From cf4ae2e80dd216a9958b85ffbb093a82ef353277 Mon Sep 17 00:00:00 2001
From: Sean Rankine <sean.rankine@me.com>
Date: Thu, 8 Feb 2024 11:34:44 +0000
Subject: [PATCH] Pass contents read permission to build image workflow

This is required as the reusuable workflow no requires that permission to be
explicitly passed it. This is so the reusuable workflow can checkout the
repository if it private.
---
 .github/workflows/deploy.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 3e4352b..8322900 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -30,6 +30,7 @@ jobs:
       gitRef: ${{ inputs.gitRef || github.event.release.tag_name }}
     permissions:
       id-token: write
+      contents: read
   trigger-deploy:
     name: Trigger deploy to ${{ inputs.environment || 'integration' }}
     needs: build-and-publish-image