fix: workflow permission to upload trivy sarif report (#7234)

Trivy scan result upload to GitHub fails due to permission issue. Added permission security-events=write to the workflow file as a fix. Since workflow permission explicitly defined, it requires contents=read explicity set as well Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
2026-01-09 13:58:02 -05:00 · 2024-06-18 11:42:50 +10:00
parent db9710b2aa
commit aef938964d
1 changed files with 3 additions and 0 deletions
--- a/.github/workflows/container-security-scan.yml
+++ b/.github/workflows/container-security-scan.yml
@@ -14,6 +14,9 @@ on:
 jobs:
  scan-sarif:
    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      security-events: write

    steps:
      - name: Checkout