From f7a66bf60651a18489cef9de2af0ee5a0031c1a1 Mon Sep 17 00:00:00 2001
From: Saptarshi Sarkar <saptarshi.programmer@gmail.com>
Date: Wed, 21 Feb 2024 00:35:03 +0530
Subject: [PATCH] fix(CI): Fixed permission problem in uploading Trivy security
 scan

---
 .github/workflows/docker-publish.yml | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 1400d4fde..747b7329d 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -25,8 +25,6 @@ env:
 jobs:
   build:
     runs-on: "ubuntu-latest"
-    permissions:
-      security-events: write
     strategy:
       matrix:
         filename: [ CLI/Dockerfile, GUI/Dockerfile ]
@@ -55,9 +53,7 @@ jobs:
     permissions:
       contents: read
       packages: write
-      # This is used to complete the identity challenge
-      # with sigstore/fulcio when running outside PRs.
-      id-token: write
+      security-events: write
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4