From 9c3cc4bc02f9c18f841a0aa53243a25d107eb154 Mon Sep 17 00:00:00 2001
From: Nelson Osacky <nelson.osacky@sentry.io>
Date: Thu, 19 Mar 2026 16:56:32 +0100
Subject: [PATCH] ci(build): Add packages:write permission to snapshot workflow

GitHub validates reusable workflow permissions statically. Even though
the docker jobs in build.yml have `if: !inputs.is-snapshot` and won't
run for snapshots, the caller must still grant the permissions they
declare. Without this, the workflow fails validation.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/workflows/snapshot.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml
index 9ab5add368..80ed1a2586 100644
--- a/.github/workflows/snapshot.yml
+++ b/.github/workflows/snapshot.yml
@@ -6,6 +6,7 @@ on:
 
 permissions:
   contents: write
+  packages: write
 
 jobs:
   prepare: