with the GitHub API." }, "http_endpoint": { "metadata": { "object_type": "http_endpoint", "version": "1.2.0", "description": "" }, "url": "{git_server_url}/api/v3/repos/{owner}/{repo}/actions/permissions/workflow", "http_method": "PUT", "headers": {}, "parameters": [ { "name": "owner", "tool_parameter_name": "repository_owner", "description": "The account owner of the repository. The name is not case sensitive.", "value_schema": { "val_type": "string", "inner_val_type": null, "enum": null, "properties": null, "inner_properties": null, "description": "The account owner of the repository. The name is not case sensitive." }, "accepted_as": "path", "required": true, "deprecated": false, "default": null, "documentation_urls": [] }, { "name": "repo", "tool_parameter_name": "repository_name", "description": "The name of the repository. The name is not case sensitive.", "value_schema": { "val_type": "string", "inner_val_type": null, "enum": null, "properties": null, "inner_properties": null, "description": "The name of the repository. The name is not case sensitive." }, "accepted_as": "path", "required": true, "deprecated": false, "default": null, "documentation_urls": [] }, { "name": "can_approve_pull_request_reviews", "tool_parameter_name": "enable_pull_request_approval", "description": "Whether GitHub Actions can approve pull requests. Enabling this can be a security risk.", "value_schema": { "val_type": "boolean", "inner_val_type": null, "enum": null, "properties": null, "inner_properties": null, "description": "Whether GitHub Actions can approve pull requests. Enabling this can be a security risk." }, "accepted_as": "body", "required": false, "deprecated": false, "default": null, "documentation_urls": [] }, { "name": "default_workflow_permissions", "tool_parameter_name": "default_workflow_permissions", "description": "The default workflow permissions granted to the GITHUB_TOKEN when running workflows.", "value_schema": { "val_type": "string", "inner_val_type": null, "enum": [ "read", "write" ], "properties": null, "inner_properties": null, "description": "The default workflow permissions granted to the GITHUB_TOKEN when running workflows." }, "accepted_as": "body", "required": false, "deprecated": false, "default": null, "documentation_urls": [] } ], "documentation_urls": [], "secrets": [ { "arcade_key": "GIT_SERVER_URL", "parameter_name": "git_server_url", "accepted_as": "path", "formatted_value": null, "description": "", "is_auth_token": false }, { "arcade_key": "auth_token", "parameter_name": "Authorization", "accepted_as": "header", "formatted_value": "Bearer {authorization}", "description": "The OAuth token to use for authentication.", "is_auth_token": true } ], "request_body_spec": "{\n \"content\": {\n \"application/json\": {\n \"examples\": {\n \"default\": {\n \"$ref\": \"#/components/examples/actions-default-workflow-permissions\"\n }\n },\n \"schema\": {\n \"properties\": {\n \"can_approve_pull_request_reviews\": {\n \"description\": \"Whether GitHub Actions can approve pull requests. Enabling this can be a security risk.\",\n \"type\": \"boolean\"\n },\n \"default_workflow_permissions\": {\n \"description\": \"The default workflow permissions granted to the GITHUB_TOKEN when running workflows.\",\n \"enum\": [\n \"read\",\n \"write\"\n ],\n \"type\": \"string\"\n }\n },\n \"type\": \"object\"\n }\n }\n },\n \"required\": true\n}", "use_request_body_schema_mode": false, "validate_request_body_schema": false } }