From 30802fa46116e1c3b099f4e7e0bc5c86d888906e Mon Sep 17 00:00:00 2001
From: "Huang, Tai" <tai.huang@intel.com>
Date: Mon, 22 Jul 2024 09:59:02 +0800
Subject: [PATCH] add read permission token

Signed-off-by: Huang, Tai <tai.huang@intel.com>
---
 .github/workflows/Scanner_Bdba.yml     | 1 +
 .github/workflows/Scanner_Coverity.yml | 1 +
 .github/workflows/Scanner_McAfee.yml   | 1 +
 .github/workflows/probot.yml           | 1 +
 .github/workflows/publish.yml          | 1 +
 5 files changed, 5 insertions(+)

diff --git a/.github/workflows/Scanner_Bdba.yml b/.github/workflows/Scanner_Bdba.yml
index 2351406c9a7..4bef08dfc88 100644
--- a/.github/workflows/Scanner_Bdba.yml
+++ b/.github/workflows/Scanner_Bdba.yml
@@ -1,4 +1,5 @@
 name: Scanner BDBA
+permissions: read-all
 
 on:
   workflow_dispatch:
diff --git a/.github/workflows/Scanner_Coverity.yml b/.github/workflows/Scanner_Coverity.yml
index 50f44da4bf5..a95489e5442 100644
--- a/.github/workflows/Scanner_Coverity.yml
+++ b/.github/workflows/Scanner_Coverity.yml
@@ -1,4 +1,5 @@
 name: Scanner Coverity
+permissions: read-all
 
 on:
   workflow_dispatch:
diff --git a/.github/workflows/Scanner_McAfee.yml b/.github/workflows/Scanner_McAfee.yml
index 3d449ddaccf..30b882bcf47 100644
--- a/.github/workflows/Scanner_McAfee.yml
+++ b/.github/workflows/Scanner_McAfee.yml
@@ -1,4 +1,5 @@
 name: Virus Scan
+permissions: read-all
 
 on:
   workflow_dispatch:
diff --git a/.github/workflows/probot.yml b/.github/workflows/probot.yml
index 290af2a86a7..fc74b74134d 100644
--- a/.github/workflows/probot.yml
+++ b/.github/workflows/probot.yml
@@ -1,4 +1,5 @@
 name: Probot
+permissions: read-all
 
 on:
   pull_request:
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index ec06b4bada1..92649e06b13 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -1,4 +1,5 @@
 name: Publish
+permissions: read-all
 
 on:
   push: