🔧 (deploy-extension-to-marketplace.yml): add permissions for id-token…

… and contents to enhance security and access control during deployment jobs
liquibase · Jan 8, 2025 · 8deb040 · 8deb040
1 parent b370046
commit 8deb040
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/.github/workflows/deploy-extension-to-marketplace.yml b/.github/workflows/deploy-extension-to-marketplace.yml
@@ -64,6 +64,9 @@ jobs:
       if: github.actor == 'dependabot' && ${{ needs.check-OSS-version.outputs.OSS_VERSION_MATCH }} == true
       runs-on:
           ubuntu-latest
+      permissions:
+        id-token: write
+        contents: read
       needs: check-OSS-version
       env:
         AWS_REGION: us-east-1
@@ -124,6 +127,9 @@ jobs:
     if: ${{ inputs.dry_run == true }}
     runs-on:
       ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
     needs: check-OSS-version
     env:
       AWS_REGION: us-east-1