ci: add minimum GitHub token permissions for workflows (#19138)

Signed-off-by: Ashish Kurmi <akurmi@stepsecurity.io> Signed-off-by: Ashish Kurmi <akurmi@stepsecurity.io>
2022-09-08 00:44:24 -07:00 · 2022-09-08 00:44:24 -07:00 · af46584f82
--- a/.github/workflows/build-image.yml
+++ b/.github/workflows/build-image.yml
@ -10,6 +10,9 @@ on:
    paths:
      - .github/workflows/build-image.yml
      - Dockerfile
+permissions:
+  contents: read
+
 jobs:
  build-image:
    runs-on: ubuntu-latest
--- a/.github/workflows/check-i18n.yml
+++ b/.github/workflows/check-i18n.yml
@ -9,6 +9,9 @@ on:
 env:
  RAILS_ENV: test

+permissions:
+  contents: read
+
 jobs:
  check-i18n:
    runs-on: ubuntu-latest