From ea80aa78ab8eedbeaccd2ea16e9d888ebc304338 Mon Sep 17 00:00:00 2001
From: sid palas <sid.palas@gmail.com>
Date: Tue, 11 Jun 2024 20:59:40 -0400
Subject: [PATCH] set permissions at workflow level

---
 .github/workflows/image-ci.yml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/image-ci.yml b/.github/workflows/image-ci.yml
index 514b87c..ea77c3a 100644
--- a/.github/workflows/image-ci.yml
+++ b/.github/workflows/image-ci.yml
@@ -7,6 +7,10 @@ on:
     tags:
       - "[0-9]*.[0-9]*.[0-9]*"
 
+permissions:
+  pull-requests: write
+  contents: write
+
 jobs:
   build-tag-push:
     runs-on: ubuntu-latest
@@ -70,9 +74,6 @@ jobs:
   update-tags:
     runs-on: ubuntu-latest
     needs: build-tag-push
-    permissions:
-      contents: write
-      pull-requests: write
 
     steps:
       - name: Checkout