From f9957ae6a68cd3cd845fd350e57d0360498a4a09 Mon Sep 17 00:00:00 2001
From: Jan Calanog <jan.calanog@elastic.co>
Date: Sun, 18 Feb 2024 02:15:28 +0700
Subject: [PATCH] security: add permissions block to workflows

---
 .github/workflows/lint.yml | 3 +++
 .github/workflows/test.yml | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index c3fcc4a9..79e66341 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -13,6 +13,9 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
 
+permissions:
+  contents: read
+
 jobs:
   lint:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 853acfc5..3054429e 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -24,6 +24,9 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
 
+permissions:
+  contents: read
+
 jobs:
   test-vers:
     # TODO: services eventually will go here