From 706a0cde544bbe0997523130110aa94c5bc4e657 Mon Sep 17 00:00:00 2001
From: Sean Rankine <sean.rankine@me.com>
Date: Thu, 8 Feb 2024 11:34:44 +0000
Subject: [PATCH] Pass contents read permission to build image workflow

This is required as the reusuable workflow no requires that permission to be
explicitly passed it. This is so the reusuable workflow can checkout the
repository if it private.
---
 .github/workflows/deploy.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 3e4352b3..8322900f 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -30,6 +30,7 @@ jobs:
       gitRef: ${{ inputs.gitRef || github.event.release.tag_name }}
     permissions:
       id-token: write
+      contents: read
   trigger-deploy:
     name: Trigger deploy to ${{ inputs.environment || 'integration' }}
     needs: build-and-publish-image