From 9bbe644c5ad485b737ac36f5b569e33a449c7dec Mon Sep 17 00:00:00 2001
From: Sean Rankine <sean.rankine@me.com>
Date: Thu, 8 Feb 2024 11:34:44 +0000
Subject: [PATCH] Pass contents read permission to build image workflow

This is required as the reusuable workflow no requires that permission to be
explicitly passed it. This is so the reusuable workflow can checkout the
repository if it private.
---
 .github/workflows/deploy.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 3e4352b3..8322900f 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -30,6 +30,7 @@ jobs:
       gitRef: ${{ inputs.gitRef || github.event.release.tag_name }}
     permissions:
       id-token: write
+      contents: read
   trigger-deploy:
     name: Trigger deploy to ${{ inputs.environment || 'integration' }}
     needs: build-and-publish-image