From ae628b577c5dd48c4b872420011fea69a89c9164 Mon Sep 17 00:00:00 2001 From: Amaury Chamayou Date: Fri, 15 May 2026 14:45:41 +0100 Subject: [PATCH 1/4] Update npm workflow permissions and environment --- .github/workflows/npm.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/npm.yml b/.github/workflows/npm.yml index 2e054c9fadd..2d5da406666 100644 --- a/.github/workflows/npm.yml +++ b/.github/workflows/npm.yml @@ -4,14 +4,15 @@ on: release: types: [published] -permissions: - contents: read - id-token: write +permissions: read-all jobs: build_and_publish: name: "Publish ccf-app package to NPM" runs-on: ubuntu-latest + environment: npm + permissions: + id-token: write steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 From 86ff1c83be530ec822ca2bc74c16390f2f2b2b8c Mon Sep 17 00:00:00 2001 From: Amaury Chamayou Date: Fri, 15 May 2026 14:51:24 +0100 Subject: [PATCH 2/4] Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- .github/workflows/npm.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/npm.yml b/.github/workflows/npm.yml index 2d5da406666..0b7b18ac05f 100644 --- a/.github/workflows/npm.yml +++ b/.github/workflows/npm.yml @@ -12,6 +12,7 @@ jobs: runs-on: ubuntu-latest environment: npm permissions: + contents: read id-token: write steps: From 15103341b5a8fe2bc5c491b811b7cac6fb022008 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 15:35:25 +0000 Subject: [PATCH 3/4] tests: relax JWT/CA-cert timeouts for slow SNP Milan CI nodes Agent-Logs-Url: https://github.com/microsoft/CCF/sessions/4a132ce1-6590-418a-a0a4-539a69ab7746 Co-authored-by: achamayou <4016369+achamayou@users.noreply.github.com> --- tests/ca_certs.py | 6 ++++-- tests/programmability.py | 4 ++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/tests/ca_certs.py b/tests/ca_certs.py index 208f3ed9527..3961786515d 100644 --- a/tests/ca_certs.py +++ b/tests/ca_certs.py @@ -59,7 +59,7 @@ def test_cert_store(network, args): ) stored_cert = json.loads( - network.get_ledger_public_state_at(set_proposal.completed_seqno)[ + network.get_ledger_public_state_at(set_proposal.completed_seqno, timeout=10)[ "public:ccf.gov.tls.ca_cert_bundles" ][raw_cert_name] ) @@ -72,7 +72,9 @@ def test_cert_store(network, args): remove_proposal = network.consortium.remove_ca_cert_bundle(primary, cert_name) assert ( - network.get_ledger_public_state_at(remove_proposal.completed_seqno)[ + network.get_ledger_public_state_at( + remove_proposal.completed_seqno, timeout=10 + )[ "public:ccf.gov.tls.ca_cert_bundles" ][raw_cert_name] is None diff --git a/tests/programmability.py b/tests/programmability.py index 3d63b418050..7af0236ee45 100644 --- a/tests/programmability.py +++ b/tests/programmability.py @@ -624,6 +624,7 @@ def run(args): if __name__ == "__main__": cr = ConcurrentRunner() + jwt_forwarding_timeout_ms = 10000 cr.add( "programmability", @@ -642,6 +643,7 @@ def run(args): nodes=infra.e2e_args.min_nodes(cr.args, f=1), jwt_key_refresh_interval_s=1, issuer_port=12345, + forwarding_timeout_ms=jwt_forwarding_timeout_ms, ) cr.add( @@ -651,6 +653,7 @@ def run(args): nodes=infra.e2e_args.min_nodes(cr.args, f=1), jwt_key_refresh_interval_s=100000, issuer_port=12346, + forwarding_timeout_ms=jwt_forwarding_timeout_ms, ) cr.add( @@ -658,6 +661,7 @@ def run(args): jwt_test.run_ca_cert, package="samples/apps/logging/logging", nodes=infra.e2e_args.max_nodes(cr.args, f=0), + forwarding_timeout_ms=jwt_forwarding_timeout_ms, ) cr.run() From 6f1a337d1eb9649874002f339133d00ce4c56743 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 17:56:48 +0000 Subject: [PATCH 4/4] Format Python test file via ci-checks autofix Agent-Logs-Url: https://github.com/microsoft/CCF/sessions/08b65845-5377-40dc-b07a-a74a15958f62 Co-authored-by: achamayou <4016369+achamayou@users.noreply.github.com> --- tests/ca_certs.py | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/tests/ca_certs.py b/tests/ca_certs.py index 3961786515d..9c2ff41775a 100644 --- a/tests/ca_certs.py +++ b/tests/ca_certs.py @@ -59,9 +59,9 @@ def test_cert_store(network, args): ) stored_cert = json.loads( - network.get_ledger_public_state_at(set_proposal.completed_seqno, timeout=10)[ - "public:ccf.gov.tls.ca_cert_bundles" - ][raw_cert_name] + network.get_ledger_public_state_at( + set_proposal.completed_seqno, timeout=10 + )["public:ccf.gov.tls.ca_cert_bundles"][raw_cert_name] ) cert_ref = cert_pem + cert2_pem assert ( @@ -72,9 +72,7 @@ def test_cert_store(network, args): remove_proposal = network.consortium.remove_ca_cert_bundle(primary, cert_name) assert ( - network.get_ledger_public_state_at( - remove_proposal.completed_seqno, timeout=10 - )[ + network.get_ledger_public_state_at(remove_proposal.completed_seqno, timeout=10)[ "public:ccf.gov.tls.ca_cert_bundles" ][raw_cert_name] is None