From 560a840efb9119bcf01516e97622674e7ca2ab7d Mon Sep 17 00:00:00 2001
From: alexey semenyuk <alexsemenyuk88@gmail.com>
Date: Tue, 10 Sep 2024 13:52:36 +0500
Subject: [PATCH 1/2] Add explicit github actions permissions

Signed-off-by: alexey semenyuk <alexsemenyuk88@gmail.com>
---
 .github/workflows/docker_main.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/docker_main.yml b/.github/workflows/docker_main.yml
index 9986ea9..2a5d9c7 100644
--- a/.github/workflows/docker_main.yml
+++ b/.github/workflows/docker_main.yml
@@ -8,6 +8,9 @@ on:
 jobs:
   docker:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
     steps:
       - uses: actions/checkout@v4
 
@@ -37,4 +40,4 @@ jobs:
       - name: Push head tag
         run: |
           echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin
-          docker push ghcr.io/hyperledger/firefly-ethconnect:head
\ No newline at end of file
+          docker push ghcr.io/hyperledger/firefly-ethconnect:head

From b89bc2aae5098344691bcc5d89df0e3772deca06 Mon Sep 17 00:00:00 2001
From: alexey semenyuk <alexsemenyuk88@gmail.com>
Date: Tue, 10 Sep 2024 13:53:30 +0500
Subject: [PATCH 2/2] Add explicit github actions permissions

Signed-off-by: alexey semenyuk <alexsemenyuk88@gmail.com>
---
 .github/workflows/docker_release.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/docker_release.yml b/.github/workflows/docker_release.yml
index ec8f935..831c17c 100644
--- a/.github/workflows/docker_release.yml
+++ b/.github/workflows/docker_release.yml
@@ -7,6 +7,9 @@ on:
 jobs:
   docker:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
     steps:
       - uses: actions/checkout@v4
         with: