ci: set top-level permissions as well

It should turn on the "restricted" mode by default regardless of whether the global setting is on or not. New jobs in this action should have to overwrite it explicitly to gain write access in any way. It should also make the action consistent with the other actions writing various stuff like 'labeler' and 'codeql'.
author: Evgeny Vereshchagin <evvers@ya.ru> 2022-06-23 14:09:36 +0000
committer: Yu Watanabe <watanabe.yu+github@gmail.com> 2022-06-24 20:08:30 +0900
commit: f3bd663faf2235ca31b99679a6a35f0496dfb3b8 (patch)
tree: 7e21d5e639b992928c3a48b9c1f415c1cf1fcda3 /.github/workflows
parent: 1a2620e8bddb360ca4461077827f1b29b30c8756 (diff)
download: systemd-f3bd663faf2235ca31b99679a6a35f0496dfb3b8.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/.github/workflows/issue_labeler.yml b/.github/workflows/issue_labeler.yml
index c4143037ce..64774e67cc 100644
--- a/.github/workflows/issue_labeler.yml
+++ b/.github/workflows/issue_labeler.yml
@@ -5,6 +5,9 @@ on:
   issues:
     types: [ opened ]
 
+permissions:
+  contents: read
+
 jobs:
   label-component:
     runs-on: ubuntu-22.04
author	Evgeny Vereshchagin <evvers@ya.ru>	2022-06-23 14:09:36 +0000
committer	Yu Watanabe <watanabe.yu+github@gmail.com>	2022-06-24 20:08:30 +0900
commit	f3bd663faf2235ca31b99679a6a35f0496dfb3b8 (patch)
tree	7e21d5e639b992928c3a48b9c1f415c1cf1fcda3 /.github/workflows
parent	1a2620e8bddb360ca4461077827f1b29b30c8756 (diff)
download	systemd-f3bd663faf2235ca31b99679a6a35f0496dfb3b8.tar.gz