virtual-kubelet · smritidahal653 · Jan 23, 2024 · Jan 19, 2024
@@ -1,4 +1,11 @@
 version: 2
+
+permissions:
+  pull-requests: write
+  security-events: write
+  contents: read
+  actions: read
+
 updates:
   - package-ecosystem: "github-actions"
     directory: "/"

@@ -20,6 +20,8 @@ env:
 permissions:
   id-token: write # This is required for requesting the JWT
   contents: read # This is required for actions/checkout
+  actions: read #This is required for reading environment variables
+  deployments: read #This is required for reading deployment status
 
 jobs:
   aks-addon-e2e-tests:

@@ -9,6 +9,9 @@ on:
 
 permissions:
   contents: write
+  actions: read
+  deployments: read
+  contents: read
 
 jobs:
   publish-helm-chart:

@@ -14,6 +14,8 @@ on:
 permissions:
   contents: write
   pull-requests: write
+  actions: read
+  deployments: read
 
 jobs:
   create-release-pull-request:

@@ -10,7 +10,9 @@ on:
 permissions:
   contents: write
   packages: write
-
+  actions: read
+  deployments: read
+  pull-requests: read
 
 env:
   REGISTRY: ghcr.io

@@ -20,8 +20,10 @@ env:
   E2E_IMG_TAG: "e2e-ci"
 
 permissions:
-   id-token: write
-   contents: read
+  id-token: write
+  contents: read
+  actions: read
+  deployments: read
 
 jobs:
   e2e-tests:

@@ -6,6 +6,11 @@ on:
       - '**.md'
       - 'docs/**'
 
+permissions:
+  contents: read
+  actions: read
+  deployments: read
+
 jobs:
   markdown-link-check:
     runs-on: ubuntu-latest

@@ -8,6 +8,11 @@ on:
       - labeled
       - unlabeled
 
+permissions:
+  contents: read
+  actions: read
+  deployments: read
+
 jobs:
   check:
     runs-on: ubuntu-latest

@@ -18,6 +18,12 @@ env:
   # Common versions
   GO_VERSION: '1.20'
 
+permissions:
+  pull-requests: write
+  contents: read
+  actions: read
+  deployments: read
+
 jobs:
   unit-tests:
     runs-on: ubuntu-20.04