GHA manually trigger with only Read access

Hey all,

So I’ve been working on a project that involves translations, and the translators tend to not be super technically oriented and I’ve been trying to minimize the setup they have to do to generate builds to test their translations in. To this end, I’ve created workflows with GHA that will generate binaries that they can test, and it’s been fantastic.

However, there’s one issue, and it’s that only users with Write permissions can manually trigger these workflows. I do trust the people doing the translations, but mistakes can happen and I’m not really all too comfortable with them having write-access in case something goes wrong.

Is there any easy solution to make it so I only need to give them Read permissions or something even more granular to run Actions?

1 Like

one option is to use the branches section of settings to limit write. allow them write access to the repo, but only against translations/* branches, etc

1 Like

Thanks! Yeah, something like that should work for now for peace of mind.