Experiments

bart-vmware · bart-vmware · commit 09fcd587d9b3 · 2025-07-16T15:08:49.000+02:00
diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml
@@ -125,6 +125,7 @@ jobs:
     timeout-minutes: 15
     needs: build
     runs-on: windows-latest
+    # TODO: Why do we have an environment for this?
     environment: signing
     # TODO: Can we move the additional permissions into the step that needs it (assuming there's only one)?
     permissions:
@@ -179,19 +180,8 @@ jobs:
     if: ${{ github.event_name != 'pull_request' }}
     environment: azdo
     runs-on: ubuntu-latest
-    # TODO: Can we move the additional permissions into the step that needs it (assuming there's only one)?
-    # TODO: I suspect this is redundant, can it be removed?
-    permissions:
-      id-token: write
 
     steps:
-      # TODO: Why do we need to fetch sources in this job?
-      - uses: actions/checkout@v4
-        # TODO: Why do we need a token here? I suspect it only applies to private repositories.
-        # https://learn.microsoft.com/en-us/azure/devops/artifacts/quickstarts/github-actions?view=azure-devops&pivots=managed-identity#authenticate-with-azure-pipelines
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-
       - name: Azure login
         uses: azure/login@v2
         with:
