From aa97082ec94bc65f7de2a3793876f4d4c454af75 Mon Sep 17 00:00:00 2001
From: Vincent Biret <vibiret@microsoft.com>
Date: Mon, 22 Jan 2024 14:23:45 -0500
Subject: [PATCH]  - adds permissions to workflows

---
 .github/workflows/ci-cd.yml      | 3 +++
 .github/workflows/sonarcloud.yml | 5 +++++
 2 files changed, 8 insertions(+)

diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml
index 95f001e1f..bf1aa6a33 100644
--- a/.github/workflows/ci-cd.yml
+++ b/.github/workflows/ci-cd.yml
@@ -2,6 +2,9 @@ name: CI/CD Pipeline
 
 on: [push, pull_request, workflow_dispatch]
 
+permissions:
+  contents: write
+
 jobs:
   ci:
     name: Continuous Integration
diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
index 5f12a604b..021e0577b 100644
--- a/.github/workflows/sonarcloud.yml
+++ b/.github/workflows/sonarcloud.yml
@@ -9,6 +9,11 @@ on:
     types: [opened, synchronize, reopened]
     paths-ignore: ['.vscode/**']
 
+
+permissions:
+  contents: read
+  pull-requests: read
+
 env:
   SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}