feat: detect permissions from actions (#137)

* feat: detect permissions from actions * refactor(test): fix 25 SonarCloud issues by extracting test constants Resolved all SonarCloud code quality issues for PR #137: - Fixed 12 string duplication issues (S1192) - Fixed 13 naming convention issues (S100) Changes: - Centralized test constants in appconstants/test_constants.go * Added 9 parser test constants for YAML templates * Added 3 template test constants for paths and versions - Updated parser_test.go to use shared constants - Updated template_test.go to use shared constants - Renamed 13 test functions to camelCase (removed underscores) * chore: reduce code duplication * fix: implement cr fixes * chore: deduplication
2026-02-22 17:52:29 +00:00 · 2026-01-04 02:48:29 +02:00
parent 9534bf9e45
commit ce23f93b74
12 changed files with 1797 additions and 170 deletions
--- a/templates_embed/templates/readme.tmpl
+++ b/templates_embed/templates/readme.tmpl
@@ -27,6 +27,24 @@
 {{end}}
 {{end}}

+{{if and .Permissions (gt (len .Permissions) 0)}}
+## Permissions
+
+This action requires the following permissions:
+
+{{range $key, $value := .Permissions}}
+- **`{{$key}}`**: `{{$value}}`
+{{end}}
+
+**Usage in workflow:**
+```yaml
+permissions:
+{{- range $key, $value := .Permissions}}
+  {{$key}}: {{$value}}
+{{- end}}
+```
+{{end}}
+
 ## Example

 See the [action.yml](./action.yml) for a full reference.
--- a/templates_embed/templates/themes/github/readme.tmpl
+++ b/templates_embed/templates/themes/github/readme.tmpl
@@ -45,6 +45,26 @@ jobs:
 {{- end}}
 {{end}}

+{{if .Permissions}}
+## 🔐 Permissions
+
+This action requires the following permissions:
+
+| Permission | Access Level |
+|------------|--------------|
+{{- range $key, $value := .Permissions}}
+| `{{$key}}` | `{{$value}}` |
+{{- end}}
+
+**Usage in workflow:**
+```yaml
+permissions:
+{{- range $key, $value := .Permissions}}
+  {{$key}}: {{$value}}
+{{- end}}
+```
+{{end}}
+
 ## 💡 Examples

 <details>
--- a/templates_embed/templates/themes/gitlab/readme.tmpl
+++ b/templates_embed/templates/themes/gitlab/readme.tmpl
@@ -60,6 +60,24 @@ steps:
 {{end}}
 {{end}}

+{{if and .Permissions (gt (len .Permissions) 0)}}
+### Required Permissions
+
+{{range $key, $value := .Permissions}}
+#### `{{$key}}`
+- **Access Level**: `{{$value}}`
+
+{{end}}
+
+**GitHub Actions Workflow:**
+```yaml
+permissions:
+{{- range $key, $value := .Permissions}}
+  {{$key}}: {{$value}}
+{{- end}}
+```
+{{end}}
+
 ## Usage Examples

 ### Basic Example
--- a/templates_embed/templates/themes/minimal/readme.tmpl
+++ b/templates_embed/templates/themes/minimal/readme.tmpl
@@ -28,6 +28,14 @@
 {{end}}
 {{end}}

+{{if and .Permissions (gt (len .Permissions) 0)}}
+## Permissions
+
+{{range $key, $value := .Permissions}}
+- `{{$key}}`: `{{$value}}`
+{{end}}
+{{end}}
+
 ## License

 MIT
--- a/templates_embed/templates/themes/professional/readme.tmpl
+++ b/templates_embed/templates/themes/professional/readme.tmpl
@@ -112,6 +112,38 @@ This action provides the following outputs that can be used in subsequent workfl
 ```
 {{end}}

+{{if .Permissions}}
+## 🔐 Required Permissions
+
+This action requires specific GitHub permissions to function correctly. Ensure your workflow includes these permissions:
+
+| Permission | Access Level | Description |
+|------------|--------------|-------------|
+{{- range $key, $value := .Permissions}}
+| `{{$key}}` | `{{$value}}` | Required for action operation |
+{{- end}}
+
+### How to Set Permissions
+
+```yaml
+name: My Workflow
+on: [push]
+
+permissions:
+{{- range $key, $value := .Permissions}}
+  {{$key}}: {{$value}}
+{{- end}}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: {{gitUsesString .}}
+```
+
+**Note:** If your workflow doesn't specify permissions, GitHub uses default permissions which may not include all required permissions above.
+{{end}}
+
 ## Examples

 ### Basic Usage