[Engineering Task] Update GitHub Actions Workflows for GITHUB_TOKEN Permission Changes

[gladjohn]

Type of task? Builds

Description Validate all GitHub Actions workflows in all our Open Source GitHub repositories to accommodate the upcoming changes in GITHUB_TOKEN permissions, effective February 1, 2024.

Starting February 1, 2024, the default permission for the GITHUB_TOKEN in GitHub Actions workflows will change from Read/Write to Read-only. This change aims to enhance security by enforcing least privilege access and aligning with Digital Security & Resilience (DSR) requirements.

Impact: Workflows that require the GITHUB_TOKEN for write operations or for accessing repository secrets will break unless updated with an explicit permissions block.

Solution Identify all workflows in your repositories that utilize the GITHUB_TOKEN. Determine whether these workflows perform write operations or access repository secrets.

more info here : https://docs.opensource.microsoft.com/github/apps/permission-changes/