From d5c0dffa71980c070f1612ef28635ec2e199a264 Mon Sep 17 00:00:00 2001
From: Avgustin Marinov <Avgustin.Marinov@bosch.com>
Date: Thu, 9 Jan 2025 14:04:00 +0200
Subject: [PATCH] Fix Trivy 5 (#2183)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
---
 .github/workflows/trivy-scan.yml | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
index 4b2ba1977..48a074f8a 100644
--- a/.github/workflows/trivy-scan.yml
+++ b/.github/workflows/trivy-scan.yml
@@ -11,6 +11,12 @@ jobs:
   scan:
     runs-on: ubuntu-latest
 
+    permissions:
+      contents: read
+      packages: read
+      # seems needed for github/codeql-action/upload-sarif
+      actions: read
+
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -57,5 +63,3 @@ jobs:
         with:
           sarif_file: 'scans/eclipse-hawkbit/hawkbit'
           category: "Container Images"
-          # seems needed for github/codeql-action/upload-sarif
-          permissions: write