ci: add minimum GitHub token permissions for workflows (#19138)

Signed-off-by: Ashish Kurmi <akurmi@stepsecurity.io> Signed-off-by: Ashish Kurmi <akurmi@stepsecurity.io>
author: Ashish Kurmi <100655670+boahc077@users.noreply.github.com> 2022-09-08 00:44:24 -0700
committer: GitHub <noreply@github.com> 2022-09-08 09:44:24 +0200
commit: af46584f826165687611d97c08dbecb8f1a0416b (patch)
tree: 95e88f3630157f086cd7fdecaf9dc4addd141e43
parent: 95a149d7c12666d15257ac88687b3193a74179c1 (diff)
2 files changed, 6 insertions, 0 deletions
diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml
index 157c2fcde..624aabbe7 100644
--- a/.github/workflows/build-image.yml
+++ b/.github/workflows/build-image.yml
@@ -10,6 +10,9 @@ on:
     paths:
       - .github/workflows/build-image.yml
       - Dockerfile
+permissions:
+  contents: read
+
 jobs:
   build-image:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/check-i18n.yml b/.github/workflows/check-i18n.yml
index 1c60515f8..a9d8ea2ea 100644
--- a/.github/workflows/check-i18n.yml
+++ b/.github/workflows/check-i18n.yml
@@ -9,6 +9,9 @@ on:
 env:
   RAILS_ENV: test
 
+permissions:
+  contents: read
+
 jobs:
   check-i18n:
     runs-on: ubuntu-latest
author	Ashish Kurmi <100655670+boahc077@users.noreply.github.com>	2022-09-08 00:44:24 -0700
committer	GitHub <noreply@github.com>	2022-09-08 09:44:24 +0200
commit	af46584f826165687611d97c08dbecb8f1a0416b (patch)
tree	95e88f3630157f086cd7fdecaf9dc4addd141e43
parent	95a149d7c12666d15257ac88687b3193a74179c1 (diff)