From cc6ea7854898106bf1c7d92984fe3f0968186a84 Mon Sep 17 00:00:00 2001
From: Sung Yoon Whang <sungyoon@uber.com>
Date: Mon, 20 Mar 2023 06:37:37 -0700
Subject: [PATCH] Minimize permissions to CI workflows

Set only read permission on CI workflows since they don't need write access.
---
 .github/workflows/fossa.yaml | 3 +++
 .github/workflows/go.yml     | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/.github/workflows/fossa.yaml b/.github/workflows/fossa.yaml
index 86e6db7..01f3c67 100644
--- a/.github/workflows/fossa.yaml
+++ b/.github/workflows/fossa.yaml
@@ -1,6 +1,9 @@
 name: FOSSA Analysis
 on: push
 
+permissions:
+  contents: read
+
 jobs:
 
   build:
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index b7d35f5..2811b19 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -7,6 +7,9 @@ on:
   pull_request:
     branches: ['*']
 
+permissions:
+  contents: read
+
 jobs:
 
   build: