From a17ba562e6bc3d84d2b1cc47c06cf46f61d8374b Mon Sep 17 00:00:00 2001
From: Syndamia <kamen@syndamia.com>
Date: Tue, 13 Aug 2024 15:45:14 +0300
Subject: fix(cd*): Replaced token with permissions

---
 .github/workflows/cd-dev.yml | 3 ++-
 .github/workflows/cd.yml     | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

(limited to '.github/workflows')

diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml
index f7377ea..f0063e9 100644
--- a/.github/workflows/cd-dev.yml
+++ b/.github/workflows/cd-dev.yml
@@ -33,6 +33,8 @@ jobs:
     name: Scan development docker container with trivy
     runs-on: ubuntu-latest
     needs: Create-and-release-dev-container
+    permissions:
+      security-events: write
     steps:
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
@@ -49,4 +51,3 @@ jobs:
           sarif_file: 'trivy-results.sarif'
           sha: ${{ github.sha }}
           ref: ${{ github.ref }}
-          token: ${{ secrets.TOKEN_GITHUB }}
diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index 5b981c1..103717d 100644
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -26,6 +26,8 @@ jobs:
     name: Scan production docker container with trivy
     runs-on: ubuntu-latest
     needs: Build-docker-and-push
+    permissions:
+      security-events: write
     steps:
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
@@ -42,7 +44,6 @@ jobs:
           sarif_file: 'trivy-results.sarif'
           sha: ${{ github.sha }}
           ref: ${{ github.ref }}
-          token: ${{ secrets.TOKEN_GITHUB }}
 
   Release:
     name: Make github release
-- 
cgit v1.2.3