include-source: false # Drop file/line/col from output skip: - Go permissions-policy: LimitedRead --- on: push jobs: deploy: permissions: actions: write checks: write contents: write deployments: write discussions: write issues: write packages: write pages: write pull-requests: write repository-projects: write security-events: write statuses: write id-token: none uses: a/b/.github/workflows/c.yml@v1 --- a/b/.github/workflows/c.yml@v1 --- on: workflow_call jobs: deploy: name: Deploy 1 permissions: id-token: write runs-on: ubuntu-latest steps: - run: echo hi --- { "errors": [ { "Message": ".github/workflows/errors-reusable-workflow-permissions-not-allowed-request-id-token-write.yml (Line: 3, Col: 3): Error calling workflow 'a/b/.github/workflows/c.yml@v1'. The nested job 'Deploy 1' is requesting 'id-token: write', but is only allowed 'id-token: none'." } ] }