Fix permissions for image publish workflows (#3021)

All of the jobs in this workflow use the same set of permissions and this workflow is only run on pushes to master. Adding the appropriate permissions to read repository contents, publish packages and ID token for cosign. Signed-off-by: Sambhav Kothari <sambhavs.email@gmail.com>
2025-03-05 07:26:55 +00:00 · 2022-01-19 11:39:51 +00:00 · 2022-01-19 11:39:51 +00:00 · 8ddfcacd79
commit 8ddfcacd79
parent f0359f8272
1 changed files with 4 additions and 1 deletions
--- a/.github/workflows/image.yaml
+++ b/.github/workflows/image.yaml
@ -4,7 +4,10 @@ on:
    branches:
      - 'main'

-permissions: read-all
+permissions:
+  contents: read
+  packages: write
+  id-token: write 

 jobs:
  push-init-kyverno: