From 3f2dbae9d7ef81ac4d4bd2162971bab2d2c34e64 Mon Sep 17 00:00:00 2001
From: samatrhea <s.gerene@rheagroup.com>
Date: Fri, 8 Dec 2023 15:32:40 +0100
Subject: [PATCH] [Update] trivy.yml

---
 .github/workflows/trivy.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index 8242a02c..a423c3ff 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -6,6 +6,11 @@ on:
 
 jobs:
   docker:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+
     runs-on: ubuntu-latest
     steps:
       - name: Checkout