From b19b468e13be46874fba1e946cfb4b6a33481ecb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Desbiens?=
 <frederic.desbiens@eclipse-foundation.org>
Date: Thu, 17 Jul 2025 16:26:04 -0400
Subject: [PATCH] Added workflow permissions.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Frédéric Desbiens <frederic.desbiens@eclipse-foundation.org>
---
 .github/workflows/regression_test.yml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/.github/workflows/regression_test.yml b/.github/workflows/regression_test.yml
index 636f089c..c55a2c56 100644
--- a/.github/workflows/regression_test.yml
+++ b/.github/workflows/regression_test.yml
@@ -12,6 +12,13 @@ on:
 # A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
   tx:
+    permissions:
+      contents: read
+      issues: read
+      checks: write
+      pull-requests: write
+      pages: write
+      id-token: write
     uses: ./.github/workflows/regression_template.yml
     with:
       build_script: ./scripts/build_tx.sh
@@ -20,6 +27,13 @@ jobs:
       result_affix: ThreadX
       skip_deploy: true
   smp:
+    permissions:
+      contents: read
+      issues: read
+      checks: write
+      pull-requests: write
+      pages: write
+      id-token: write
     uses: ./.github/workflows/regression_template.yml
     with:
       build_script: ./scripts/build_smp.sh
@@ -28,6 +42,13 @@ jobs:
       result_affix: SMP
       skip_deploy: true
   deploy:
+    permissions:
+      contents: read
+      issues: read
+      checks: write
+      pull-requests: write
+      pages: write
+      id-token: write
     needs: [tx, smp]
     uses: ./.github/workflows/regression_template.yml
     with: